Contributions to empirical analysis of keystroke dynamics in passwords

Montalvão, Jugurta; Freire, Eduardo Oliveira; Bezerra, Murilo A.; García, Rubén J.

doi:10.1016/j.patrec.2014.09.016

Cited by 24 publications

(18 citation statements)

References 18 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The poor performance of the name is closely related to the short length of this input. It is well known that the performance of keystroke dynamics is related to the amount of information [4] and the differences between performances of given and family names complies with this fact (70% of the users have two family names). Table 4 shows the superior performance of the ID number and email.…”

Section: Data Field Comparisonmentioning

confidence: 81%

“…This authentication approach try to improve the security of the access as well as its usability. The main advantages of keystroke recognition based on personal data are: i) the learning curve [4] is minimized because personal data is information that users are accustomed to type; ii) the usability is improved by eliminating the necessity of complex passwords which comply with the security policies but are difficult to memorize. On the other hand, the main disadvantages of this approach are: i) small amount of information available to recognize the users (short words) and ii) the learning curve of the impostors is also minimized when the information is based on common names or simple words instead of complex passwords.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Keystroke dynamics recognition based on personal data: A comparative experimental evaluation implementing reproducible research

Morales

Falanga

Fiérrez

et al. 2015

2015 IEEE 7th International Conference on Biometrics Theory, Applications and Systems (BTAS)

View full text Add to dashboard Cite

Esta es la versión de autor de la comunicación de congreso publicada en: This is an author produced version of a paper published in: IntroductionCyber security is a critical concern for governments, companies and end-users. The secure access has become a must in a global society connected by internet and Cyber Security is defined as the body of technologies, services and practices designed to protect computers, networks and data from damage, attack or unauthorized access [1]. Passwords-based authentication is one of the most popular secure access approaches. The security of these systems depends of the password strength and the security policies adopted.A typical security policy includes recommendations as: i) to avoid simple passwords; ii) to change passwords regularly; iii) to use different passwords for different accounts, systems and applications, and iv) to store passwords securely (try to memorize your passwords). The number of users who comply with these security policies is low as they decrease the usability of the systems. As an example, "=/z@l1N]" is a password generated by the automatic password generator of the BTAS2015 Conference Management Toolkit. The requests to reset passwords because they have been forgotten are common.In this context, keystroke dynamics authentication systems have attracted the interest of both researchers and industry [2][3]. Keystroke dynamics are proposed to improve the security of traditional authentication services based on passwords or PIN numbers. Biometric recognition is commonly related to "something that users are" instead of "something that users have" such as passwords. In the case of keystroke dynamics, the typical approaches based on fixed password authentication combine complex passwords and our keystroke dynamics biometrics. The password acts as a primary security level and the user access is not allowed until the correct password is inserted. The role of the biometric system is a secondary security level which try to detect intruders who are spoofing the identity of the legitimate user.Why not using the keystroke dynamics authentication as the primary and only security level? Is it possible a reliable recognition by replacing the way the people type complex passwords (something that they know) by the way they type their names (something that they are)?This work explores keystroke dynamics authentication based on personal data as opposed to complex passwords. The idea underlying this work is that while we can forget a complex password, we will never forget our family or given name. This authentication approach try to improve the security of the access as well as its usability. The main advantages of keystroke recognition based on personal data are: i) the learning curve [4] is minimized because personal data is information that users are accustomed to type; ii) the usability is improved by eliminating the necessity of complex passwords which comply with the security policies but are difficult to memorize. On the other hand, the main disadvantages of this appro...

show abstract

Section: Data Field Comparisonmentioning

confidence: 81%

Section: Introductionmentioning

confidence: 99%

Keystroke dynamics recognition based on personal data: A comparative experimental evaluation implementing reproducible research

Morales

Falanga

Fiérrez

et al. 2015

2015 IEEE 7th International Conference on Biometrics Theory, Applications and Systems (BTAS)

View full text Add to dashboard Cite

show abstract

“…Fingerprint dynamics can be simply described as 'a process of time recording events' [35], while users scan their fingers against the sensor [36]. Fingerprint dynamics, inspired by successful application of the keystroke dynamics for user authentication [4], represents behavioral characteristics of an individual. In keystroke dynamics, the time stamps representing the typing actions of a user are logged; along similar lines in fingerprint dynamics, the time information of multi-instance finger scan event performed in a sequence is recorded.…”

Section: Fingerprint Dynamicsmentioning

confidence: 99%

“…Note that in the proposed multi-biometric system as there are only two modalities, we have (4) and subsequently (Eq 3) becomes…”

Section: Multimodal Systemmentioning

confidence: 99%

See 1 more Smart Citation

A spoof resistant multibiometric system based on the physiological and behavioral characteristics of fingerprint

Bhardwaj

Londhe

Kopparapu³

2017

Pattern Recognition

View full text Add to dashboard Cite

Keystroke Mobile Authentication: Performance of Long-Term Approaches and Fusion with Behavioral Profiling

Acien

Morales

Vera-Rodríguez

et al. 2019

Pattern Recognition and Image Analysis

View full text Add to dashboard Cite

Contributions to empirical analysis of keystroke dynamics in passwords

Cited by 24 publications

References 18 publications

Keystroke dynamics recognition based on personal data: A comparative experimental evaluation implementing reproducible research

Keystroke dynamics recognition based on personal data: A comparative experimental evaluation implementing reproducible research

A spoof resistant multibiometric system based on the physiological and behavioral characteristics of fingerprint

Keystroke Mobile Authentication: Performance of Long-Term Approaches and Fusion with Behavioral Profiling

Contact Info

Product

Resources

About