Iterative Keystroke Continuous Authentication: A Time Series Based Approach

Alshehri, Abdullah; Coenen, Frans; Bollegala, Danushka

doi:10.1007/s13218-018-0526-z

Cited by 16 publications

(14 citation statements)

References 25 publications

(8 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…However, other features easier to collect, are more difficult to evaluate. The most used algorithm for processing time-based metrics is SVM [3], as these kinds of metrics often fit well in regression models. For approaches related to tracking the user's behavior (i.e.…”

Section: Discussionmentioning

confidence: 99%

JBCA: Designing an Adaptative Continuous Authentication Architecture

Junquera-Sánchez¹,

Cilleruelo²,

de‐Marcos³

et al. 2020

Advances in Intelligent Systems and Computing

View full text Add to dashboard Cite

Several continuous authentication methods provide very accurate ways of detecting the impersonation of a user. However, even though they should be access control chain's links, they are commonly documented as algorithms unrelated to any system. In this paper, we propose a continuous authentication architecture to integrate several kinds of continuous authentication engines in a complete framework. The architecture covers different use cases where continuous authentication methods, placed in the user's device or in the cloud, collaborate to determine if the user's identity has changed. We use ensemble learning principles to combine the values generated by each CA model, and compute the trust level adaptively, addressing common errors caused by changes in the environments of continuous authentication systems.

show abstract

Section: Discussionmentioning

confidence: 99%

JBCA: Designing an Adaptative Continuous Authentication Architecture

Junquera-Sánchez¹,

Cilleruelo²,

de‐Marcos³

et al. 2020

Advances in Intelligent Systems and Computing

View full text Add to dashboard Cite

show abstract

“…In this work, we refer to this time as hold time. Hold time has been used in Janakiraman and Sim (2007); Sim and Janakiraman (2007); Monrose and Rubin (1997); Stewart et al (2011);Ferreira and Santos (2012); Bours (2012); Monaco et al (2013); Deutschmann et al (2013); Ahmed and Traore (2013); Çeker and Upadhyaya (2016); Mondal and Bours (2017); Alshehri et al (2017); Alshehri et al (2018); Xiaofeng et al (2019). Latency time is the time from the previous key released to the current key pressed, which has been used in Monrose and Rubin (1997); Stewart et al (2011);Rahman et al (2011); Ferreira and Santos (2012); Bours (2012); Monaco et al (2013); Ahmed and Traore (2013); Mondal and Bours (2017); Xiaofeng et al (2019).…”

Section: Featuresmentioning

confidence: 99%

“…Free text keystroke dynamics is proper for continuous user authentication because it is non-invasive, relatively cheap to realize, no additional hardware requirement, and available after the login stage (Dowland and Furnell 2004). Considerable progress has been made in free text Keystroke-based Continuous user Authentication (KCA) (Monrose and Rubin 1997;Dowland and Furnell 2004;Gunetti and Picardi 2005;Janakiraman and Sim 2007;Sim and Janakiraman 2007;Montalvão Filho and Freire 2006;Davoudi and Kabir 2009;Harun et al 2010;Stewart et al 2011;Al Solami et al 2011;Messerman et al 2011;Rahman et al 2011;Ferreira and Santos 2012;Bours 2012;Monaco et al 2013;Deutschmann et al 2013;Ahmed and Traore 2013;Kang and Cho 2015;Çeker and Upadhyaya 2016;Mondal and Bours 2017;Huang et al 2017;Ayotte et al 2019;Alshehri et al 2017;2018;Xiaofeng et al 2019). The process of a KCA algorithm is usually to collect a user's keystrokes and time stamps, extract features, and use statistical or machine learning methods to determine whether the current user is legitimate.…”

Section: Introductionmentioning

confidence: 99%

“…The process of a KCA algorithm is usually to collect a user's keystrokes and time stamps, extract features, and use statistical or machine learning methods to determine whether the current user is legitimate. Notable performances have been achieved with long (Gunetti and Picardi 2005;Çeker and Upadhyaya 2016) or short text (Alshehri et al 2017;2018;Xiaofeng et al 2019) collected by doing tasks (i.e., answering questions or transcriptions) and long data (Huang et al 2017;Ayotte et al 2019) collected in uncontrolled settings.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

TKCA: a timely keystroke-based continuous user authentication with short keystroke sequence in uncontrolled settings

Yang

You

et al. 2021

Cybersecur

View full text Add to dashboard Cite

Keystroke-based behavioral biometrics have been proven effective for continuous user authentication. Current state-of-the-art algorithms have achieved outstanding results in long text or short text collected by doing some tasks. It remains a considerable challenge to authenticate users continuously and accurately with short keystroke inputs collected in uncontrolled settings. In this work, we propose a Timely Keystroke-based method for Continuous user Authentication, named TKCA. It integrates the key name and two kinds of timing features through an embedding mechanism. And it captures the relationship between context keystrokes by the Bidirectional Long Short-Term Memory (Bi-LSTM) network. We conduct a series of experiments to validate it on a public dataset - the Clarkson II dataset collected in a completely uncontrolled and natural setting. Experiment results show that the proposed TKCA achieves state-of-the-art performance with 8.28% of EER when using only 30 keystrokes and 2.78% of EER when using 190 keystrokes.

show abstract

“…An approach based on time series have been proposed for iterative continuous authentication [4]. The idea is to use sequences of keystroke dynamics in the form of time series and to monitor such time series, as a continuous data stream, by periodically extracting sub-sequences from these time series and authenticating the sub-sequences.…”

Section: Related Work On Security Techniques Based On Behavioural Bimentioning

confidence: 99%

HOrBAC Optimization Based on Suspicious Behavior Detection Using Information Theory

Quimatio

FIDELE

2021

SN COMPUT. SCI.

View full text Add to dashboard Cite

Several access control models have been developed: discretionary, mandatory, role-based, organisation-based or the recent hierarchical organisation-based. The hierarchical organisation-based model is best suited to counter internal attacks and fraud because it integrates a digital parafer that performs proactive hierarchical control of all activities carried out by the organisation's employees in the system, including those of the super-user. However, because this control is based solely on the type of requests issued by internal employees, this model is vulnerable to Denial of Service attacks in a Big Data environment. The purpose of this article is to optimise the number of requests awaiting hierarchical treatment in the hierarchical organisation-based access control model while maintaining a maximum level of security. For this purpose, we have proposed an additional layer of control of the digital parafer based on suspicious behaviour detection from the entropy measurement. Finally, we carried out a mathematical and experimental comparisons between the two approaches in terms of number of requests awaiting treatment in the system and obtained a satisfactory result.

show abstract

Iterative Keystroke Continuous Authentication: A Time Series Based Approach

Cited by 16 publications

References 25 publications

JBCA: Designing an Adaptative Continuous Authentication Architecture

JBCA: Designing an Adaptative Continuous Authentication Architecture

TKCA: a timely keystroke-based continuous user authentication with short keystroke sequence in uncontrolled settings

HOrBAC Optimization Based on Suspicious Behavior Detection Using Information Theory

Contact Info

Product

Resources

About