Keystroke dynamics explained

Keystroke dynamics, keystroke biometrics, typing dynamics, or typing biometrics refer to the collection of biometric information generated by key-press-related events that occur when a user types on a keyboard.[1] Use of patterns in key operation to identify operators predates modern computing,[2] and has been proposed as an authentication alternative to passwords and PIN numbers.[3]

Science

The behavioral biometric of keystroke dynamics uses the manner and rhythm in which an individual types characters on a keyboard or keypad.[4] [5] [6] The user's keystroke rhythms are measured to develop a unique biometric template of the user's typing pattern for future authentication.[7] Keystrokes are separated into static and dynamic typing, which are used to help distinguish between authorized and unauthorized users.[8] Vibration information may be used to create a pattern for future use in both identification and authentication tasks.

History

During the late nineteenth century, telegram operators began to develop unique "signatures" that could be identified simply by their tapping rhythm.[9] As late as World War II, the military transmitted messages through Morse Code. Using a methodology called "The Fist of the Sender," military intelligence identified that an individual had a unique way of keying in a message's "dots" and "dashes", creating a rhythm that could help distinguish ally from enemy.[10] [11]

Keyboard dynamics received attention as a potential alternative to short PIN numbers, which were widely used for authentication early in the expansion of networked computing.[12]

Collection and potential use of keystroke dynamics data

The behavioral biometric of keystroke dynamics uses the manner and rhythm in which an individual types characters on a keyboard or keypad.[13] [14] [15] The user's keystroke rhythms are measured to develop a unique biometric template of the user's typing pattern for future authentication. Keystrokes are separated into static and dynamic typing, which are used to help distinguish between authorized and unauthorized users.[16] Vibration information may be used to create a pattern for future use in both identification and authentication tasks.

Keystroke dynamic information could be used to verify or determine the identity of the person producing the keystrokes.[17] The techniques used to do this vary widely in sophistication and range from statistical techniques to artificial intelligence (AI) approaches such as neural networks.

The time to seek and depress a key (seek-time) and the time the key is held down (hold-time) may be characteristic of an individual, regardless of the total speed at which they type. Most people take longer to find or get to specific letters on the keyboard than their average seek-time for all letters. Which letters require more time vary dramatically and consistently for different people. Right-handed people may be statistically faster in getting to keys they hit with their right-hand fingers than with their left-hand fingers. Index fingers may be faster than other fingers, consistent for a user, regardless of their overall speed.

In addition, sequences of letters may have characteristic properties for a user. In English, the use of "the" is very common, and those three letters may be known as a rapid-fire sequence. Common endings, such as "ing", may be entered far faster than the same letters in reverse order ("gni") to the degree that varies consistently by user. This consistency may hold and reveal common sequences of the user's native language even when they are writing entirely in a different language.

Common "errors" may also be quite characteristic of a user. There is a taxonomy of errors, such as the user's most common "substitutions", "reversals", "drop-outs", "double-strikes", "adjacent letter hits", "homonyms" and hold-length-errors (for a shift key held down too short or too long a time). Even without knowing what language the user is working in, these errors may be detected by looking at the rest of the text and what letters the user goes back and replaces.

Authentication versus identification

Keystroke dynamics is part of a larger class of biometrics known as behavioral biometrics, a field in which observed patterns are statistical in nature. Because of this inherent uncertainty, a commonly held belief is that behavioral biometrics are not as reliable as biometrics used for authentication based on physically observable characteristics such as fingerprints or retinal scans or DNA. Behavioral biometrics use a confidence measurement in replacement of the traditional pass/fail measurements. As such, the traditional benchmarks of False Acceptance Rate (FAR) and False Rejection Rates (FRR) no longer have linear relationships.

The benefit to keystroke dynamics (as well as other behavioral biometrics) is that FRR/FAR can be adjusted by changing the acceptance threshold at the individual level. This allows for explicitly defined individual risk mitigation that physical biometric technologies could not achieve.

One of the major problems that keystroke dynamics runs into is that a user's typing varies substantially during a day and between different days and may be affected by any number of external factors.

Because of these variations, any system will make false-positive and false-negative errors. Some successful commercial products have strategies to handle these issues and have proven effective in large-scale use in real-world settings and applications.

Legal and regulatory issues

Use of keylogging software may be in direct and explicit violation of local laws, such as the U.S. Patriot Act, under which such use may constitute wire-tapping.

Patents

Other uses

Because human beings generate keystroke timings, they are not well correlated with external processes. They are frequently used as a source of hardware-generated random numbers for computer systems.

Mental health symptoms such as depression and anxiety have also been correlated with keystroke timing features.[18]

See also

References

Other references

Further reading

Notes and References

  1. Robert Moskovitch, Clint Feher, Arik Messerman, Niklas Kirschnick, Tarik Mustafic, Ahmet Camtepe, Bernhard Löhlein, Ulrich Heister, Sebastian Möller, Lior Rokach, Yuval Elovici . Identity theft, computers and behavioral biometrics . Proceedings of the IEEE International Conference on Intelligence and Security Informatics. 2009. 155–160.
  2. Monrose, Fabian, and Aviel D. Rubin. Keystroke dynamics as a biometric for authentication. Future Generation Computer Systems.
  3. Monrose. F.. Rubin. A.. 1997. Authentication via keystroke dynamics. Proceedings of the 4th ACM conference on Computer and Communications Security. 48–56. 10.1145/266420.266434.
  4. Deng . Y. . Yu . Y. . 2013. Keystroke Dynamics User Authentication Based on Gaussian Mixture Model and Deep Belief Nets . ISRN Signal Processing . 2013 . 565183 . 10.1155/2013/565183 . free .
  5. Web site: User authentication through typing biometrics features . 2013-11-14 . https://web.archive.org/web/20140304233632/http://ai.pku.edu.cn/aiwebsite/research.files/collected%20papers%20-%20others/User%20authentication%20through%20typing%20biometrics%20features.pdf . 2014-03-04 . dead .
  6. Book: https://ieeexplore.ieee.org/document/491588 . 10.1049/cp:19950480 . Continuous authentication by analysis of keyboard typing characteristics . European Convention on Security and Detection . 1995 . Shepherd . S.J. . 111–114 . 0-85296-640-7 .
  7. Book: https://link.springer.com/chapter/10.1007%2F978-3-642-16295-4_13#page-1 . 10.1007/978-3-642-16295-4_13 . A Modified Algorithm for User Identification by His Typing on the Keyboard . Image Processing and Communications Challenges 2 . Advances in Intelligent and Soft Computing . 2010 . Panasiuk . Piotr . Saeed . Khalid . 84 . 113–120 . 978-3-642-16294-7 .
  8. Alzubaidi. Abdulaziz. Kalita. Jugal. 2016. Authentication of Smartphone Users Using Behavioral Biometrics. IEEE Communications Surveys & Tutorials. 18. 3. 1998–2026. 10.1109/comst.2016.2537748. 1553-877X. 1911.04104. 8443300.
  9. Monrose, Fabian, and Aviel D. Rubin. Keystroke dynamics as a biometric for authentication. Future Generation Computer Systems.
  10. News: Keystroke Dynamics. Biometrics. 2018-01-18. en-US.
  11. Book: Haring, Kristen. Ham Radio's Technical Culture. 2007. MIT Press. 978-0-262-08355-3. 23.
  12. Monrose. F.. Rubin. A.. 1997. Authentication via keystroke dynamics. Proceedings of the 4th ACM conference on Computer and Communications Security. 48–56. 10.1145/266420.266434.
  13. Deng . Y. . Yu . Y. . 2013. Keystroke Dynamics User Authentication Based on Gaussian Mixture Model and Deep Belief Nets . ISRN Signal Processing . 2013 . 565183 . 10.1155/2013/565183 . free .
  14. Web site: User authentication through typing biometrics features . 2013-11-14 . https://web.archive.org/web/20140304233632/http://ai.pku.edu.cn/aiwebsite/research.files/collected%20papers%20-%20others/User%20authentication%20through%20typing%20biometrics%20features.pdf . 2014-03-04 . dead .
  15. https://ieeexplore.ieee.org/xpl/articleDetails.jsp?reload=true&arnumber=491588 Continuous authentication by analysis of keyboard typing characteristics
  16. Alzubaidi. Abdulaziz. Kalita. Jugal. 2016. Authentication of Smartphone Users Using Behavioral Biometrics. IEEE Communications Surveys & Tutorials. 18. 3. 1998–2026. 10.1109/comst.2016.2537748. 1553-877X. 1911.04104. 8443300.
  17. Lu . Xiaofeng . Zhang . Shengfei . Hui . Pan . Lio . Pietro . 2020-09-01 . Continuous authentication by free-text keystroke based on CNN and RNN . Computers & Security . en . 96 . 101861 . 10.1016/j.cose.2020.101861 . 0167-4048. free .
  18. Braund . Taylor A. . O’Dea . Bridianne . Bal . Debopriyo . Maston . Kate . Larsen . Mark E. . Werner-Seidler. Aliza . Tillman . Gabriel . Christensen . Helen . 2023-05-15 . Associations Between Smartphone Keystroke Metadata and Mental Health Symptoms in Adolescents: Findings From the Future Proofing Study . JMIR Mental Health . EN . 10 . e44986 . 10.2196/44986. 37184904. 10227695 . free.