Enhanced usability, resilience, and accuracy in mobile keystroke dynamic biometric authentication

(1)

by

Faisal Alshanketi

B.Sc. of Computer Science, King Abdul Aziz University, Saudi Arabia, 2005 M.Sc. of Computer Engineering, Concordia University, Canada, 2013

A Dissertation Submitted in Partial Fulfillment of the Requirements for the Degree of

DOCTOR OF PHILOSOPHY

in the Department of Electrical and Computer Engineering

c

Faisal Alshanketi, 2018 University of Victoria

(2)

Enhanced Usability, Resilience, and Accuracy in Mobile Keystroke Dynamic Biometric Authentication

by

Faisal Alshanketi

B.Sc. of Computer Science, King Abdul Aziz University, Saudi Arabia, 2005 M.Sc. of Computer Engineering, Concordia University, Canada, 2013

Supervisory Committee

Prof. Issa Traore, Supervisor

(Department of Electrical and Computer Engineering, University of Victoria)

Prof. Fayez Gebali, Departmental Member

Prof. Alex Thomo, Outside Member

(Department of Compute Science, University of Victoria)

Dr. Ahmed Awad, Outside Member

(Department of School of Science, Technology, Engineering & Mathematics Univer-sity of Washington Bothell, Washington, USA)

(3)

Supervisory Committee

Prof. Issa Traore, Supervisor

Prof. Fayez Gebali, Departmental Member

Prof. Alex Thomo, Outside Member

(Department of Compute Science, University of Victoria)

Dr. Ahmed Awad, Outside Member

(Department of School of Science, Technology, Engineering & Mathematics Univer-sity of Washington Bothell, Washington, USA)

ABSTRACT

With the progress achieved to this date in mobile computing technologies, mobile devices are increasingly being used to store sensitive data and perform security-critical transactions and services. However, the protection available on these devices is still lagging behind. The primary and often only protection mechanism in these devices is authentication using a password or a Personal Identification Number (PIN). Pass-words are notoriously known to be a weak authentication mechanism, no matter how complex the underlying format is. Mobile authentication can be strengthened by extracting and analyzing keystroke dynamic biometric from supplied passwords. In this thesis, I identified gaps in the literature, and investigated new models and mech-anisms to improve accuracy, usability and resilience against statistical forgeries for mobile keystroke dynamic biometric authentication. Accuracy is investigated through cost sensitive learning and sampling, and by comparing the strength of different clas-sifiers. Usability is improved by introducing a new approach for typo handling in

(4)

the authentication model. Resilience against statistical attacks is achieved by intro-ducing a new multimodal approach combining fixed and variable keystroke dynamic biometric passwords, in which two different fusion models are studied. Experimental evaluation using several datasets, some publicly available and others collected locally, yielded encouraging performance results in terms of accuracy, usability, and resistance against statistical attacks.

(5)

List of Tables

Table 4.1 An illustration of a correct password . . . 31 Table 4.2 Performance obtained for dataset 1 without under sampling the

negative class (all samples = 985) and varying the weight (P). . 39 Table 4.3 Performance obtained by under sampling the negative class and

varying the maximum count of the negative sample for dataset 1. 39 Table 4.4 Performance results obtained by applying Random Forest for

dataset 2. . . 43 Table 4.5 Comparison of Existing Research Works with our Work . . . 44 Table 4.6 Performance obtained by comparing different algorithms, when

using the weight (P) for dataset 1. . . 45 Table 4.7 Performance obtained by comparing different algorithms, when

using the weight (P) for dataset 2. . . 45 Table 4.8 Performance obtained by handling typo vs. no typo removal,

when varying the weight (P) for dataset 3. . . 47 Table 4.9 Performance obtained by comparing different algorithms, when

using the weight (P) for dataset 3. . . 49 Table 4.11SVM Performance obtained by increasing the number of samples

using dataset 2. . . 51 Table 4.10Random Forest Performance obtained by increasing the number

of samples using dataset 2. . . 51 Table 4.12Decision Trees Performance obtained by increasing the number

of samples using dataset 2. . . 52 Table 4.13Naive Bayes Performance obtained by increasing the number of

samples using dataset 2. . . 52 Table 5.1 Performance obtained for only fixed password without under

sam-pling the negative class (all samples) and by varying the weight (P). . . 64

(9)

Table 5.2 Performance obtained for the OTP without under sampling the negative class (all samples) and varying the weight (P). . . 66 Table 5.3 Performance obtained for combined features set of both

modali-ties (fixed and OTP password) without under sampling the neg-ative class (all samples) and by varying the weight (P). . . 66 Table 5.4 Performance obtained by comparing different algorithms, when

using the weight (P) for combined features set of both types of data (fixed and OTP password). . . 68 Table 5.5 Performance obtained by setting different threshold for 30 users

for the OTP only model using curve fitting. These results are based on the best two features combination (dwell time and finger pressure). . . 71

(10)

List of Figures

Figure 2.1 Types of Biometric Technologies with some examples. . . 8 Figure 2.2 Types of Keystroke Dynamic. . . 10 Figure 2.3 Time Information of Keystroke Dynamic Behavioural Biometrics. 12 Figure 2.4 Relationship Between FRR and FAR. . . 13 Figure 2.5 Generic Architecture of Biometrics Systems. . . 15 Figure 4.1 An illustration of Time Information of Keystroke Dynamics . . 26 Figure 4.2 An illustration of a mistyped password. . . 29 Figure 4.3 Typo handling on QWERTY Keyboard Layout of Mobile Phone.

The user incorrectly typed key v instead of b, and did a correction by pressing the delete key, and then the correct key (i.e. b). . . 30 Figure 4.4 Switch and Stay. . . 33 Figure 4.5 Switch and StayAdaptive Model. . . 34 Figure 4.6 ROC curve without under sampling the negative class and by

varying the weight (P) for dataset 1. . . 38 Figure 4.7 ROC curve when under sampling the negative class and making

the weight (P) constant for dataset 1. . . 40 Figure 4.8 ROC curve using just Dwell Time (DT) and Flight Time (FT)

and varying the weight (P) for dataset 2. . . 41 Figure 4.9 ROC curve using just pressure and finger size and varying the

weight (P) for dataset 2. . . 42 Figure 4.10ROC curve using FT, DT, pressure and finger size and varying

the weight (P) for dataset 2. . . 43 Figure 4.11ROC curves when handling typo vs. no typo handling and

vary-ing the weight (P) for dataset 3. . . 46 Figure 4.12ROC curves when no typo is allowed and varying the weight (P)

(11)

Figure 4.13EER obtained for the different when increasing the number of samples. . . 53 Figure 5.1 QWERTY Keyboard Layout of Mobile Phone. . . 57 Figure 5.2 Example: Five movements. Point A on the curve is calculated

based on movements 1 and 2, Direction=R, Distance =2. Point B on the curve is calculated based on movements 4 and 5, Direc-tion=L, Distance =2. Point C on the curve is calculated based on movement 3, Direction=R, Distance =1. Fly time = the av-erage of the two fly times. Missing points are estimated using a curve fitting algorithm. . . 58 Figure 5.3 Feature-level fusion model . . . 60 Figure 5.4 Matching decision fusion model . . . 61 Figure 5.5 ROC curve without under sampling the negative class and by

varying the weight (P) for only fixed password. . . 65 Figure 5.6 ROC curve without under sampling the negative class and by

varying the weight (P) for the OTP. . . 67 Figure 5.7 ROC curve without under sampling the negative class and by

varying the weight (P) for both types of data (fixed and OTP password). . . 69 Figure A.1 Dataset 4 (Fixed password for user1), (continued). . . 87 Figure A.2 Dataset 4 (Fixed password for user1). . . 88 Figure A.3 Ethics certificate issued by the University of Victoria ethics

(12)

ACKNOWLEDGEMENTS All Praise to Allah, Lord of the Worlds

No word can express my indescribable indebtedness and appreciation to my su-pervisors Prof. Dr.Issa Traore and for his valuable and continuous support, guidance, help, and encouragement. He provided me with the immense knowledge, motivation, and enthusiasm to accomplish the presented work of this thesis. His supervision and assistance helped me a lot in writing and bringing out the final image of this thesis. My deep gratitude and thankfulness to my examiners committee; I really appreciate their perceptive comments and enduring encouragement. In addition to my supervi-sors, many thanks to the personnel of the ECE department at University of Victoria. They directed me both sincerely and hospitably to fulfill the thesiss requirements. I would like also to acknowledge the support and help of my colleagues and friends. Es-pecially, Dr. Awos Kanan, Dr. Ahmed Awad and Muhammad Hanif for their sincere support during my Ph.D. journey. I am very grateful for their stimulating discussions that helped me to finalize this work. I extend my sincere thanks to all those who par-ticipated as a volunteer in the data experiment, thank you. To my classmates Sherif Saad, Bassam Sayed, Abdulaziz Aldribi, Samer Moien ,Mohammed Albulayli, Asem Galeb, Mohammed Seif, Ahmed Fouad and Ali Alzahrani, thank you for the coop-erative and friendly environment that undoubtedly played an important rule during all my PhD program. Finally, the deep gratitude and sincere thanks must go to my dear parents and brothers for supporting me both morally and spiritually. Most of all are for my beloved, supportive, and encouraging wife. Her highly commendable stimulation, patience, and faithful encouragement are the motive of my success.

This reasearch is supported by the Jazan University and the Ministry of Educa-tion of the Kingdom of Saudi Arabia.

(13)

DEDICATION

I dedicate this work to my mother (in memory) that always encouraged me to study. Also, I dedicate this work to my wife and my lovely children for their support.

(14)

List of Abbreviations

ACO Ant Colony Optimization ACP Ant Colony Propagation BFOA Bacteria Foraging Algorithm BPNN Back Propagation Neural Network DNN Deep Neural Network

EER Equal Error Rate FAR False Acceptance Rate FRR False Rejection Rate RF Random Forest

FLD Fishers linear discriminant GA Genetic Algorithm

KD keystroke dynamic OTP One-Time Password PP press-to-press

PCA Principal Component Analysis PSO Particle Swarm Optimization PIN Personal Identification Number PIN Personal Identification Number ROC Receiver Operating Characteristic RP release-to-press

RR release-to-release RBF Radial Basis function

(15)

SVM Support Victor Machine SMD scaled Manhattan distance

(16)

Introduction

1.1 Context

Computers and the Internet are playing a vital role in our life these days. It is undeniable that they are the cornerstone of our life nowadays, with which we can manage our work, communications, and individual affairs. Mostly everything around us is done by computers and the Internet. The dependence on information systems and worldwide electronic connectivity via the Internet like e-mails and web browsers is increasing exponentially as well.

Data and information security have raised up as an essential goal to satisfy the con-venient use of the different information systems. The reason behind this is that those systems are susceptible to many kinds of threats and attacks like electronic eaves-dropping, data disclosure, system tampering, data forgery, or electronic fraud. These threats necessitate the use of reliable information security mechanisms to guarantee those systems immunity against attacks. The Open System Interconnection (OSI) security architecture was proposed to address and characterize the main concepts of data and information security requirements and in which place the security techniques could be implemented. It characterizes the data and information security aspects into three main topics: security attacks, security services, and security mechanisms [39]. The security attacks are classified into Active attacks and Passive attacks. The pur-pose of passive attacks is just to know, analyze, and exploit the communicated data contents, and they do not affect the data themselves or the system resources. The passive attacks can be divided into release of message contents attack and traffic analysis attack. The active attacks are adopted to affect the system resources or the

(17)

transferred data themselves. The active attacks are separated into Masquerade at-tacks, Replay atat-tacks, Modification of messages attack, and Denial of Service attack. On one hand, the passive attacks are hard to detect but it could be prevented. On the other hand, the active attacks are easy to detect and hard to prevent [49].

Security services are the required enhancement for a system to overcome the previ-ously stated security attacks and to assure the system robustness against them. The OSI security structure enumerates the needed security services into six categories as Data Confidentiality, Data Integrity, Authentication, Access Control, Availabil-ity, and Non-Repudiation [39]. Security mechanisms are the embodied approaches to implement the enumerated security services by the OSI security architecture.

In this dissertation, we consider the Authentication mechanisms. Authentication mechanisms represent the lock to modern computer networks with password-based authentication being the most widely used mechanisms. However, several high-profile hacking incidents which occurred recently have reminded us that initial authentica-tion at login time can be circumvented no matter how strong the authenticaauthentica-tion mechanism is. An authenticated session can be hijacked later after a successful login has been completed. In the last decade, biometric authentication has emerged as a possible remedy against session hijacking and masquerade attacks. Ideally, biometric authentication should be carried out unobtrusively, which means that the authen-tication information must be collectible without any active involvement of the user and without using any special purpose hardware devices (e.g. biometric readers). Emerging behavioural or cognitive factors such as mouse dynamics, and keystroke dynamic (KD) are good candidates for unobtrusive user authentication because data can be collected passively using standard computing devices (e.g. mouse and key-board) without any additional action from the user. However, one of the main issues with these technologies is that their accuracy tends to degrade significantly as the amount of data involved in the authentication decreases. However, shorter enrollment time frame (i.e. smaller data sample) is essential to reduce the window of vulnera-bility of the system. Therefore, there is a need for the above modalities to develop new analytical models that will achieve high accuracy while maintaining acceptable enrollment time frame.

The roots of keystroke biometrics go back to the World War II, where military intelligence used a methodology called ”The Fist of the Sender” to distinguish be-tween a Morse Code message sent by ally or enemy operators [44]. Today, keystroke dynamics is a well known behavioural biometric technology that has several benefits

(18)

over other biometric technologies. For instance, keystroke dynamics biometric can be used in both static and continuous authentication, it is a resettable biometric tech-nology, it operates in indoor and outdoor environments, it does not require special hardware sensor, and it can be used unobtrusively.

1.2 Research Problem

1.2.1 Usability and Accuracy Challenges in Mobile Keystroke

Dynamic Authentication

Over the last two decades much work has been done on using keystroke dynamics data collected from conventional computer keyboard for user authentication [19, 30, 31, 34, 38, 40, 58]. Recently, several proposals have been published on applying keystroke dynamic biometric for mobile authentication [4,24,30,42,45,54]. Most of the proposals use the standard keystroke features, namely, dwell time (the time between pressing and releasing a single key) and the flight time (the time between two consecutive key presses). Some of the challenges encountered in this process are related to the differences in environments and platforms.

As a consequence, the accuracies achieved with conventional keystroke authentica-tion have not always been translated in the mobile keystroke authenticaauthentica-tion proposals published so far. The error rates obtained for mobile devices remain on average rela-tively high.

Another key limitation of the previous work on using keystroke dynamics for mobile authentication is related to typo handling or the lack thereof. For example, if the user by mistake typed a wrong character the entire trail or login attempt would be rejected during biometric authentication. While this might be acceptable in implementing keystroke biometric authentication in desktop environment, it creates a major usability issue in mobile platform, where users can easily hit the wrong key on a regular basis. Not giving users the ability to correct typos and asking them to retype their credentials (e.g. user name and password) discourage from using strong password formats (e.g. mix of characters, digits, upper-cases, lower-cases, and special characters).

Further challenge is due to the fact that mobile keystroke dynamic biometric authentication requires several biometric samples for enrolment. In some application context or scenario where the user scarcely uses the application it could take quite

(19)

a while to get enough samples for enrolment. This creates a window of vulnerability where the user cannot be authenticated using the keystroke dynamic biometric.

The alternative is trying to authenticate a single user while relying, at least ini-tially, on a reduced number of collected samples. Relying on a reduced enrollment sample size allows shortening the window of vulnerability associated with the enroll-ment phase. While such approach is appealing, it raises the issue of profile maturity and thereby the confidence in the authentication decision based on an immature pro-file.

1.2.2 Statistical Forgery Attacks Against Mobile Keystroke

Dynamic Authentication Schemes

Despite their increasing popularity, recent works have shown that keystroke dynamic biometric passwords are vulnerable to statistical attacks [36, 46]. Under certain as-sumptions, it is possible to craft automated attacks that can crack KD biometric password with relatively high level of success probability. We believe that the effec-tiveness of these attacks is rooted in the static nature of the existing KD biometric passwords, which by design have repeated occurrences in their character make-up and dynamics, and as result they convey statistically significant information that can be harvested and leveraged by the attacker to launch a statistical attack.

1.3 Approach

To address the accuracy and usability challenges outlined above, in this thesis we study different feature sets and the impact of class imbalance on the accuracy of the authentication process. By analyzing different classifiers, we show that improved authentication accuracy can be achieved by tuning adequately a random forest clas-sifier. We also establish that usability can be improved through transparent handling of typing errors with negligible impact on accuracy.

We also propose a preliminary solution for the issue of profile maturity outlined above. We introduce an adaptive approach to derive initially the user profile online and passively with a minimum number of samples, and then progressively update the profile as more samples become available. The approach uses ensemble classification methods and the equal error rate as profile maturity metric.

(20)

the aforementioned and others, is to use variable passwords or One-Time Password (OTP). The variability of OTPs increases the level of uncertainty for the attacker, and makes statistical attacks and other attacks, such as replay attack, much harder. However, developing a recognition model for KD biometric OTP is challenging: due to its variable nature, the amount of recurring information is limited, sparse, or missing, which makes the construction of effective classification models for recognition very difficult.

To address the aforementioned challenge, we investigate a multimodal biomet-ric scheme by combining fixed keystroke dynamic password with variable keystroke dynamic password. We explore two different fusion models, one using feature level fusion, and the other using matching decision fusion. To account for missing features related to the OTP, we introduce a feature estimation model based on polynomial curve fitting.

Experimental evaluation of the proposed models over different datasets, some available publicly and others collected locally, yields very promising results in terms of accuracy, usability, and resistance against statistical attacks.

1.4 Thesis Contributions

In this thesis, we make the following key contributions:

1. We improve the accuracy of mobile keystroke dynamic authentication through enhanced data analysis and random forest classification.

2. We propose a new typo handling technique that helps enhance the usability of mobile keystroke dynamic authentication.

3. We define a new profile maturity model, and present preliminary results. 4. We introduce, for the first time to our knowledge, a multimodal KD biometric

password model that integrates fixed and variable password.

5. We introduce a new missing feature prediction model based on curve fitting for OTP KD biometric recognition.

6. We introduce a dataset of reasonable size that will be available for the research community to explore opportunities in the field of KD biometric OTP, and multimodal schemes combining fixed password KD and OTP KD.

(21)

Contributions 1 and 2 have been published in the paper entitled ”Improving Per-formance and Usability in Mobile Keystroke Dynamic Biometric Authentication ” in the 37th IEEE Symposium on Security and Privacy (IEEE S&P 2016) Workshop, hold in SAN JOSE, CA, USA [5].

Contribution 3 has been submitted to the International Conference on Intelligent, Secure and Dependable Systems in Distributed and Cloud Environments (ISDDC 2018) to be held Nov. 28-30, 2018, Vancouver, B.C, Canada. It is currently under review.

Contributions 4-6 have been submitted as a journal paper to Wiley, Security and Privacy. It is currently under review.

1.5 Thesis Outline

The rest of the thesis is structured as follows:

Chapter 2 gives an overview of the literature underlying this research. It provides a quick introduction to biometric authentication and presents the generic ar-chitecture of a biometric system. Also, this chapter provides an outline of the performance calculation method used in this research.

Chapter 3 summarizes and discusses related work on keystroke dynamics for mobile authentication.

Chapter 4 describes our research methodologies and introduces our proposed ap-proach for keystroke dynamics authentication based on fixed password. We also present new approaches for handling typing errors and tracking profile ma-turity.

Chapter 5 presents a multimodal framework to strengthen the resistance of mobile keystroke dynamic biometric to statistical forgeries. The framework combines fixed and variable passwords using two different biometric fusion models. Chapter 6 concludes the thesis by discussing the contributions of the research and

(22)

Chapter 2 Background On Biometric

Authentication

In this chapter, we provide background information on biometric authentication in general and keystroke biometric authentication, in particular.

2.1 Biometric Authentication

The most common authentication method based on knowledge is password authen-tication. Passwords are well known and widely used by most people to login into systems. However, passwords can be broken through dictionary or social engineering attacks. In addition, as is human nature, people prefer using a single password for multiple systems or saving passwords in a cache memory to re-use it again. In this case, if the system is vulnerable the attackers will break it easily and re-use the saved password. It is now common practice to reinforce passwords by requiring users to an-swer a set of security questions based on provided data such as mother’s name, date of birth, or favorite team. During the login session, the user would answer a random question correctly to gain access to the system. This method is easy to implement and inexpensive, but it has several inherent flaws.

OTP is another mechanism used to reinforce the authentication process, which relies on an external device such as a token, a smart card, or a mobile phone [21]. OTP prevents an attacker from re-authenticating himself after capturing the password because the system is designed to use a unique password for each session. The main issue with OTP is the possibility for the token to be lost or stolen.

(23)

Figure 2.1: Types of Biometric Technologies with some examples.

Biometric technologies represent the strongest form of authentication currently available. As illustrated in Figure 2.1 biometric technologies are categorized in two major groups: behavioral and physiological [47]. Physiological biometrics consist of unique and distinctive biological traits such as fingerprint, face scans, iris scans, hand geometry, etc. Behavioral biometrics relies on learnt behaviors, such as typ-ing dynamic, mouse dynamic, swipe gesture on mobile devices, signature dynamic, voice, and gait. Despite their strength, individual biometrics have inherent limita-tions. Some of the biometrics technologies are affected by environmental factors,

(24)

such as level of lighting for face biometric or ambient noise for voice biometric. An attacker can record the user’s voice or capture his/her face which can then be used to gain access to the system. Several technologies, such as, fingerprint require specific hardware scanners, which are not commonly found on personal computers or smart-phone devices. In general, implementing behavioural authentication systems such as keystroke dynamics is not costly compared to the physiological authentication sys-tems that rely on special devices. Changing a password in a keystroke dynamics authentication system is easy while human physiology used for authentication cannot be modified.

Genetic inheritance plays a role in human behavioural characteristics. One of the challenges of analyzing keystroke dynamics is that every user has a unique pattern of typing and at the same time shares certain typing behaviours with other people. Another challenge is dealing with the instability of human behaviour. Moreover, the environment conditions (i.e. hardware) makes data collection more complicated because every user is accustomed to a particular environment. To address these issues, researchers are trying to come up with a robust technique for dealing with this instability and uncertainty by standardizing the text and the environment for every user.

2.2 Authentication Mechanisms

2.2.1 Data Acquisition

There are different approaches to collecting data from subjects and extracting features from raw data when measuring individual user behaviour. In the following sections, we describe some of the approaches used by researchers for collecting data from users and extracting useful information for keystroke dynamics authentication.

Text entry

Figure 2.2 depicts two types of keystroke dynamics authentication which are: static and dynamic. Structured text is the behaviour of an individual when interacting with the system and unstructured text is the behaviour of an individual continuously interacting with the system. Static authentication is widely used by people on a daily basis and most researchers focus on structured text analysis. In static authentication, multiple samples of the same password is used for each user to build the user’s profile

(25)

Figure 2.2: Types of Keystroke Dynamic.

or biometric template during for enrollment, which is the compared against a new password sample during the verification phase. In contrast, dynamic authentication requires the analysis of the unstructured text conveyed by keystrokes, which is more challenging. Unstructured text recognition requires the user to input large samples of free text to create their profile during the enrollment phase, and the verification procedure requires the user to input a much smaller sample of free text.

(26)

Environment

The environment is considered to be the main factor for determining the typing behaviour of an individual, such as the layout of the keyboard, the rhythm of typing, and keystroke dynamics. Many users are accustomed to a particular keyboard. There are two types of possible environments, a controlled environment (the subject trains to type on a specific keyboard), and an uncontrolled environment (no restriction on the subject to type on a particular keyboard). Changing the layout of the keyboard may have an affect on the rhythm of typing. In addition, every user has a unique pattern of typing that is captured in the form of keystrokes and timing patterns. Conducting experiments based on a particular environment is most commonly used approach in investigating static user authentication models.

Features

Typing features relevant to keystroke dynamics authentication can be extracted from raw typing data obtained by measuring and analyzing various key press metric. Figure 2.3 depicts keystroke time information when a user presses a key down and releases it [32]. Hold time or dwell time is defined as the time for a single key press and release [50]. For the flight time, we consider the following variations: release-to-press (RP) (the duration of the time interval between a key released and a key pressed), press-to-press (PP) ) (the duration of the time interval between two keys pressed), release-to-release (RR) (the duration of the time interval between two keys released).

Biometric System Performance

Biometric system performance is commonly measured by computing the following key metrics: False Acceptance Rate (FAR) and False Rejection Rate (FRR).

FAR is the rate of falsely identifying imposter user as legitimate user which is defined as:

F AR = Number of false matches

Total number of impostor match attempts.

FRR is the rate at which genuine users are falsely rejected from using the system which is defined as:

(27)

Figure 2.3: Time Information of Keystroke Dynamic Behavioural Biometrics.

F RR = Number of false rejections

Total number of genuine match attempts.

In general, acceptance or rejection decisions are made by comparing the biometric matching score against some threshold value. Different values of the threshold will yield different combination of FAR/FRR. It is customary to model such variations in operating settings by using a Receiver Operating Characteristic (ROC) Curve. In general, the ROC curve is defined as a plot of the false acceptance rate on the x-axis against the corresponding rate of correctly accepting genuine users plotted on the y-axis. Another commonly used performance metric is the Equal Error Rate (EER), which is defined as the value of FAR/FRR at an operating point on ROC where FAR equals FRR [37].

Figure 2.4 shows the relationship between FRR and FAR and how the threshold has an impact on the performance of a system [11]. For instance, if the FAR is very high then the system will accept a large number of imposter users. On the other hand, if FRR is very high then the system will reject a large number of genuine users. The issue with FAR and FRR is that reducing one creates an increase in the other which

(28)

implies a trade off between FAR and FRR should be made to reach the optimum operating point.

Figure 2.4: Relationship Between FRR and FAR.

Several factors may impact the performance of keystroke dynamic biometric. Some of these factors are summarized below:

1. Password size: Joyce and Gupta [26] observed that creating short and easy passwords for the login are easier to impersonate.

2. Clock time resolution: Clock time resolution has an impact on EER as observed by Killourhy and Maxion [29]. When they used a 15 ms resolution clock instead of a 1 ms resolution clock, the EER improved significantly.

3. Password format: In the enrollment phase, the type of the password (e.g. mix of characters, digits, upper-cases, lower-cases, and special charters), the length of the password, the number of samples per user to authenticate a subject have an impact on the error rate of the system [44].

4. Hesitation: Hesitating or pauses in typing makes it difficult for the classifier to distinguish between the subjects.

(29)

5. Emotional state: Typing speed can be affected by the emotional state of the user such as happiness, sadness, or sickness [56].

2.2.2 System Architecture

As illustrated by Figure 2.5, biometric system operation relies on three main steps: enrolment, matching, and decision [2]. During the enrollment phase, a system will build a profile for a subject from specific samples, where specific features will be extracted from the biometric samples and used to create a template/profile based on a mathematical representation of the biometric data. After extracting the features, the matching phase consists of comparing between the user’s template against the newly captured biometric data. The decision is made based on the mode of operation of the system. For instance, the identification mode is the process of comparing a sample against all profiles in the database to determine the possible originator of the sample (one-to-many comparison) [25]. In contrast, the verification mode is a process of comparing a sample against a single profile in the database (one-to-one comparison) to validate the identity of an individual user [55].

The architecture of keystroke dynamic behavioral biometrics analysis framework follows the classic biometric process and system architecture outlined in Figure 2.5. The process starts by extracting some features from mobile Keystroke dynamic during the enrollment phase and creating a user profile. The matching phase consists of determining whether or not a password belongs to a specific subject. The matching phase in Keystroke dynamic behavioral biometrics verification is based on one-to-one classification.

(30)

Figure 2.5: Generic Architecture of Biometrics Systems.

2.2.3 Classification Techniques

Different algorithms can be used to process keystroke dynamics and classify users as either genuine or impostors. Examples of algorithms used in the literature include the

(31)

following techniques and variants: statistical models, Neural Network, Particle Swarm Optimization (PSO), Ant Colony Optimization (ACO), Bacteria Foraging Algorithm (BFOA), Support Victor Machine (SVM), Bayesian Classifier, and Clustering (e.g. using K-means). These algorithms can be grouped into four major categories as follow:

Statistical Algorithms

These consist of using simple statistical measures for computing the features and classification, such as, mean and standard deviation. This may involve comput-ing similarity between an authentication sample and the enrollment samples uscomput-ing standard distance metrics such as Euclidean distance. The disadvantages of using statistical algorithms are that the features extracted from the keystrokes appear to be non-linear in nature and the simplicity or lack of a training stage [44].

Neural Networks

There are two forms of neural networks: one is based on supervised learning and the other one is based on unsupervised learning. One of the most popular neural network approaches using supervised learning method is back propagation. One of the most popular neural network approaches using unsupervised learning method is called the Hopfield neural network. The advantage of using neural networks is the capability of handling multiple parameters [44]. However, in general the algorithms are slow and take a long time during the training and the application phases, which is a major concern for keystroke dynamics authentication.

Pattern Recognition and learning based algorithms

Pattern recognition is a way of categorizing patterns or objects based on probabilistic machine learning algorithms [52]. Examples of pattern recognition algorithms include the nearest neighbour algorithms and clustering, used for simple computations while complex algorithms such as Bayes classifier, Fishers linear discriminant (FLD), SVM and graph theory are used for advanced computations. Classification accuracy and the efficiency in determining patterns in the data automatically are advantages of using probabilistic learning algorithms.

(32)

Search Heuristics and combinations of algorithms

Search heuristics algorithms, such as Genetic Algorithm (GA), are used to guide the search for optimal solutions, handle large databases and enhance the performance of a classification system. The combination of different algorithms is a technique used to enhance the performance of a classification system. Indeed, using specific algorithm with different optimization techniques or combining different algorithms tend to in-crease the performance of a system. For example, optimum solutions were obtained by using a hybrid classification system, proposed by Azevedo [8], that combines SVM and optimization algorithms such as the GA and PSO. The advantages of using the search heuristics approach are finding the optimum solution, managing large datasets, and improving performance.

2.3 Summary

This chapter provided a brief overview of biometric systems in general, and keystroke dynamic recognition, in particular. Biometric recognition is positioned in the general context of pattern recognition systems, by highlighting relevant performance metrics and classification algorithms. The next chapter will focus on the main theme of this dissertation by surveying and discussing related work.

(33)

Chapter 3 Related Work on Mobile KD

Biometric Authentication

In this chapter, we revisit related work on mobile KD for fixed password, and relevant multimodal schemes that combine fixed KD with other biometric modalities. Then, we summarize and discuss the existing literature on KD OTP.

While several studies have been published on fixed keystroke dynamic biometric password for mobile devices, very limited amount of work has been done on mobile OTP KD.

3.1 KD based Fixed Password

In 2006, Clarke and Furnell conducted the first experiment based on keystroke dy-namic analysis for mobile devices [12]. The authors collected a dataset from 30 subjects where each participant typed two different password strings. The first pass-word was 11 digits of telephone numbers while the other passpass-word was 14 pass-words of text messages. The timing features including dwell and fly times were extracted, and then processed using neural network classifiers. On average, an EER of 12.8% was achieved.

Karnan and Krishnaraj [28] conducted an experiment to collect keystroke, finger, and palm biometrics samples using mobile devices, where each participant was asked to provide 200, 100, and 100 samples of keystroke, finger print, and palm print, respec-tively. They extracted and analyzed the features using PSO, ACO and BFOA with SVM. SVM with BFOA were used for comparing the individual biometric factors

(34)

sep-arately and their combination. The comparison between traits using fusion schemes produced EER of 25.70% and 2.14%, respectively. Error rates1 of 0.069%, 0.076%, and 0.083% were obtained for keystroke, fingerprint and palmprint, respectively.

Maiorana et al. [33] proposed a model for user authentication using keystroke dynamic biometric for mobile devices. In their experiment, 40 subjects were asked to type 6 different passwords 20 times. They extracted and analyzed timing features (dwell time and fly time) using different classifiers: fuzzy C-means, Bayes Classifier, SVM, as well as Principal Component Analysis (PCA). By varying the number of keys, 10 keystrokes long passwords produced the best performance with an EER of 13.59% using fuzzy C-means.

Karnan and Krishnaraj [27] used Ant Colony Propagation (ACP), and GA with Back Propagation Neural Network (BPNN) to improve the performance of keystroke biometric authentication. A mobile device was used for data collection where 25 participants were asked to provide 50 samples. By extracting timing features and applying ACP, GA and PSO, the error rates of 1.07%, 0.20%, and 0.006% were achieved, respectively.

Saevanee and Bhattarakosol [42] investigated the impact of the standard timing features (i.e. dwell and fly times) and finger pressure, as a new feature, on mobile authentication using keystroke dynamic. A dataset was collected with 10 participants, where each user was asked to enter their 10 digits cell phone numbers 30 times. By extracting dwell time, fly time, and finger pressure, and using neural network, EER of 35%, 40%, and 1% were achieved separately for the dwell time, fly time, and finger pressure, respectively, whereas when all three features were combined together, the EER was 9%. This shows that using the individual finger pressure feature produced a better result than using the combination of all features. In addition, the combination of the dwell time and the finger pressure produced accuracy rate of 99% which is similar to the finger pressure alone.

In 2014, Zheng et al. [57] conducted the first experiment collecting acceleration, finger pressure and finger size for mobile authentication. Samples from two different passwords consisting of 4 and 8 digits were collected from 80 subjects where each participant was asked to type each password at least 25 times. In addition to the standard timing features (i.e. dwell and fly times), touchscreen features (i.e. finger pressure and size of the finger) were extracted. By applying the mean and standard 1_{Note that the error rate is a vague metric in the context of biometric, and should not be equated}

(35)

deviation, and z-score, the similarities and dissimilarities between impostors and le-gitimate users were calculated. The best performance was an EER of 4.45% and 3.65% obtained using 4 and 8 digits, respectively.

A similar approach proposed by Dhage et al. [15] used dwell time, fly time, and drift as features. A dataset was collected by asking 15 subjects to type 10 samples of a password consisting of 10 characters using a Sony Xperia M mobile device. The proposed model uses two factors for authenticating subjects. The first factor is calculated by adding or subtracting the mean from the standard deviation multiplied by selected threshold. The second factor is calculated by subtracting the mean value of a feature from the test value of the feature and then dividing the outcome by the mean value of the feature. By using feature fusion model, EER of 0.806% was obtained.

Muralidharan [45] proposed an approach for keystroke biometric authentication on mobile devices using finger pressure with dwell time and fly time as features. They collected a dataset where 10 subjects were asked to type a 4-digits password 100 times in 5 sessions. By applying the decision tree classifier - J48, the Naive Bayes classifier, the K* classifier, and the multilayer perceptron classifier, to the combined features, they obtained as best performance an EER of 15.2% for the multilayer perceptron classifier.

Similarly, Tasia et al. [51] proposed an authentication model that uses dwell time, fly time, finger pressure, finger area, and drift as features.They conducted an exper-iment involving 100 subjects, who were asked to type 4 and 8 digits passwords, 10 times in 5 sessions from 100 subjects using a Motorola mobile device. In the study, the FAR was calculated by choosing randomly 10 users as imposters among the 100 subjects. On the other hand, the FRR was calculated based on all the 100 subjects. The best performance obtained was an EER of 8.40% by combining time and pressure features.

Trojahn et al. [54] suggested that combining the standard features (i.e. dwell and fly times), finger pressure and size of the finger for mobile authentication using keystroke dynamic would improve mobile keystroke dynamic biometric recognition. They conducted an experiment involving 152 participants who typed 10 times a pre-defined 17-digits password in a single session. By applying K-means classification, to the individual features separately, FAR of 8.03%, 12.66% and 12.63% and FRR of 12.3%, 11.64% and 33.33% were obtained for the dwell time, fly time, and trigraph (three different keys), respectively. On the other hand, a FAR of 4.19% and a FRR

(36)

of 4.59% were obtained using the combined traits which are very encouraging results. In the mobile keystroke dynamic biometric authentication approach proposed by Draffin et al. [17], the BPNN algorithm was applied to the two primary standard timing features, along with finger pressure, finger area, drift, and device orientation. The experimental validation was conducted by collecting over 3 weeks a dataset from 13 users, yielding a FAR of 14.0% and a FRR of 2.2%.

Antal et al. [7], also proposed a mobile keystroke dynamic biometric authenti-cation model using four features, namely, the dwell time, the fly time, the finger pressure and the finger area. In their study, three anomaly detection methods based on the Euclidean, Manhattan, and Mahalanobis distances, which were developed by Killourhy and Maxion [30], were used. For the evaluation, a dataset was collected with 42 subjects tasked with typing the same password (.tie5Roanl) 30 times in 2 ses-sions. The evaluation yielded EER of 15.7%, 12.9%, and 16.6% when using Euclidean, Manhattan, and Mahalanobis, respectively.

Furthermore, Antal and Szab´o [6] proposed a different mobile authentication ap-proach that was developed and evaluated using Bayes Network, KNN, and Random Forests. EER of 7.0% and 3.0% were obtained as performance using one and two-class two-classification algorithms with Random Forests, respectively. The result shows that using two-class classification technique performed better than using one-class classification technique.

Al-Obaidi and Al-Jarrah [4] proposed a statistical model called Median-Min-Diff for mobile authentication using the dataset provided by Antal et al. The proposed model constructs during the training phase, a template structured around two thresh-olds: upper and lower thresholds. The evaluation of the model on Antal et al.’s dataset produced an EER of 6.79%.

Later, the same authors [3] collected a dataset from 56 subjects where each partic-ipant provided 51 samples for a 10-character password in two sessions. By extracting the same features as in Antal et al.’s work, FAR of 5% and a FRR of 5.6% were obtained by using the Median-Min-Diff model.

In the mobile keystroke dynamic biometric authentication approach proposed re-cently by Jadhav et al. [24], timing and pressure features were extracted, and analyzed by computing the mean and the standard deviation to classify the users based on pre-determined threshold. The approach was evaluated by collecting 20 password samples from 4 subjects. The best performance obtained was a FAR of 1% and a FRR of 4%.

(37)

3.2 Multimodal Schemes

In general, the combination of different biometric modalities in a multimodal scheme helps strengthen the authentication system, both from accuracy standpoint as well as robustness and resilience against various sorts of attacks.

Several multimodal proposals have been published in the literature that combine mobile keystroke dynamics with other existing biometric modalities, such as 2D face, behavioral profiling, linguistic profiling and voice [13,16,20,43,53]. Saevanee at al. [43] proposed an integration of multimodal biometric traits using matching-level fusion to enhance the accuracy of mobile authentication. The following modalities were combined in the proposed model: mobile keystroke dynamics, behavioural profiling, and linguistic profiling. For the evaluation, a dataset consisting of behavioural pro-filing, keystroke dynamics, and linguistic profiling were collected from 30 subjects, where each participant was asked to type at least 15 messages. They achieved an EER of 8% using the Radial Basis function (RBF) neural network algorithm. Do at al. [16] conducted an experiment based on a virtual database of 28 subjects, consist-ing of a combination of keystroke dynamics and gait samples collected usconsist-ing three different smartphones. By applying SVM algorithm with score fusion, an EER of 1.11% was obtained. Corpus et al. studied the combination of keystroke dynamics and accelerometer biometrics features for mobile authentication [13]. The data was gathered from 30 users by asking them to type 8 times a password consisting of 16 alpha-numeric characters with at least one (1) special-character password, and to record a password 8 times using the accelerometer biometrics. The combination of both traits produced a FAR of 7% and a FRR of 40% using Neural Network classifier. Ho [23] conducted a comparison between four classifiers, namely, Manhattan Dis-tance, Random Forest, Gaussian Discriminant Analysis, and SVM for user authen-tication using mobile devices. In the study, a dataset was collected by asking 55 users to type 30 times one out of five randomly assigned PIN codes. The proposed feature model consisted of 35 features: 9 for timing, 5 for additional touching, and 21 for accelerometer. The author focused on the SVM classifier more than the other classifiers, where the combination of all features achieved a FAR of 4.4% and a FRR of 5.3% using SVM. While using just accelerometer, timing, and additional touching features, FAR of 11.7%, 17.28% and 28.4%, and FRR of 12.6%, 14.7%, and 17.4% were obtained, respectively.

(38)

keystroke biometric authentication model proposed by Ho [23]. The authors com-pared Deep Neural Network (DNN) to four classifiers, including Manhattan distance, random forest, Gaussian discriminant analysis, and SVM. Using the dataset proposed by Ho, the comparison showed that DNN produced the best result with an EER of 2.8% using the combination of 35 features from Ho’s model. While using just the tim-ing, additional touchtim-ing, and accelerometer features, EER of 5.0%, 4.0%, and 3.7% were obtained, respectively.

3.3 KD based OTP

To our knowledge, the overwhelming majority of the existing work has focused on mobile authentication using fixed password string. We came across only one paper by Bours and Masoudian [9] on OTP based on keystroke dynamic biometric for mobile authentication.

The authors collected data from 30 subjects where each subject typed 6 digits OTPs 150 times correctly (without typo). In the proposed approach, two types of OTP samples were considered. The first type of OTP was similar for all participants, while the other type was unique for each participant. For the similar sample collection, 75 OTP samples were collected from each subject. On the other hand, for the personal sample collection each participant was asked to type 75 OTPs generated separately. Two features were extracted consisting of the dwell time and the fly time. For the fly time analysis, 100, 5, and 1 features were extracted based on different digit pairs, the position in the OTP and the sum of the 5 fly times in an OTP, respectively.

In addition, 8 and 10 fly time features were extracted based on the number pad layout and the number row layout, respectively. During the test phase, the authors examined two different types of keyboards, consisting of 8 categories for the number pad layout (i.e. the distance between 4 and 6 is comparable to 7 and 9, or 1 and 7) and 10 different categories for the number row layout, respectively. By applying a combination of common OTPs and personal OTPs or each type alone, 7 settings (i.e. 50 common samples, 50 personal samples or their combinations) were used to create a template for each participant.

The dwell and fly times were calculated separately and then combined using score-level fusion scheme. An EER of 26% was obtained using the scaled Manhattan distance (SMD).

(39)

3.4 Discussions

In the last few years, a growing number of proposals have been published on mobile keystroke dynamic authentication. Most of these works use only the timing features. Only a few proposals have covered the pressure features in addition. This could be explained by the fact that the capability to capture and measure of pressure signals in mobile devices is far more recent (compared to timing ones), and also the collection of such data involve some complexity.

The main issue with the previous work is the relatively small size of the validation population in many cases and also the fact that participants provided samples by typing different set of characters (i.e. individual phone numbers), which creates some confounds [42, 45].

Also, most of the published proposals have not addressed usability issues related to typo handling. Most of the works focus on off-line user enrollment, where all the samples needed are readily available. To our knowledge, limited attention has been paid to the issues surrounding online enrolment, where the profile is built gradually and dynamically.

Furthermore, the overwhelming majority of the proposals focus only on fixed password based authentication. The only previous proposal on keystroke dynamic biometric OTP is the work by Bours and Masoudian [9]. While the authors covered only timing features, our proposed model supports pressure features in addition to timing features. Also, our approach is the first to explore multimodal combination of fixed and variable keystroke dynamic passwords.

Furthermore, most of the existing works have been evaluated without consider-ation for statistical forgeries against the authenticconsider-ation model. With the increasing sophistication in automated attacks and available tools, statistical forgery has become a real threat that should not be ignored. We will introduce subsequently new models and mechanisms to address the above mentioned issues.

In the next chapter, we will investigate fixed password KD authentication using enhanced data analysis and machine learning. We will also present a new approach for typo handling and an introductory strategy for gradual enrollment.

(40)

Chapter 4 Mobile Keystroke Dynamics

Authentication based on FP

In this chapter, our focus is on evaluating the current state-of-the-art keystroke bio-metrics techniques proposed for desktop and study how these perform on mobile de-vices. This involves identifying and collecting (when necessary) datasets, comparing the state-of-the-art keystroke biometrics techniques and improving them by adding new features such as the key pressure. Besides, we will attempt to handle transpar-ently typing mistakes when a user made a mistake or corrected his/her typing to login into a system. We will explore different machine learning algorithms in this process.

4.1 Feature Model

Figure 4.1 illustrates the main keystroke categories and corresponding timing data. In this study, we will consider both the standard features (dwell and flight times) and the pressure features (finger pressure and finger size). For the flight time, we consider the following variations: release-to-press (RP) (the duration of the time interval between a key released and a key pressed), press-to-press (PP) (the duration of the time interval between two keys pressed), release-to-release (RR) (the duration of the time interval between two keys released).

(41)

Figure 4.1: An illustration of Time Information of Keystroke Dynamics The focus for keystroke dynamic analysis is primarily on analyzing sequence of adjacent keys occurring in a sample. This is called an n-graph, where n is the size of the sequence of keys. Popular n-graphs are monograph (n = 1), digraph (n = 2), trigraph (n = 3), and four-graph (n = 4). Beyond n = 4, the effectiveness of n-graph analysis becomes questionable due to the rarity (of 5-graph and higher sequence sizes). The primary data extracted from n-graph is timing information, i.e., (the first key to the last key referred to as fly time) or the duration of pressing and releasing a key (known as dwell time). Recently there have been an interest in extracting key pressure data from the key, as well. For pressure features, we consider the following: key hold pressure (P) (the pressure at the moment of key pressed), finger area or size (FS) (finger area at the moment of key pressed). The pressure generally ranges from 0 (no pressure at all) to 1 (normal pressure), however values higher than 1 may be generated depending on the calibration of the input device [1].

4.2 Keystroke dynamics based on Fixed Password

Using fixed password for authentication involves building a model of the biometric authentication system by training a machine learning or a statistical classifier using

(42)

previous samples. In this case, a specific set of n-graphs are used for training and verification. In the enrollment sample, several instances of the n-graphs would be available, which probabilistically makes model construction more straightforward.

We use machine learning algorithms to classify individual users and discriminate genuine users from impostors. We investigated different classifiers, and obtained the best results with Random Forest classifier [10]. Other classifiers that we investigated beside random forests, include SVM, naive Bayes, and (J48) decision tree. We provide below a brief overview of ransom forest classifier.

4.2.1 Random Forest Classifier

Random Forest (RF) classifier is an ensemble learning algorithm that works by con-structing a multitude of decision trees. RF classifier creates a forest with multiple trees, each of which is a decision tree created from a subset of the data and feature space selected randomly. To classify a new sample, each tree from the forest produces its own classification separately. The outputs from the different trees are aggregated, and the most frequent prediction is chosen as the random forest output for the sample. As ensemble method, random forest uses a divide-and-conquer approach used to improve performance. The main principle behind ensemble methods is that a group of learners can come together to form a strong learner. While a single decision tree is inclined to over-fitting and high variance, a random forest substantially increases the model stability and is currently adopted in different kinds of applications such as stock market and e-commerce. Random forest naturally inherits all the tuning parameters associated with decision trees. In addition, the number of the decision trees in the forest can be used as a tuning parameter to find the best model.

If we have a training data set of size S, and a set of features of dimension F , the random forest classification process works as follows:

1. A subset of s samples are selected from the training set S at random where s < S.

2. Randomly f features are selected from total F features where f < F while keeping the value of f unchanged during the creation of the forest.

3. A decision tree is created using s training samples with f features. 4. Repeat the steps 1 to 3 until l number of nodes has been reached.

(43)

5. Build forest by repeating steps 1 to 4 for n number times to create n number of trees.

6. A new sample is classified by calculating the results for each of the n trees and choosing the majority.

RF classifier has the following advantages:

• Will not overfit the model if the forest has enough trees. • Can be used for both classification and regression.

• Can handle missing values and do not require preparation of the input data. • Can be used for dimensionality reduction because of its ability to distinguish

features with high relevance.

On the other hand, random forest classifier has some drawbacks: • It is much harder and time-consuming to construct.

• It is sophisticated and difficult to implement.

• Its prediction process is time-consuming compared to other algorithms.

4.3 Typo Handling

Handling typing errors is crucial in improving usability in keystroke dynamic biomet-ric authentication. We present a new approach for handling typing errors on keystroke dynamics for mobile authentication.

Typing errors occur whenever there is a misspelling of a word while typing pass-words. To deal with such errors, we assume the following proposition.

Consider a case when a user mistyped his/her password and realizes that he/she mistyped it. To correct the password, the user deletes the wrong characters by press-ing the backspace key and then completes the password afterwards. In dopress-ing so, the user types some extra characters which will also be logged in the time stamps reg-isters. As a consequence, not only there will be some extra entries in the registers but the flight times between the correct digits would also differ. Figure 4.2 shows an example of such a scenario.

(44)

Figure 4.2: An illustration of a mistyped password.

Here the user typed three extra characters, V, X and Q, while typing the password ABCDEFGH. Also, after realizing the mistake, the user deletes these characters by pressing the backspace key which is shown as ← in Figure 4.2.

Our typo handling algorithm makes the assumption that the flight time between the incorrect letter and the preceding letter is approximately the same as the time between the correctly typed letters. For instance, as shown in Figure 4.3 v is the incorrect key and b is the preceding key that the user intended to type (i.e. the correct key). Implicitly, it is assumed here that the incorrect and correct keys are close neighbours on the keyboard layout.

(45)

Figure 4.3: Typo handling on QWERTY Keyboard Layout of Mobile Phone. The user incorrectly typed key v instead of b, and did a correction by pressing the delete key, and then the correct key (i.e. b).

Based on this assumption, we compute the time stamps for the password with extra characters as follows. Firstly we find the difference between the time stamps of the incorrect letter and the corresponding correct letter (V and B in the Figure 4.2), and then we subtract that difference from each of the timestamps of the correctly typed letter and the letters following it. For example, in the Figure 4.2, the difference between the time stamps of letters V and B is 3 ms. Afterwards, the computed time difference is subtracted from the timestamps of the letters starting from the letter B. The first row of the ’Corrected Time Stamps’ shows the updated time stamps. The same procedure can be extended to the typing errors caused by typing multiple extra characters as is the case with the letters (X and Q) in the Figure 4.2. Here the correct time stamps are computed similarly by subtracting the time difference between the timestamps of the first incorrect letter and the corresponding correct letter. Notice that, by this procedure, we are able to compute the correct time stamps as given in the Table 4.1. Algorithm 1 describes the proposed typo handling approach, where the following notation is used:

ˆ

ki = ith key pressed (received)

(46)

Table 4.1: An illustration of a correct password

Password A B C D E F G H

Time Stamp 1 3 5 6 8 11 12 13

kl = lth Correct key

t(kl) = Corrected Time Stamps

j = Index of erroneous key ˆkj

bj = number of backspaces corresponding to the erroneous key ˆkj’s

b =P

j6i(bj) = number of backspaces (incorrect keys) typed until ˆki is pressed

l = i − 2b = Index of correct key Algorithm 1 Typo Handling

1: Inputs:

R=Number of received ˆki

td(ˆki), tu(ˆki)

2: Find all the erroneous key’s for ˆkj’s and corresponding bj

3: for i = 1, 2, . . . , R do 4: b =P j6i(bj) 5: l = i − 2b 6: td(kl) = td(ˆki) −P_j6i[td(ˆkj+2bj) − td(ˆkj)] 7: tu(kl) = tu(ˆki) − P j6i[tu(ˆkj+2bj) − tu(ˆkj)] 8: Output: td(kl)’s, tu(kl)’s 9: end for

4.4 Profile Maturity

Some organizations are simply reluctant to require their customers to go through the process of static online enrolment. In this situation, the biometric profile must be built dynamically online, as more samples become available. Furthermore the profile must be updated to account for the variability inherent in any behavioral biometric technology.

Behavioral biometrics such as swipe gesture and keystroke dynamics are adequate for such purpose as the biometrics can be collected transparently without the need

(47)

for any special purpose sensor or any special task required from the user [13]. One of the challenges faced by such biometrics is the sparse nature of the data available.

For the sake of transparency, ideally enrollment must be conducted passively. This means during the enrollment phase, the authentication will have to rely on other factors, and this opens up, as a consequence, a window of vulnerability.

Our objective is to develop a model to enable user authentication in the early stage of account creation (or user registration), which typically involves reduced numbers of samples (e.g., 1, 2, or 3). However, attempting to reduce simultaneously the number of samples and the verification error rates is a difficult task since these characteristics involve trade-offs. A smaller enrollment sample set may lead to increased verification error rates.

Trade-offs can be made by collecting smaller amount of data during the enrollment, which allows shortening the aforementioned window of vulnerability. While such approach is appealing, it raises the issue of profile maturity and thereby the confidence in the authentication decision being based on immature or gradually maturing profiles. Profile maturity can be improved through adaptation, by adjusting the profile based on new samples becoming available. Due to the inherent variability of behavioral biometrics, profile maturity must be improved on a regular and continuous basis, during and beyond the initial enrollment phase.

The primary goal of our research is to study profile maturity through adaptive enrollment and the confidence in such maturity.

In practice, we find that it is indeed a challenging task to stay on the same classification technique to authenticate users during the training phase for long time. This is due to the fact that the performance of a classifier may fluctuate in terms of changing behavior of the user. For instance, an algorithm may achieve a very good authentication result regarding a set of training samples, but the performance may drop slightly when we get new samples over a period of time. For instance, when we start using a new password, the typing speed might change over the time until we reach a certain time where typing speed will not change any more. The problem is that the behavior of the user is changing over the time, which impacts the recognition accuracy.

To tackle the aforementioned challenge, our approach consists of using an ensemble classification scheme, involving multiple classifiers, coupled with a mechanism that aims to increase the number of samples during the training phase in an adaptive way. The mechanism will measure the performance of the system (based on the training

(48)

samples) and stick with one classifier deemed as the best at the time using a specific threshold T and EER measure.

Our objective is to build a model where we can achieve a minimum acceptable EER and stay on that model based on the current training sample set. We call this approach switch and stay model.

Figure 4.4: Switch and Stay.

Figure 4.4 depicts the switch and stay model. In this model, the enrollment for a given user consists of training a pool of classifiers until each classifier reaches its best performance in terms of EER on the training data. After that, we select the best classifier among the pool of classifiers. As more training samples are being added, we then stick to one classification model as long as the EER is greater than a specific threshold T. The idea is that we will stick to one model until the performance becomes unacceptable. Once the EER increases above specific threshold, the system will be retrained to reach the optimum operating point because the user behavior might change over the time and could degrade the system performance. As shown in Figure 4.4 as EER fluctuates, adaptation takes place through retraining.

(49)

Figure 4.5: Switch and StayAdaptive Model.

Enhanced usability, resilience, and accuracy in mobile keystroke dynamic biometric authentication

Table of Contents

List of Tables

List of Figures

List of Abbreviations

Introduction

1.1

Context

1.2

Research Problem

1.2.1

Usability and Accuracy Challenges in Mobile Keystroke

Dynamic Authentication

1.2.2

Statistical Forgery Attacks Against Mobile Keystroke

Dynamic Authentication Schemes

1.3

Approach

1.4

Thesis Contributions

1.5

Thesis Outline

Chapter 2

Background On Biometric

Authentication

2.1

Biometric Authentication

2.2

Authentication Mechanisms

2.2.1

Data Acquisition

2.2.2

System Architecture

2.2.3

Classification Techniques

2.3

Summary

Chapter 3

Related Work on Mobile KD

Biometric Authentication

3.1

KD based Fixed Password

3.2

Multimodal Schemes

3.3

KD based OTP

3.4

Discussions

Chapter 4

Mobile Keystroke Dynamics

Authentication based on FP

4.1

Feature Model

4.2

Keystroke dynamics based on Fixed Password

4.2.1

Random Forest Classifier

4.3

Typo Handling

4.4

Profile Maturity