(IJCSIS) International Journal of Computer Science and Information Security,Vol. 8, No. 7, October 2010
Minimizing the number of retry attempts in keystrokedynamics through inclusion of error correctingschemes.
Pavaday Narainsamy, Student member IEEE
Computer Science Department,Faculty of EngineeringUniversity Of Mauritiusn.pavaday@uom.ac.mu
Professor K.M.S.Soyjaudah
Member IEEE
Faculty of EngineeringUniversity of Mauritius
Abstract
— One of the most challenging tasks, facing the securityexpert, remains the correct authentication of human beings.Throughout the evolution of time, this has remained crucial tothe fabric of our society. We recognize our friends/enemies bytheir voice on the phones, by their signature/ writing on a paper,by their face when we encounter them. Police identify thieves bytheir fingerprint, dead corpse by their dental records and culpritsby their deoxyribonucleic acid (DNA) among others. Nowadayswith digital devices fully embedded into daily activities, nonrefutable person identification has taken large scale dimensions.It is used in diverse business sectors including health care,finance, aviation, communication among others. In this paper weinvestigate the application of correction schemes to the mostcommonly encountered form of authentication, that is, theknowledge based scheme, when the latter is enhanced with typingrhythms. The preliminary results obtained using this concept inalleviating the retry and account lock problems are detailed.
Keywords-Passwords, Authentication, Keystroke dynamics,errors, N- gram, Minimum edit distance.
I.
I
NTRODUCTION
Although a number of authentication methods exist, theknowledge based scheme has remained the de-facto standardand is likely to remain so for a number years due to itssimplicity, ease of use, implementation and its acceptance. Itsprecision can be adjusted by enforcing password-structurepolicies or by changing encryption algorithms to achievedesired security level. Passwords represent a cheap andscalable way of validating users, both locally and remotely, toall sorts of services [1, 2]. Unfortunately they inherently sufferdeficiencies reflecting from a difficult compromise betweensecurity and memorability.On one hand it should be easy to remember and provideswift authentication. On the other for security purposes itshould be difficult to guess, composed of a special combinationof characters, changed from time to time, and unique to eachaccount [3]. The larger number and more variability in the setof characters used, the higher is the security provided as itbecomes difficult to violate. However such combinations tendto be difficult for end users to remember, particularly when thepassword does not spell a recognizable word (or includes non-alphanumeric characters such as punctuation marks or othersymbols. Because of these stringent requirements, users adoptunsafe practices such as recording it close to the authenticationdevice, apply same passwords on all accounts or share it withinmates.To reduce the number of security incidents making theheadlines, inclusion of the information contained in the“actions” category has been proposed [4, 5]. An intruder willthen have to obtain the password of the user and mimick thetyping patterns before being granted access to systemresources.The handwritten signature has its parallel on the keyboardin that the same neuro-physiological factors that account for itsuniqueness are also present in a typing pattern as detected inthe latencies between two consecutive keystrokes. Keystrokedynamics is also a behavioural biometric that is acquired overtime. It measures the manner and the rhythm with which a usertypes characters on the keyboard. The complexity of the handand its environment make both typed and written signatureshighly characteristics and difficult to imitate. On the computer,it has the advantage of not requiring any additional and costlyequipment. From the measured features, the dwell time andflight times are extracted to represent a computer user. The"dwell time" is the amount of time you hold down a particularkey while "flight time" is the amount of time it takes to movebetween keys. A number of commercial products using suchschemes already exist on the market [6, 7] while a number of others have been rumored to be ready for release.Our survey of published work has shown that suchimplementations have one major constraint in that the typistshould not make use of correction keys when keying in therequired password. We should acknowledge that errors arecommon in a number of instances and for a number of reasons.Even when one knows how to write the word, ones fingers mayhave slipped or one may be typing too fast or pressing keyssimultaneously. In brief whatever be the skills and keyboardingtechniques used, we do make mistakes, hence the provision forcorrection keys on all keyboards. Nowadays, typical of wordprocessing softwares, automatic modification based on storeddictionary words can be applied particularly for long sentences.Unfortunately with textual passwords, the text entered isdisplayed as a string of asterisks and the user cannot spot the
19http://sites.google.com/site/ijcsis/ISSN 1947-5500
(IJCSIS) International Journal of Computer Science and Information Security,Vol. 8, No. 7, October 2010
mistake and does make a false login attempt when pressing theenter key. After three such attempts the account is locked andhas to be cleared out by the system administrator. Collectedfigures reveal that between 25% and 50% of help desk callsrelate to such problems [8].Asking the user to input his/her logon credentials all overagain instead of using correction keys, clearly demonstrate thatinclusion of keystroke dynamics does not seamlessly integratepassword mechanism.This can be annoying and stressful forusers and will impede on acceptance of the enhanced passwordmechanism.Moreover this will reduce the probability of thetypist correctly matching his enrolled template and hence makeanother false attempt at login in. In this project we investigatethe use of correcting schemes to improve on this limitation andin the long run reduce the number of requests for unlockingaccount password as encountered by system administrators.Following this short brief on keystroke dynamics, we’lldwell on the challenges involved in incorporating errorcorrecting techniques technologies to the enhance passwordmechanism. Our focus will be on a more general approachrather than checking whether the correction keys have beenpressed by the user. A scheme that can be customized to dealwith cases of damaged keys or American keyboard replaced byEnglish keyboard. In section II, we first review the differentcorrection schemes studied and then the user recognitionalgorithms to be used before elalorating on an applicablestructure for the proposed work. The experimental results aredetailed in section V followed by our conclusions and futurework in the last section of this paper.II.
B
ACKGROUND STUDY
To evaluate a biometric system’s accuracy, the mostcommonly adopted metrics are the false rejection rate (FRR)and the false acceptance rate (FAR), which correspond to twopopular metrics: sensitivity and specificity [9].
FARrepresents the rate at which impostors are accepted in thesystem as being genuine users while the FRR represents therate at which authentic users are rejected in the system as theycannot match their template representation.
The response of the matching system is a score that quantifies the similaritybetween the input and the stored representation. Higher scoreindicates more certainty that the two biometric measurementscome from the same person. Increasing the matching scorethreshold increases the FRR with a decrease in FAR. Inpractical systems the balance between FAR and FRR dictatesthe operational point.
A.
Error types
Textual passwords are input into systems usingkeypads/keyboards giving posibilities for typing errors to cropin. The main ones are insertion, deletion, substitution andtransposition [10] which amounts to 80 % of all errorsencountered [11] with the remaining ones being the split-wordand run-on. The last two refer to insertion of space in betweencharacters and deletion of a space between two wordsrespectively. Historically, to overcome mechanical problemsassociated with the alphabetical order keyboard, the QWERTYlayout has been proposed [12] and it has become the de-factokeyboard used in a number of applications. Other variants existin “AZERTY” used mainly by French or “QWERTZ” used byGermans. Different keyboarding techniques are adopted byusers for feeding data to the device, namely the (i) Hunt andPeck (ii) Touch typing and (iii) Buffering. More informationon these can be found in [11]. The first interaction with akeyboard is usually the Hunt and Peck type as the user has tosearch for the key before hiting on it. Experienced users areconsidered to be the touch type with a large number of keysbeing struck per minute.Typographic errors are due to mechanical failure or slip of the hand or finger, but exclude errors of ignorance. Mostinvolve simple duplication, omission, transposition, orsubstitution of a small number of characters. The typographicerrors for single words have been classified as shown in Table1 below.
TABLE I. Occurrence of errors in typed text [
13
]
Errors % of occurrenceSubstitution
40.2
Insertion
33.2
Deletion
21.4
Transposition
5.2
In another work, Grudin [14] investigated the distributionof errors for expert and novice users based on their speed of keying characters. He analysed the error patterns made by sixexpert typists and eight novice typists after transcribingmagazines articles. There were large individual differences inboth typing speed and types of errors that were made [15].The expert users had a range from 0.4% to 0.9% with themajority being insertion errors while for the novice it was 3.2%on average comprising mainly of substitutions ones. Theseerrors are made when the typist knows how to spell the wordbut may have typed the word hastily. Isolated word errorcorrection includes detecting the error, generating theappropriate candidates for correction and ranking thecandidates.For this project only errors that occur frequently will be givenattention as illustrated in table 1 above. Once the errors aredetected, they will be corrected through the appropriatecorrection scheme to enable a legitimate user to log into thesystem. On the other hand it is primordial that impostors aredenied access even though they have correctly guessed thesecret code as is normally the case with keystroke dynamics.
B.
Error correction
Spell checkers operate on individual words by comparing eachof them against the contents of a dictionary. If the word is notfound it is considered to be in error and an attempt is made tosuggest a word that was likely to have been intended. Six mainsuggested algorithms for isolated words [16] are listed below.
20http://sites.google.com/site/ijcsis/ISSN 1947-5500
(IJCSIS) International Journal of Computer Science and Information Security,Vol. 8, No. 7, October 2010
1)
The Levenshtein distance or edit distance is theminimum number of elementary editing operationsneeded to transform an incorrect string of charactersinto the desired word. The Levenshtein distance catersfor three kinds of errors, deletion, insertion andsubstitution. In addition to its use in spell checkers ithas also been applied in speech recognition,deoxyribonucleic acid (DNA) analysis and plagiarismdetector [17]. As an example, to transform "symmdtr"to "symmetry" requires a minimum of two operationswhich are:
o
symmdtr
→
symmetr (substitution of 'd' for'e')
o
symmetr
→
symmetry (insert 'y' at the end).Damerau–Levenshtein distance [18] is a variation of theabove with the additon of the transpostion operation to thebasic set. For example to change from ‘metirc’ to ‘metric’requires only a single operation (1 tranposition). Anothermeasure is the Jaro-Winkler distance [19] which is a similarityscore between two strings and is used in record linkage forduplicate detection. A normalized value of one represents anexact match while zero represents disimilarity. This distancemetric has been found be best suited for short strings such aspeoples name [20].2)
Similarity key techniques have their strengths in that astring is mapped to a code consisting of its first letterfollowed by a sequence of three digits, which is samefor all similar strings [21]. The Soundex system(patented by Odell and Russell [16, 21]) is anapplication of such a technique in phonetic spellingcorrection. Letters are grouped according to theirpronouncation e.g. letters “D”, “T", “P” and ‘B’ asthey produce the same sound. SPEEDCOP (SpellingError Detection/Correction Project) is a similar work designed to automatically correct spelling errors byfinding words similar to the mispelled word [22].3)
In rule-based techniques, the knowledge gained fromprevious spelling error patterns is used to constructheuristics that take advantage of this knowledge.Given that many errors occur due to inversion e.g. theletters
ai
being typed as
ia
, then a rule for this errormay be written.4)
The N gram technique is used in natural languageprocessing and genetic sequence analysis [23]. An N-gram is a sub-sequence of
n
items (of any size) from agiven sequence where the items can be letters, wordsor base pairs according to the application. In a typedtext, unigrams are the single aphabets while digrams(2-gram) are combinations of 2 alphabets takentogether.5)
The probabilistic technique as the name suggestsmakes use of probabilities to determine the bestcorrection possible. Once an error is detected,candidate corrections are proposed as differentcharacters are replaced by others using at most oneoperation. The one having the maximum likelihood ischosen as the best candidate for the typographicalerror.6)
Neural networks have also been applied as spellingcorrectors due to their ability to do associative recallbased on incomplete and noisy data. They are trainedon the spelling errors themselves and once such ascenario is presented they can make the correctinference.
C.
Classifier used
Keyboard characteristics are rich in cognitive qualities andas personal identifiers they have been the concern of a numberof researchers. The papers surveyed demonstrate a number of approaches that have been used to find adequate keystrokedynamics with a convenient performance to make it practicallyfeasible. Most research efforts related to this type of authentication have focused on improving classifier accuracy[24]. Chronologically it kicked off with statistical classifiermore particularly with the T test by Gaines et al [25]. Now thetrend is towards the computer extensive neural network variants. Delving into the details of each approach and findingthe best classifier to use is well beyond the scope of thisproject. Our aim is to use one which will measure the similaritybetween an input keystroke-timing pattern and a referencemodel of the legitimate user’s keystroke dynamics. For thatpurpose the simple multiple layer perceptron (MLP) with back propagation (BP) used in a previous work was once againconsidered. A thorough mathematical analysis of the model ispresented in the work [26]. It provide details about the why andhow of this model.The transfer function used in the neuralnetwork was the sigmoid function with ten enrollments forbuilding each users template.III.
A
NALYSIS
The particularity of passwords/secret codes make that theyhave no specific sound and are independent of any languageand may even involve numbers or special characters. Similaritytechnique is therefore not appropriate as it is based onphonetics and it has limited numbers of possibilities. Moreoverwith one character and 3 digits for each code there will befrequent collisions as only one thousand combinations exist.Similarly neural network which focuses on the rules of thelanguage for correcting spelling errors turns out to be verycomplex and inappropriate for such a scenario. A rule basedscheme would imply a database of possible errors to be built.Users will have to type a long list of related passwords and bestresults would be obtained only when the user is making thesame errror repeatedly. The probabilistic technique uses themaximum likelihood to determine the best correction. Theprobabilities are calculated from a number of words derive byapplying a simple editing operation on the keyed text. Ourwork involves using only the secret code as the target and theentered text as the input, so only one calculated value ispossible, making this scheme useless.The N-gram technique and the minimum edit distancetechnique being language and character independent arerepresentative of actual password and were considered for this
21http://sites.google.com/site/ijcsis/ISSN 1947-5500
Search History:
Result 00 of 00
00 results for result for
p.
Minimizing the number of retry attempts in keystroke dynamics through inclusion of error correcting schemes
One of the most challenging tasks, facing the security expert, remains the correct authentication of human beings. Throughout the evolution of time, this has remained crucial to the fabric of our society. We recognize our friends/enemies…
(More)
365
Reads
1
Readcasts
1
Embed Views
Get Scribd Mobile
To get Scribd mobile enter your number and we'll send you a link to the Scribd app for iPhone & Android.We've sent a link to the Scribd app. If you didn't receive it, try again.
We'll never share your phone number.
More From This User
Notes
Load more
