A Study of Keystroke Dynamics as a Practical Form of Authentication

Abstract

This project tested four keystroke analysis strategies and their effectiveness for a practical implementation of keystroke dynamics. A web based keystroke analysis system was implemented and a total of 70 participants were involved with the experiment. We designed a new method of typing data storage that is less storage intensive than previous studies. Error rates for each analysis was graphed out across 1000 thresholds so we could see how sensitive each strategy was to threshold adjustments. This method of graphing error rates is something that we have not seen in any previous studies and is something we believe future research should consider because it is significantly more informative than simply just reporting the best possible False Alarm Rate (FAR) and Impostor Pass Rate (IPR). The results of the experiment indicated that the ratio method is the strategy with the lowest error rates. It could achieve a False Alarm Rate (FAR) of 4.29%, an Impostor Pass Rate (IPR) of 3.37%, and a classification error rate of 18.57%. We also concluded that the ratio method is the best keystroke analysis strategy to use in a practical implementation because it is the least sensitive to threshold adjustments. Our method of typing data storage was sufficient though it may have accounted for some of our high error rates. The slightly higher error rates than previous studies is likely due to the fact that typing behavior information is lost when we convert raw timing information into our data structure.

14 Figures and Tables

Cite this paper

@inproceedings{Zhou2008ASO, title={A Study of Keystroke Dynamics as a Practical Form of Authentication}, author={Charles Zhou}, year={2008} }