keystroke dynamics enhancing password based schemes with keystroke dynamics. doctorial consortium...

26
Keystroke Dynamics Enhancing password based schemes with keystroke dynamics. • Doctorial Consortium presentation. • February 2010. • Author : Mr N.Pavaday UOM Research Week

Upload: john-ross

Post on 24-Dec-2015

233 views

Category:

Documents


0 download

TRANSCRIPT

Page 1: Keystroke Dynamics Enhancing password based schemes with keystroke dynamics. Doctorial Consortium presentation. February 2010. Author : Mr N.Pavaday UOM

Keystroke Dynamics

Enhancing password based schemes with keystroke dynamics.

• Doctorial Consortium presentation.

• February 2010.

• Author : Mr N.Pavaday

UOM Research Week

Page 2: Keystroke Dynamics Enhancing password based schemes with keystroke dynamics. Doctorial Consortium presentation. February 2010. Author : Mr N.Pavaday UOM

Keystroke Dynamics

UOM Research Week

•Introduction

•Problem Definition

•Related work

•Set up

•Results

•Conclusion and future work.

Menu

Page 3: Keystroke Dynamics Enhancing password based schemes with keystroke dynamics. Doctorial Consortium presentation. February 2010. Author : Mr N.Pavaday UOM

Keystroke Dynamics

UOM Research Week

Introduction• People rely heavily on computer based systems.e.g. -Critical national-scale infrastructures

communication networks, the electric power grid, gas lines, water systems, traffic control systems,

- Localized systems that perform safety-critical functions in aircraft,

automobiles, and home appliances. • Without security- at the mercy of the intruders/attackers• Computer security involves a number of components

among which successful verification of the identity of a person/entity wishing to use the system stands as the essential front line of defense [1].

• Effective system administration, auditing, and efficient resource management all hinge on accurate user identification [2-4]

Page 4: Keystroke Dynamics Enhancing password based schemes with keystroke dynamics. Doctorial Consortium presentation. February 2010. Author : Mr N.Pavaday UOM

Keystroke Dynamics

UOM Research Week

• Authentication requires users to prove that they really are who they say they are; before being given authorization which then dictates what the user can access [5].

• Authentication triangle vertex – Token, Password/Pin, Biometric.

• Password systems - favorite authentication method

in electronic systems - for years now

Several reasons- straightforward to implement - easy to use and maintain - their precision adjusted through password-structure policies

- changing underlying cryptographic algorithms depending on the security level desired - they are an inexpensive, scalable way of validating users, both locally and remotely & to all sorts of services [6,7].

Page 5: Keystroke Dynamics Enhancing password based schemes with keystroke dynamics. Doctorial Consortium presentation. February 2010. Author : Mr N.Pavaday UOM

Keystroke Dynamics

UOM Research Week

Problem definition• Possession based authentication are susceptible to loss

or theft and in some cases copying/cloning

token- cards, keys etc.

Holder given same rights as authentic user- buddy punching, double dipping.

• Password based scheme - the strength of the system is dependent on the secrecy of the shared secret-

Passwords should be easy to remember and provide swift authentication.

On the other hand, in terms of security they should be difficult to guess for an intruder - must be composed of a long, random selection of alphanumeric keys, changed from time to time and unique to a single account [8].

Page 6: Keystroke Dynamics Enhancing password based schemes with keystroke dynamics. Doctorial Consortium presentation. February 2010. Author : Mr N.Pavaday UOM

Keystroke Dynamics

UOM Research Week

• People forget their password – depend of span of time - easily when not in use.

• These stringent requirements - many people feel the need to choose simple and predictable words or numbers related to everyday life, and engage in insecure practices, such as recording their secret keys close to their authentication device or even worst sharing them.

Same passwords everywhere - cascading security incidents – eventually identify theft

Computers make it effective and efficient to initiate dictionary and brute force attacks to obtain the secret.

The problem is so serious that the user is often referred to as the ‘weakest link’ in the security chain [9].

Page 7: Keystroke Dynamics Enhancing password based schemes with keystroke dynamics. Doctorial Consortium presentation. February 2010. Author : Mr N.Pavaday UOM

Keystroke Dynamics

UOM Research Week

• 2002 NTA Monitor Password Survey - Heavy web users have an average of 21 passwords ;81% of users select a common password and 30% write their passwords down or store them in a file.

• In April 2004, more than 70% - approached at London’s Liverpool Street station were willing to disclose their password – with 34% being willing to reveal the information without the need to bribe them.[10]

Page 8: Keystroke Dynamics Enhancing password based schemes with keystroke dynamics. Doctorial Consortium presentation. February 2010. Author : Mr N.Pavaday UOM

Keystroke Dynamics

UOM Research Week

• Biometrics - identifying an individual based on his or her physiological or behavioral characteristics

Physiological – retina, iris, vein, hand, finger etc..Behavioral – action related – speak, signature, keystrokeStrongest means to authenticate people [11,12]

- The third type is extremely difficult to copy, share, distribute and is resistant to forgery.

- Only scheme that caters for non repudiation

no user can claim the contrary after having accessed the content using his personal characteristics.

In addition as no user biometric is easier to break than another all users are on the same level.

Page 9: Keystroke Dynamics Enhancing password based schemes with keystroke dynamics. Doctorial Consortium presentation. February 2010. Author : Mr N.Pavaday UOM

Keystroke Dynamics

UOM Research Week

• Biometric - requires the support of specialized hardware device for their implementation.

• High installation cost and difficult to use - training.• Biometric when compromised or lost, they are not as

easily replaceable as passwords or tokens. • Biometric systems – not yes/no - but depends on system

performance and threshold.• FRR - false rejection rate & FAR false acceptance rate,

Mistaking biometric measurements from two different persons to be from the same person is called false match. On the other hand considering two biometric measurements from the same person to be from two different persons is false reject.

Page 10: Keystroke Dynamics Enhancing password based schemes with keystroke dynamics. Doctorial Consortium presentation. February 2010. Author : Mr N.Pavaday UOM

Keystroke Dynamics

UOM Research Week

Motivation

Multi-factor Authentication – combination to reap benefits - in terms of security and convenience.

The system detailed paper fuses two of these security mechanisms in order to reinforce user authentication.

A password string complemented with its corresponding typing pattern which represents something the user must be.

No additional hardware – or action on user- therefore easy integration with actual system-

Problems like non coperative- privacy etc..non existing

Can be changed at user’s wish.

The uniqueness of a user’s typing pattern was first reported by Joyce and Gupta in 1990 [13]

Page 11: Keystroke Dynamics Enhancing password based schemes with keystroke dynamics. Doctorial Consortium presentation. February 2010. Author : Mr N.Pavaday UOM

Keystroke Dynamics

UOM Research Week

• some products that use such characteristics are now available on the market e.g. Biopassword

• Use by net-nanny to control children use of internet.• Effectiveness and inner working of such systems is not

known as very little research about these is available in the public domain [13].

• Two patents issued on use of statistical models [14] – trend is towards machine learning and artificial intelligence.

Page 12: Keystroke Dynamics Enhancing password based schemes with keystroke dynamics. Doctorial Consortium presentation. February 2010. Author : Mr N.Pavaday UOM

Keystroke Dynamics

UOM Research Week

Related work

• The concern of the papers published up to now can be recapped along these core points (1) Target String (2) Training set (3) Features (4) Timing Accuracy (5)Template Adaptation Mechanism (6) Classifiers (7) Trials become of Authentication.

• In 2005, the impact of the constituents of password was emphasized in a recent study [15]

• Choice of a target string with capital letters, which combines shift and Caps Lock keys plays an important role in the authentication of users.

• Moreover familiarity of the user with the target string was also investigated in that same study

Page 13: Keystroke Dynamics Enhancing password based schemes with keystroke dynamics. Doctorial Consortium presentation. February 2010. Author : Mr N.Pavaday UOM

Keystroke Dynamics

UOM Research Week

• In a recent study Revett and Khan concluded that adding keyboard partitioning reduces the impostor success rate [16]

A number of situations – computer generated ones are used- software keys, loss of password, temporary ones etc.

• A good password – unique and distinguishable – • Mathematically – min intra-class and max interclass

variability• For widespread use of keystroke dynamics _ no

difference between human and spontaneously generated password

Page 14: Keystroke Dynamics Enhancing password based schemes with keystroke dynamics. Doctorial Consortium presentation. February 2010. Author : Mr N.Pavaday UOM

Keystroke Dynamics

UOM Research Week

• Set upA toolkit was constructed in Microsoft Visual Basic 6.0

which allowed capturing - key depression -key release and key code for each physical key being

used. generation of random strings of various lengths.- template vector of each authorized user based on flight

and dwell times recorded to the nearest millisecond.

- Template - an approach similar to that used by the banks and other financial institutions. A new user goes through a session where he/she provides a number of digital signatures by typing the selected password a number of times

Page 15: Keystroke Dynamics Enhancing password based schemes with keystroke dynamics. Doctorial Consortium presentation. February 2010. Author : Mr N.Pavaday UOM

Keystroke Dynamics

UOM Research Week

Page 16: Keystroke Dynamics Enhancing password based schemes with keystroke dynamics. Doctorial Consortium presentation. February 2010. Author : Mr N.Pavaday UOM

Keystroke Dynamics

UOM Research Week

• --------dev-------------------• p• tmp103 time103 ms• duration 6 ms tmu 109 P• a• tmp141 time141 ms• duration 7 ms tmu 148 A• s• tmp172 time172 ms• duration 4 ms tmu 177 S• s• tmp238 time238 ms• duration 8 ms tmu 246 S• w• tmp369 time369 ms• duration 6 ms tmu 375 W• duration 6 ms tmu 836 ,

Page 17: Keystroke Dynamics Enhancing password based schemes with keystroke dynamics. Doctorial Consortium presentation. February 2010. Author : Mr N.Pavaday UOM

Keystroke Dynamics

UOM Research Week

• Using the password “Thurs1day” we obtained 8 keystrokes interval and 9 keystroke duration times neglecting the “Enter” key. .

• Number of attempts – good estimate of variability v/s annoyance of users.

• Login – captured features compared to template.• Above threshold allowed else rejected.

Page 18: Keystroke Dynamics Enhancing password based schemes with keystroke dynamics. Doctorial Consortium presentation. February 2010. Author : Mr N.Pavaday UOM

Keystroke Dynamics

UOM Research Week

• ResultsValues captured during enrollment passed to small program

Matab function to NN to learn features.

Login attempts then fed to NN to find best match.

The first step was to explore and fine tune the parameters values for NN.

Architecture used - multiple layer perceptron (MLP) with back propagation (BP) – sigmoid transfer function

• Same NN as used in [17-19]

Page 19: Keystroke Dynamics Enhancing password based schemes with keystroke dynamics. Doctorial Consortium presentation. February 2010. Author : Mr N.Pavaday UOM

Keystroke Dynamics

UOM Research Week

Learning v/s Hidden Nodes

0102030405060708090

100

1 10 20 30 40 50 60 70 80 90 100

Epoch

Err

or

5hidden

10hidden

15hidden

20hidden

25hidden

Page 20: Keystroke Dynamics Enhancing password based schemes with keystroke dynamics. Doctorial Consortium presentation. February 2010. Author : Mr N.Pavaday UOM

Keystroke Dynamics

UOM Research Week

Variation of learning with fraction of error feedback

Training v/s Learning rate

0

10

20

30

40

50

60

70

80

90

1 10 20 30 40 50 60 70 80 90 100

Epoch

Err

or

Grad(0.1)

Grad(0.2)

Grad(0.4)

Grad(0.6)

Grad(0.8)

D.Variable

Page 21: Keystroke Dynamics Enhancing password based schemes with keystroke dynamics. Doctorial Consortium presentation. February 2010. Author : Mr N.Pavaday UOM

Keystroke Dynamics

UOM Research Week

Users allowed to practice human generated. Press button to get computer generated one and then

practice.Comparison using optimal values obtained for NN.(20 hidden nodes, learning rate of 0.6, sample size of 10

and a threshold of 70 %).

Human Generated

Spontaneous

FAR FRR FAR FRR

Users 3/144 7/144 5/50 10/50

Impostors

22/80 22/80 2/40 13/40

Page 22: Keystroke Dynamics Enhancing password based schemes with keystroke dynamics. Doctorial Consortium presentation. February 2010. Author : Mr N.Pavaday UOM

Keystroke Dynamics

UOM Research Week

• ConclusionOur results shows that human generated is better than

computer generated.

Human generated – in line with previous research• Values obtained favors the use of human generated.• For spontaneous password - impersonation is low. • Uniqueness of each attempt is supplemented by high FRR

Our work shows that computer generated has better differentiating capability- equally important.

More hunt and peck type for computer generated.

Less attempts because more use of “backspace/delete” with spontaneous one.

Page 23: Keystroke Dynamics Enhancing password based schemes with keystroke dynamics. Doctorial Consortium presentation. February 2010. Author : Mr N.Pavaday UOM

Keystroke Dynamics

UOM Research Week

Future work

- Different timings that have been used and their effect - Scalability of system on different systems.- Password constituents and differentiating capability.- Habituation effect - Improving matching score during initiation stage- Error correcting capability- Incorporation of error correcting capabilities without

degrading system performed- Fusion of features and even of classifiers. - Best combination of fusion if any

Page 24: Keystroke Dynamics Enhancing password based schemes with keystroke dynamics. Doctorial Consortium presentation. February 2010. Author : Mr N.Pavaday UOM

Keystroke Dynamics

UOM Research Week

• References:• [1]- Pfleeger, CP, 1997, “Security in Computing International Edition Second Edition, Prentice Hall International,

Inc, Upper Saddle River, NJ, 2nd edition, 1997• [2]- D.L. Jobusch and A.E. Oldehoeft, “A Survey of Password Mechanisms: Weaknesses and Potential

Improvements, Part 1,” Computers & Security,Vol. 8, 1989, pp. 587–604.• [3]- C.P. Pfleeger, Security in Computing, Prentice - Hall, Upper Saddle River, N.J., 1993.• [4]- J.C. Spender, “Identifying Computer Users with uthentication Devices (Tokens),” Computers & Security, Vol.

6, pp. 385–395, 1987.• [5]- Roland, J. CCSP Self-study: Securing Cisco IOS networks (SECUR). Indianapolis, IN: Cisco Press, 2004.• [6]- S Mandujano and RSoto, Deterring Password Sharing: User Authentication via• Fuzzy c-Means Clustering Applied to Keystroke Biometric Data[2004]• Proceedings of the Fifth Mexican International Conference in Computer Science (ENC’04)• [7]- R. Richardson. Computer crime & security survey 2003. Technical report, Computer Security Institute, CSI

and Federal Business of Investigations, FBI, 2003.• [8]- An Introduction to Biometric Recognition Anil K. Jain, Fellow, IEEE, Arun Ross, Member, IEEE, and Salil

Prabhakar, Member, IEEE, IEEE TRANSACTIONS ON CIRCUITS AND SYSTEMS FOR VIDEO TECHNOLOGY, VOL. 14, NO. 1, JANUARY 2004.-pg 4-20.

Page 25: Keystroke Dynamics Enhancing password based schemes with keystroke dynamics. Doctorial Consortium presentation. February 2010. Author : Mr N.Pavaday UOM

Keystroke Dynamics

UOM Research Week

• [9] -Leggett, J., and Williams, G. “Verifying identity via keyboard characteristics”. Int. J. Man-Machine Studies 23, 1 (Jan. 1988), pp 67-76.

• [10]- “Passwords revealed by sweet deal”, BBC News online, 20 April 2004. • [11]- R. Bolle. Guide to Biometrics. Springer-Verlag, 1st edition, December 2003• [12]- R. Hsu, M. Abdel-Mottaleb, and A. Jain. “Face detection in color images”. IEEE

Transactions on Pattern Analysis and Machine Intelligence, Vol 25(5),pp 696–706, 2002.

• [13]- Rick Joyce and Gopal Gupta, “Identity Authentication Based on Keystroke Latencies”, Vol 33 (2) Communications of the ACM pp168-176, 1990

• [14]- J.Bechtel, G.Serpen and M. Brown, International Journal of Computer Intelligence and Applications Vol 2 No.2 pp 1-22, 2002.

• [15]- Lívia C. F. Araújo, Luiz H. R. Sucupira Jr., Miguel G. Lizárraga, Lee L. Ling, and João B. T. Yabu-uti, User “Authentication through Typing Biometrics Features”, IEEE Transactions on Signal Processing, Vol 53 N0. 2, February 2005, pp 851-855.

• [16]- Kenneth Revett, Aurangzeb Khan, Revett, K. and Khan, A., 2005, “Enhancing login security using keystroke hardening and keyboard gridding”, Proceedings of the IADIS MCCSIS pp 1-6, 2005

• [17]- D.T.lin: “Computer Access authentication with neural network based keystroke indentity verification”, Proc IEEE Intl Conf Neural Networks pg 174-178, 1997

• [18] M.S. Obaidat and D.T Macchairolo, “A multilayer neural network system for computer access security”, IEEE transactions on Systems, Machine and Cybernetics VOl 24, No 5, May 1994.

• [19] D. Rumelhart. G. Hnton and R. Williams “ Learning internal representations by error backpropagation,, “ In parallel distributed processing Cambridge, MA, pp 318-362, MIT press 1986.

Page 26: Keystroke Dynamics Enhancing password based schemes with keystroke dynamics. Doctorial Consortium presentation. February 2010. Author : Mr N.Pavaday UOM

Keystroke Dynamics

UOM Research Week

Thank you