Keystroke dynamics based user authentication using Histogram Gradient Boosting

Ibrahim, Mina; AbdelRaouf, Hussien; Amin, Khalid; Semary, Noura A.

doi:10.21608/ijci.2022.155605.1081

Cited by 7 publications

(13 citation statements)

References 29 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Accordingly, we propose a scalable dynamic behavioral authentication model incorporating future trends in information systems, specifically, trends in or toward (1) devices, (2) dynamic encryption standards, (3) assessing the emotional state of the authenticator, (4) the ubiquitous access to and usage of devices, and the option to (5) incorporate emerging technologies and solutions for low cost and increased functionality. The result, validated based on these five constructs, is a cost-effective and non-intrusive MFA system method to augment users' authentication and ensure data security while efficiently handling their typing errors [19]. The use of keystrokes itself validates the model owing to its simplicity and its ability to integrate seamlessly with passwords.…”

Section: Introductionmentioning

confidence: 89%

“…Among the world's privacy and security laws, the European Union General Data Protection Regulation (GDPR), adopted in 2016 and enacted on May 25, 2018, is the strongest [16], and a crucial aspect of compliance with this regulation is adequate authentication and authorization [17]. Accordingly, biometrics generated through KD has become a viable option to authenticate users for both security and surveillance purposes [18] given the minimal implementation cost of KD and lack of a need for special hardware since the gathering of typing data www.ijacsa.thesai.org is reasonably straightforward, requiring no additional effort by the user [19].…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

A Secure and Scalable Behavioral Dynamics Authentication Model

Oladipo,

Awotunde,

Nicho

et al. 2023

IJACSA

View full text Add to dashboard Cite

Various authentication methods have been proposed to mitigate data breaches. However, the increasing frequency of data breaches and users' lack of awareness have exposed traditional methods, including single-factor passwordbased systems and, two-factor authentication systems, to vulnerabilities against attacks. While behavioral authentication holds promise in tackling these issues, it faces challenges concerning interoperability between operating systems, the security of behavioral data, accuracy enhancement, scalability, and cost. This research presents a scalable dynamic behavioral authentication model utilizing keystroke typing patterns. The model is constructed around five key components: humancomputer interface devices, encryption of behavioral data, consideration of the authenticator's emotional state, incorporation of cross-platform features, and proposed implementation solutions. It addresses potential typing errors and employs data encryption for behavioral data, achieving a harmonious blend of usability and security by leveraging keyboard dynamics. This is accomplished through the implementation of a web-based authentication system that integrates Convolutional Neural Networks (CNNs) for advanced feature engineering. Keystroke typing patterns were gathered from participants and subsequently employed to evaluate the system's keystroke timing verification, login ID verification, and error handling capabilities. The web-based system uniquely identifies users by merging their username-password (UN-PW) credentials with their keyboard typing patterns, all while securely storing the keystroke data. Given the achievement of a 100% accuracy rate, the proposed Behavioral Dynamics Authentication Model (BDA) introduces future researchers to five scalable constructs. These constructs offer an optimal combination, tailored to the device and context, for maximizing effectiveness. This achievement underscores its potential applications in the realm of authentication.

show abstract

Section: Introductionmentioning

confidence: 89%

Section: Introductionmentioning

confidence: 99%

A Secure and Scalable Behavioral Dynamics Authentication Model

Oladipo,

Awotunde,

Nicho

et al. 2023

IJACSA

View full text Add to dashboard Cite

show abstract

“…In [ 11 ], the main classifier used in the training and testing phase was Histogram Gradient Boosting (HGB), which relies on histograms to group continuous data into a fixed number of bins. By reducing the number of unique values for each feature to a smaller, more manageable set, this technique allows for faster and more efficient implementation of decision trees.…”

Section: Related Workmentioning

confidence: 99%

“… Comparison of accuracy with the related literature (from left to right: [ 17 ], [ 19 ], [ 21 ], [ 25 ], [ 26 ], [ 22 ], [ 20 ], [ 12 ], [ 11 ], [ 23 ]). …”

Section: Figurementioning

confidence: 99%

Efficient Convolutional Neural Network-Based Keystroke Dynamics for Boosting User Authentication

AbdelRaouf

Chelloug

Muthanna

et al. 2023

Sensors

Self Cite

View full text Add to dashboard Cite

The safeguarding of online services and prevention of unauthorized access by hackers rely heavily on user authentication, which is considered a crucial aspect of security. Currently, multi-factor authentication is used by enterprises to enhance security by integrating multiple verification methods rather than relying on a single method of authentication, which is considered less secure. Keystroke dynamics is a behavioral characteristic used to evaluate an individual’s typing patterns to verify their legitimacy. This technique is preferred because the acquisition of such data is a simple process that does not require any additional user effort or equipment during the authentication process. This study proposes an optimized convolutional neural network that is designed to extract improved features by utilizing data synthesization and quantile transformation to maximize results. Additionally, an ensemble learning technique is used as the main algorithm for the training and testing phases. A publicly available benchmark dataset from Carnegie Mellon University (CMU) was utilized to evaluate the proposed method, achieving an average accuracy of 99.95%, an average equal error rate (EER) of 0.65%, and an average area under the curve (AUC) of 99.99%, surpassing recent advancements made on the CMU dataset.

show abstract

“…Moreover, keystroke dynamics can be classified into two distinct types: fixed-text and free-text. The key difference between these two methods is the dataset that is used to authenticate a user [39,40]. Fixed-text authentication is mostly used as a second-factor or multi-factor authentication.…”

Section: Keystroke Dynamics and Its Circumventionmentioning

confidence: 99%

A Deep-Learning-Based Approach to Keystroke-Injection Payload Generation

Gurčinas,

Dautartas,

Janulevičius

et al. 2023

Electronics

View full text Add to dashboard Cite

Investigation and detection of cybercrimes has been in the spotlight of cybersecurity research for as long as the topic has existed. Modern methods are required to keep up with the pace of the technology and toolset used to facilitate these crimes. Keystroke-injection attacks have been an issue due to the limitations of hardware and software up until recently. This paper presents comprehensive research on keystroke-injection payload generation that proposes the use of deep learning to bypass the security of keystroke-based authentication systems focusing on both fixed-text and free-text scenarios. In addition, it specifies the potential risks associated with keystroke-injection attacks. To ensure the legitimacy of the investigation, a model is proposed and implemented within this context. The results of the implemented implant model inside the keyboard indicate that deep learning can significantly improve the accuracy of keystroke dynamics recognition as well as help to generate effective payload from a locally collected dataset. The results demonstrate favorable accuracy rates, with reported performance of 93–96% for fixed-text scenarios and 75–92% for free-text. Accuracy across different text scenarios was achieved using a small dataset collected with the proposed implant model. This dataset enabled the generation of synthetic keystrokes directly within a low-computation-power device. This approach offers efficient and almost real-time keystroke replication. The results obtained show that the proposed model is sufficient not only to bypass the fixed-text keystroke dynamics system, but also to remotely control the victim’s device at the appropriate time. However, such a method poses high security risks when deploying adaptive keystroke injection with impersonated payload in real-world scenarios.

show abstract

Keystroke dynamics based user authentication using Histogram Gradient Boosting

Cited by 7 publications

References 29 publications

A Secure and Scalable Behavioral Dynamics Authentication Model

A Secure and Scalable Behavioral Dynamics Authentication Model

Efficient Convolutional Neural Network-Based Keystroke Dynamics for Boosting User Authentication

A Deep-Learning-Based Approach to Keystroke-Injection Payload Generation

Contact Info

Product

Resources

About