computers & security 28 (2009) 85–93
available at www.sciencedirect.com
journal homepage: www.elsevier.com/locate/cose
Keystroke dynamics-based authentication for mobile devices
Seong-seob Hwang, Sungzoon Cho*, Sunghoon Park
Seoul National University, 599 Gwanangno, Gwanak-gu, Seoul 151-742, Republic of Korea
Article history: Received 26 November 2007 Received in revised form 2 June 2008 Accepted 29 October 2008 Keywords: Mobile device Keystroke dynamics Artiﬁcial rhythms Tempo cues Biometrics User authentication
Recently, mobile devices are used in ﬁnancial applications such as banking and stock trading. However, unlike desktops and notebook computers, a 4-digit personal identiﬁcation number (PIN) is often adopted as the only security mechanism for mobile devices. Because of their limited length, PINs are vulnerable to shoulder surﬁng and systematic trial-and-error attacks. This paper reports the effectiveness of user authentication using keystroke dynamics-based authentication (KDA) on mobile devices. We found that a KDA system can be effective for mobile devices in terms of authentication accuracy. Use of artiﬁcial rhythms leads to even better authentication performance. ª 2008 Elsevier Ltd. All rights reserved.
Use of mobile devices is diversiﬁed more and more (Chen et al., 2008). Cell phones and personal digital assistants (PDA) are used for banking and stock trading nowadays. However, there are three reasons why security of mobile devices has a lot to be desired. First a PIN comprises only four digits, thus, the number of candidate passwords is limited to only 10,000 (from 0000 to 9999). It is much easier for a potential impostor to acquire the password by shoulder surﬁng and systematic trial-and-error attacks. Second, mobile devices may be easily lost or stolen because of their small sizes. For example, more than one million mobile phones are stolen in Europe for a typical year (Kowalski and Goldstein, 2006). Third, we tend to lend mobile phones easily to other people, thus they are exposed to a higher risk of surreptitious use. Recently, biometrics has been proposed to improve the security of mobile devices. The term ‘‘biometrics’’ is deﬁned
by International Biometric Group as ‘‘the automated use of physiological or behavioral characteristics to determine or verify identity.’’ Physiological biometrics relies upon a physical attribute such as a ﬁngerprint, a face and an iris, whereas behavioral approaches utilize some characteristic behavior, such as the way we speak or sign our name (Clarke and Furnell, 2005). Clarke and Furnell (2007a) concluded that the twofactor authentication, combining PIN code and biometrics, improves the overall reliability of authentication. Keystroke dynamics-based authentication (KDA) is one of biometrics-based authentication methods, motivated by the observation that a user’s keystroke patterns are consistent and distinct from those of other users. When implemented for mobile devices, KDA has the following advantages over other biometrics-based methods. First, most biometrics-based methods require an extra device, e.g. a ﬁnger-scanner or an iris-scanner (Clarke and Furnell, 2005), which restricts mobility as well as increases cost. On the other hand, KDA
* Corresponding author. Tel.: þ82 2 880 6275; fax: þ82 2 889 8560. E-mail addresses: email@example.com (S.-s. Hwang), firstname.lastname@example.org (S. Cho), email@example.com (S. Park). 0167-4048/$ – see front matter ª 2008 Elsevier Ltd. All rights reserved. doi:10.1016/j.cose.2008.10.002
computers & security 28 (2009) 85–93
requires no additional device. Second, users tend to be reluctant to provide their ﬁngerprints or irises. On the other hand, a user always has to type his or her password to log in, so collecting keystroke patterns can be done without causing any extra inconvenience to the user. Third, a scanned ﬁngerprint or iris requires a large volume of memory, a higher computing power and communication bandwidth than keystroke timing vectors. The efﬁciency of KDA is particularly important in mobile environment which tends to have a smaller memory, a lower computing power and slower wireless Internet than a PC on the wired Internet. Behavioral attributes are more subject to deviation from norms than physical ones. A high variability leads to a high authentication error. The variability is a measure of data quality. Another measure of data quality is how unique the typing patterns are. The more unique, the less likely the patterns are similarly replicated by impostors. Recently, artiﬁcial rhythms and tempo cues were proposed to improve the quality of typing patterns: uniqueness and consistency in particular (Cho and Hwang, 2006). Improving the data quality by decreasing variability and increasing uniqueness helps us alleviate the weakness of a short PIN. In this paper, we propose KDA with artiﬁcial rhythms and tempo cues for mobile user authentication. To compare between ‘‘Natural Rhythm without Cue’’ and ‘‘Artiﬁcial Rhythms with Cues,’’ we completed the following tasks. First, we implemented KDA system on a mobile phone which is connected to a remote server through a wireless network. The novelty detector classiﬁer was built since only valid users’ patterns are available in practice. Second, subjects were asked to perform enrollment, login, and even intrusion to other subjects’ accounts. Whenever a subject types his or her password, the typing pattern is collected, sent to a server and stored. Third, a comparative analysis was conducted to verify the superiority of artiﬁcial rhythms and cues over natural rhythms without cues. We also tested hypotheses to compare the performance involving different typing strategies. The organization of this paper is as follows. The following section introduces keystroke dynamics-based authentication for mobile devices and describes our methods to improve the quality of typing patterns. Section 3 presents the data collected and experimental results. Finally, conclusions and a list of future work are discussed in Section 4.
Fig. 1 – A keystroke pattern is transformed into a timing vector when a user types a string ‘‘5805.’’ The duration and interval times are measured by milliseconds.
2. Keystroke dynamics-based authentication for mobile devices
2.1. Keystroke dynamics-based authentication (KDA)
The password-based authentication is the most commonly used in identity veriﬁcation. However, it becomes vulnerable when the password is stolen. Keystroke dynamics-based authentication was proposed to provide additional security (Gaines et al., 1980; Umphress and Williams, 1985). Keystroke dynamics-based authentication (KDA) is to verify a user’s identity using not only the password but also keystroke dynamics. For example, a keystroke pattern is transformed into a timing vector when a user types a string ‘‘5805’’ as illustrated in Fig. 1. The duration and interval times are
measured by milliseconds. A user can get access only if his timing vector is similar enough to those already registered in the server. Thus, he or she can only get access if the password is typed with the correct rhythm. Three steps are involved in KDA as illustrated in Fig. 2. First, a user enrolls his/her keystroke patterns. A keystroke pattern is deﬁned as depicted in Fig. 1. A password of m characters is transformed into a (2m À 1)-dimensional timing vector. A ‘‘duration’’ denotes a time period during which a key is pressed while an ‘‘interval’’ is a time period between releasing a key and stroking the next key. Second, a classiﬁer is built using the keystroke patterns. The classiﬁer, in a sense, is a prototype of the valid user patterns. Third, when a new keystroke pattern is given, one will reject it as an impostor pattern if the distance between the prototype and the pattern is greater than some threshold, or accept it as the valid user’s pattern otherwise. KDA can help us improve security for various services involving mobile devices (Hwang et al., 2007). Even when an impostor obtains both PIN and the mobile device, KDA can still prevent him from logging in through the strengthened authentication process. Recently, Clarke and Furnell (2005, 2007a,b) studied user identiﬁcation using KDA on mobile devices. They utilized the keystroke of 11-digit telephone numbers and text messages as well as 4-digit PINs to classify users. Their identiﬁcation models were based on feed forward multi-layer perceptron (FF-MLP), radial basis function (RBF) networks, and generalized regression neural networks (GRNNs). Our approach is different from that of Clarke and Furnell (2005, 2007a,b) in the following aspects. First, they built a classiﬁer using impostors’ patterns as well as the valid user’s patterns. In reality, however, impostors’ patterns are not available unless the password be disclosed to potential impostors and their patterns are collected. Rather, we employed novelty detection framework where only the valid user’s patterns are used for training. Second, each user in their experiments enrolled 30 typing patterns. In practice, users would not endure such a long enrollment procedure. Moreover, the typing speed on mobile devices is much slower than that on a local PC. In our study, we collected only ﬁve patterns from each user for enrollment. We compensated the reduced data quantity with improved data quality through use of artiﬁcial rhythms and cues strategy. Third, they utilized various patterns such as 4-digit PINs, 11-digit telephone numbers, and text messages while we focused only on 4-digit PIN since PIN has been ﬁxed to four digits for decades. Fourth, their subjects used an SW interface developed on a laptop while our subjects used a real mobile phone, which is a third
computers & security 28 (2009) 85–93
Fig. 2 – Three steps of KDA framework: enrollment, classiﬁer building, and user authentication.
generation synchronized IMT-2000 (CDMA2000 1xEV-DO) (Qualcomm).
Improving data quality
One way to cope with the lack of data quantity is to improve data quality. Data quality in KDA can be measured in terms of uniqueness, consistency, and discriminability (Cho and Hwang, 2006). Uniqueness is concerned with how different a valid user’s typing patterns used to build a classiﬁer are from those of potential impostors’. Also, consistency is concerned with how similar a valid user’s access typing patterns are to his enroll typing patterns. Finally, discriminability is concerned with how well access typing patterns and impostor typing patterns could be separated. The deﬁnition of discriminability implies that two possible approaches exist to improve discriminability. The ﬁrst is to improve uniqueness, and the second is to improve consistency. As one way to improve uniqueness, it has been proposed to type a password with artiﬁcial rhythms reproducible by the valid user only (Cho and Hwang, 2006). Table 1 represents various artiﬁcial rhythms to increase typing uniqueness. In this paper, pauses are selected among various artiﬁcial rhythms since they are simple and easy to control. A user inserted a number of intervals where deemed necessary to make the timing vector unique. As shown in Fig. 3, ‘‘5805’’ can be typed as ‘‘5_ _ _80_ _5’’ with a three beat long pause between ‘5’ and ‘8’, and another two beat long pause between ‘0’ and ‘5.’ There are many combinations of inserting pauses in terms of
the positions and lengths of pauses. The more combinations there are, the harder an impostor can guess it correctly. In order to prevent pauses from being inconsistent, tempo cues are provided (Cho and Hwang, 2006). Tempo cues (Fig. 6) work like a metronome helping the user keep the beat. Given the tempo beat, the user only needs to remember the number of beats for each pause. Usually, they can be provided in three modes: auditory, visual, and audio-visual. In addition, users are allowed to choose the tempo of the cue. It has another advantage of improving uniqueness since only the valid user knows the tempo. Fig. 3 presents the timing vectors of password ‘‘5805’’ from strategies ‘‘Natural Rhythm without Cue’’ (Fig. 3a) and ‘‘Artiﬁcial Rhythms with Cues’’ (Fig. 3b). The dotted lines represent the enroll patterns, x, while the solid line represents the prototype, m. Note that the timing vectors depicted in Fig. 3 were normalized, or divided by the two-norm. When comparing timing vectors between strategies, there are differences in terms of both uniqueness and consistency. First, observe the intervals between ‘5’ and ‘8’ from ‘‘Artiﬁcial Rhythms with Cues’’ are very large compared to those from ‘‘Natural Rhythm without Cue.’’ An impostor’s pattern would be more similar to those from ‘‘Natural Rhythm without Cue’’ and it is highly likely to be distinct from those from ‘‘Artiﬁcial Rhythms with Cues.’’ Same can be said for intervals between ‘0’ and ‘5.’ Thus, long intervals improve uniqueness of a user’s patterns. Second, observe that the differences between the enroll patterns and the prototype are smaller from ‘‘Artiﬁcial Rhythms with Cues’’ than from ‘‘Natural Rhythm without
Table 1 – Various artiﬁcial rhythms. Artiﬁcial Rhythms
Pauses Musical rhythm Staccato Legato Slow tempo
Flexible Consistent, Easy to remember Consistent Consistent Flexible
Inconsistent when long Rhythmical sense required Limited Limited, Exact duration Inconsistent
Use of cues
Use of cues Use of cues
computers & security 28 (2009) 85–93
Fig. 3 – Timing vectors of a password ‘‘5805.’’
Cue.’’ Tempo cues improved the consistency of the patterns from ‘‘Artiﬁcial Rhythms with Cues.’’
The experiments were performed on the third generation synchronized IMT-2000 cellular system (CDMA2000 1xEV-DO) (Qualcomm). The mobile device used is SAMSUNG SCH-V740 (Korean model number; Samsung Electronics website) as shown in Fig. 4. The software authentication module was implemented in WIPI (wireless Internet platform for interoperability), developed by the Mobile Platform Special Subcommittee of the Korea Wireless Internet Standardization Forum (KWISF). These are standard speciﬁcations necessary for providing an environment for mounting and implementing applications downloaded via the wireless Internet on the mobile communication terminal. For more details, see the WIPI website. Any user authentication including KDA has two types of error, i.e. false acceptance rate (FAR) and false rejection rate (FRR) (Golarelli et al., 1997). One type of error can be reduced at the expense of the other by varying a threshold. Thus, in order to avoid effects of arbitrary threshold selection, the models were compared in terms of the equal error rate (EER) where
the FRR and the FAR are equal. In practice, a threshold has to be decided empirically. For a more detailed discussion of proper threshold selection, see Fawcett (2006). Without KDA, an impostor could login as a valid user if he knows the password, FAR ¼ 100% results. On the other hand, the valid user will always be able to log in, which corresponds to FRR ¼ 0%, i.e., FAR ¼ 100% and FRR ¼ 0%.
A total of 25 users aged from 22 to 33 (the average is 25.3) participated in our experiment in July 2006. In the experiment, a 4-digit numeric PIN was used. Two strategies were employed: ‘‘Natural Rhythm without Cue’’ and ‘‘Artiﬁcial Rhythms with Cues.’’ The same password for each user was used in both strategies. Each user enrolled ﬁve typing patterns for each strategy. After enrollment, each user made 30 login attempts using each strategy. Users were also given passwords of other users and told to act as ‘‘impostor’’ to those passwords, i.e., typing it twice each. Since there are 24 ‘‘other’’ users, each user typed passwords 48 times. In summary, for
Fig. 4 – Mobile phone used in the experiment: SAMSUNG SCH-V740.
computers & security 28 (2009) 85–93
Fig. 5 – User interface for a virtual stock exchange.
each password, we collected ﬁve enroll typing patterns, 30 legitimate access typing patterns, and 48 impostor typing patterns. The data above were collected from a scenario involving a virtual stock exchange (Fig. 5). A user designs one’s own artiﬁcial rhythm (Fig. 3) and chooses the type of tempo cues (Fig. 6). The tempo of the cue was ﬁxed to 500 ms for convenience. All users were asked the reason why a particular password was chosen (Table 2). There are three different kinds of reasons (see the fourth column of Table 2) for selecting a password. First, familiar numbers were chosen such as favorite combination, birth date, or telephone number. Second, numbers that are easy to remember were selected. For instance, both users 09 and 19 chose ‘‘2580’’ because that is an ‘‘easy’’ number for them although with different reasons. The number keys used in ‘‘2580’’ are located in the middle column of a keypad on the mobile phone, so it is easy to type. ‘‘2580’’ is also the title of a very popular TV investigative show in Korea, similar to ‘‘60 Minutes’’ in the US. Thus, it is easy to remember. Third, certain passwords were chosen for no particular reason at all. Of all users, 44% indicated ‘‘Familiarity,’’ and 32% indicated ‘‘Ease,’’ while only 24% indicated ‘‘Randomness.’’ This clearly suggests that introduction of artiﬁcial rhythms and tempo cues could enhance security. A PIN has been ﬁxed to 4-digits for decades and the number of
candidate passwords used for the mobile handset is only 10,000 (from 0000 to 9999). It is not difﬁcult to guess a PIN because an impostor might know the owner’s birth date or telephone number, and a PIN easy for one person to type would be also easy for another to type. For ‘‘Typing Hands,’’ (see the ﬁfth column of Table 2), 68% indicated ‘‘both hands’’ while 32% indicated ‘‘one hand.’’ This implies that each user might have a particular way to type on a mobile device as on a keyboard.
We introduced artiﬁcial rhythms and cues to improve data quality. Thus, we have to show from experiments that the quality actually improved. Hwang et al. (submitted for publication) showed that typing patterns from ‘‘Artiﬁcial Rhythms with Cues’’ were signiﬁcantly more unique and consistent than those patterns from ‘‘Natural Rhythm without Cue.’’ Thus, we instead here show that the authentication accuracy improves. Table 3 presents the authentication results from two strategies ‘‘Natural Rhythm without Cue’’ and ‘‘Artiﬁcial Rhythms with Cues.’’ Out of 25 users, 19 users’ EER decreased 19% on average while six users’ EER increased 4% on average. Four users’ EER decreased to zero. Especially, the EERs of user 03 and 14 were dramatically decreased, both from 40% to 0%
computers & security 28 (2009) 85–93
Table 2 – User passwords and answers to questionnaire (R [ randomness, F [ familiarity, E [ ease). User Age Password Selection reason Use of Elapsed time hand(s) (natural rhythm) (ms)
Both Both Both Both One hand Both Both Both One hand One hand One hand Both One hand Both Both Both Both One hand Both One hand Both One hand Both Both Both 1163 832 1408 1017 897 921 812 1442 1013 1755 1069 671 1357 1276 1222 794 2151 792 906 870 675 1105 1020 739 632
01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
23 24 23 23 28 23 30 25 24 28 24 22 25 27 23 24 24 23 28 23 33 25 27 30 24
1223 3143 0083 1472 7118 7265 2385 5805 2580 3784 3579 1379 0822 4569 0203 1004 5472 3887 2580 2220 1133 1258 5262 1125 0305
R R F (favorite #) F (favorite #) F (phone #) þ E R F (phone #) F (phone #) F (favorite #) þ E R F (a sequence of odd #) E R R F (birth date) R R F (privacy) E E E F (phone #) E E F (birth date)
Fig. 6 – Various tempo cues.
and 34% to 0%, respectively. The overall EER decreased from 13% to 4% by using ‘‘Artiﬁcial Rhythms with Cues.’’ Fig. 7 shows a detailed picture of what really happened. First, note that the classiﬁer in our study is a very simple distance based one. A prototype of a user’ enroll patterns is calculated and stored. When a new keystroke pattern is presented, the distance between the pattern and the prototype is computed. If it is small enough, access is granted. If not, it is not granted. In order to gain good authentication performance, three conditions have to be met. First, enroll patterns have to be consistent, or the ‘‘enroll distances’’ between the prototype and the enroll patterns have to be small. Second, login patterns have to be close to the enroll prototype, or the ‘‘login distances’’ between the enroll prototype and the login patterns have to be small. Third, enroll patterns have to be unique, or the ‘‘impostor distances’’ between the enroll prototype and impostor patterns have to be large better. User 03 reduced EER dramatically through use of ‘‘Artiﬁcial Rhythms and Cues.’’ Thus, we show in Fig. 7 the cumulative distributions of the three kinds of distances, ‘‘enroll,’’ ‘‘login,’’ and ‘‘impostor.’’ In (a), login distances (black) are larger than enroll distances (blue), which means the user’s login patterns are somewhat different from the enrolled patterns. The real reason for user 3’s large error comes from the fact that impostor distances are not large (red). Now see how these
three lines change in (b). Both login and enroll distances are very small while impostor distances are quite large. This separation of login distances from impostor distances accounts for perfect discrimination between legitimate user and impostors. Recently, Hwang et al. (submitted for publication) found that artiﬁcial rhythms and cues were particularly useful to
Table 3 – The equal error rate (%) from two strategies. User Natural Artiﬁcial Rhythm Rhythm without with Cue Cues
14 0 40 15 0 16 4 18 6 5 18 0 23 34 0 3 0 2 4 3 0 2 3 3 3 7 8 0
Natural Artiﬁcial Rhythms Rhythms without with Cue Cues
18 6 8 6 30 4 12 28 8 21 1 13 0 40 4 3 11 4 3 3 15 8 4 2 3 4 0 15
User User User User User User User User User User User User User User
01 02 03 04 05 06 07 08 09 10 11 12 13 14
User 15 User 16 User 17 User 18 User 19 User 20 User 21 User 22 User 23 User 24 User 25 Average Min Max
computers & security 28 (2009) 85–93
Table 5 – The average EERs (%) with respect to the properties involving ‘‘Password Selection Reason’’ and ‘‘Typing Hands.’’ Section Natural Artiﬁcial Frequency Rhythm Rhythms without with Cues Cue
Familiarity Ease Randomness One hand Both hands 14 10 13 11 14 3 5 4 4 4 11/25 8/25 8/25 8/25 17/25
Password Selection Reason One hand vs. both hands
Fig. 7 – Cumulative distributions of ‘‘enroll’’ (black), ‘‘login’’ (blue), and ‘‘impostor’’ (red) distances when (a) ‘‘Natural Rhythm without Cue’’ and (b) ‘‘Artiﬁcial Rhythms with Cues’’ strategies were employed, respectively.
poor typists in desktop keyboard environment. We now investigate if this is also true in mobile device environment. We call a user as a ‘‘poor typist’’ if his average elapsed time with ‘‘Natural Rhythm without Cue’’ is greater than 1 s or as a ‘‘good typist’’ otherwise. We identiﬁed 13 poor typists out of 25 users. The average EERs with respect to typing ability are shown in Table 4. For the good typists, the average EER from ‘‘Natural Rhythm without Cue’’ was 8% while that from ‘‘Artiﬁcial Rhythms with Cues’’ was 4%. On the other hand, for the bad typists, the average EER from ‘‘Natural Rhythm without Cue’’ was 18% while that from ‘‘Artiﬁcial Rhythms with Cues’’ was 4%. Although the poor typists yielded much higher error rates when ‘‘Natural Rhythm without Cue’’ was used, they became comparable to the good typists when ‘‘Artiﬁcial Rhythms with Cues’’ was used. Clearly, artiﬁcial rhythms and cues are particularly beneﬁcial to the users with a poor typing ability in mobile user authentication. Table 5 compares the average EERs for different password selection reasons and ‘‘Typing Hands.’’ For ‘‘Password Selection Reason,’’ the average EER of ‘‘Ease’’ was the lowest from ‘‘Natural Rhythm without Cue.’’ However, there was little difference among password selection reasons. When the users employed ‘‘Artiﬁcial Rhythms with Cues,’’ average EER was less than 5% for all cases. For ‘‘Typing Hands,’’ we observed essentially the same trend. There was little
difference between typing hands. Also, when the users employed ‘‘Artiﬁcial Rhythms with Cues,’’ average EER was less than 5% for all cases. These results are comparable to those reported in Hwang et al. (submitted for publication) where authentication accuracy was greatly improved with a PC keyboard by employing ‘‘Artiﬁcial Rhythms and Cues.’’ We tested hypotheses to compare the performance involving different passwords and different typing strategies. Speciﬁc hypotheses and p-values are summarized in Table 6. Only the 1st H1 hypothesis was accepted with p-value of 0.0002 while all the others were rejected. The results indicate that the EERs using ‘‘Artiﬁcial Rhythms and Cues’’ clearly decreased compared to that using ‘‘Natural Rhythm without Cue.’’ We concluded that the effect of either ‘‘Password Selection Reason’’ or ‘‘Typing Hands’’ was negligible on the
Table 6 – Hypotheses and p-values involving password and typing hand(s). Hypothesis
The average EER involving ‘‘Artiﬁcial Rhythms with Cues’’ is lower than that involving ‘‘Natural Rhythm without Cue.’’ For natural rhythms, the average EER of ‘‘Ease’’ is lower than that of ‘‘Familiarity.’’ For natural rhythms, the average EER of ‘‘Ease’’ is lower than that of ‘‘Randomness.’’ For natural rhythms, the average EER of ‘‘Familiarity’’ is lower than that of ‘‘Randomness.’’ For artiﬁcial rhythms, the average EER of ‘‘Ease’’ is lower than that of ‘‘Familiarity.’’ For artiﬁcial rhythms, the average EER of ‘‘Ease’’ is lower than that of ‘‘Randomness.’’ For artiﬁcial rhythms, the average EER of ‘‘Familiarity’’ is lower than that of ‘‘Randomness.’’ For ‘‘Typing Hand(s),’’ ‘‘Artiﬁcial Rhythms with Cues’’ are beneﬁcial to users who typed using both hands.
Table 4 – The average EER(%) for different typing ability and strategy. Natural Rhythm without Cue
Good typists Poor typists 8 18
Artiﬁcial Rhythms with Cues
A bold ﬁgure indicates an accepted hypothesis.
computers & security 28 (2009) 85–93
Table 7 – Comparing the performance with related works. Input string
Clarke and Furnell (2005, 2007a,b) Hwang et al. (2007) 4-Digit PIN 11-Digit number 6-Digit text msg. 4-Digit PINs 4-Digit PINs
Inter-keystroke latency Inter-keystroke latency Inter-keystroke latency Duration and interval Duration and interval
Artiﬁcial Rhythms with Cues
No No No No Yes
No. of patterns for training (or validation)
30 30 30 5 5
9–16 5–13 15–21 13 4
authentication. It was found from the results that the use of ‘‘Artiﬁcial Rhythms with Cues’’ improves the accuracy for user authentication. Table 7 compares the performance with related works. The experiments of Clarke and Furnell (2005, 2007a,b) involving 4digit PINs resulted in EERs ranging from 9% to 16%. When the users adopted the ‘‘Natural Rhythm without Cue,’’ we obtained the EER of 13%, which is similar to the ones from Clarke and Furnell. When they employed ‘‘Artiﬁcial Rhythms with Cues,’’ however, we found that the error was reduced to 3%. Given the very small number of patterns for training (or validation), we found that ‘‘Artiﬁcial Rhythms with Cues’’ did improve authentication accuracies signiﬁcantly.
Discussion and conclusions
For decades, the mobile environment has stabilized with stunning speed. Accordingly use of mobile devices, such as cell phones and personal digital assistants (PDAs), is diversiﬁed. However, PINs are still adopted as the only security mechanism for those mobile devices. Because of their limited length and alphabet, PINs are susceptible to shoulder surﬁng and systematic trial-and-error attacks. This paper investigated the effectiveness of user authentication using keystroke dynamics-based authentication (KDA) on mobile devices. In particular, we utilized artiﬁcial rhythms and tempo cues to overcome problems resulting from short PIN length. Through the experiments involving human subjects, we found that the proposed strategy reduced the error from 13% to 4%. A few limitations and future directions need to be addressed. First, comparison research for various mobile devices is needed to enhance the usability of KDA. Second, we have to apply to a more diverse group of users. Although most people make use of mobile devices, various usage-patterns may exist. Third, we measured performance in terms of EER. Thus, the error rates presented in the paper should be taken only as a reference. In practice, depending on applications, FAR may be more important than FRR or vice versa. The issue could be addressed by proper threshold selection.
This work was supported by grant no. R01-2005-000-1039000 from Basic Research Program of the Korea Science and Engineering Foundation, the Brain Korea 21 program in 2006 and partially supported by Engineering Research Institute of SNU.
Chen GD, Chang CK, Wang CY. Ubiquitous learning website: scaffold learners by mobile devices with information-aware techniques. Computers & Education 2008;50(1):77–90. Cho S, Hwang S. Artiﬁcial rhythms and cues for keystroke dynamics-based authentication. Lecture Notes in Computer Science (LNCS) 2006;3832:626–32. Clarke N, Furnell S. Authentication of users on mobile telephones – a survey of attitudes and practices. Computers & Security 2005;24(7):519–27. Clarke N, Furnell S. Advanced user authentication for mobile devices. Computers & Security 2007a;26(2):109–19. Clarke N, Furnell S. Authenticating mobile phone users using keystroke analysis. International Journal of Information Security 2007b;6(1):1–14. Fawcett T. An introduction to ROC analysis. Pattern Recognition Letters 2006;27(8):861–74. Gaines R, Lisowski W, Press S, Shapiro N. Authentication by keystroke timing: some preliminary results. Rand Report R-256-NSF. Rand Corporation; 1980. Golarelli M, Maio D, Maltoni D. On the error reject trade-off in biometric veriﬁcation systems. IEEE Transactions on Pattern Analysis and Machine Intelligence 1997;19(7):786–96. Hwang S, Cho S, Park S. Mobile User authentication using keystroke dynamics analysis. In: Proceedings of the Korean Operations Research and Management Science Society (KORMS) conference, Seoul, Korea, 17 November, 2007; 2007a, p. 652–655. Hwang S, Lee H, Cho S. Improving authentication accuracy using artiﬁcial rhythms and cues for keystroke dynamics-based authentication, submitted for publication. International Biometric Group. How is biometrics deﬁned? http:// www.biometricgroup.com/reports/public/reports/biometric_ deﬁnition.html. Kowalski S, Goldstein M. Consumers awareness of, attitudes towards and adoption of mobile phone security. In: 20th international symposium on human factors in telecommunication, Sophia-Antipolis, France, 20–23 March 2006. Qualcomm. CDMA2000 1xEV-DO overview. Available from: http:// www.cdmatech.com/download_library/pdf/QCOM_1xEV-DO. pdf. SAMSUNG Electronics website. http://www.samsung.com. Umphress D, Williams G. Identity veriﬁcation through keyboard characteristics. International Journal of Man Machine Studies 1985;23:263–73. WIPI website. http://www.wipi.or.kr/English/index.html.
Seong-seob Hwang is currently a PhD candidate in the Department of Industrial Engineering, Seoul National University, Korea. Before entering graduate school, He worked as a system engineer at SAMSUNG SDS. His research interests
computers & security 28 (2009) 85–93
include data applications.
journals and proceedings. He also holds a US patent and a Korean patent concerned with keystroke-based user authentication. Sunghoon Park received BS of Computer Science in 2005, and is currently a PhD candidate in the Department of Industrial Engineering, College of Engineering, Seoul National University, Korea. His research interests include ﬁnancial engineering and marketing applications.
Sungzoon Cho is a professor in the Department of Industrial Engineering, College of Engineering, Seoul National University, Korea. His research interests are neural network, pattern recognition, data mining, and their applications in various areas such as response modeling and keystroke-based authentication. He published over 100 papers in various