You are on page 1of 7

(IJCSIS) International Journal of Computer Science and Information Security

,
Vol. 8, No. 7, October 2010

Minimizing the number of retry attempts in keystroke
dynamics through inclusion of error correcting
schemes.
Pavaday Narainsamy, Student member IEEE Professor K.M.S.Soyjaudah
Computer Science Department, Member IEEE
Faculty of Engineering Faculty of Engineering
University Of Mauritius University of Mauritius
n.pavaday@uom.ac.mu

Abstract— One of the most challenging tasks, facing the security symbols. Because of these stringent requirements, users adopt
expert, remains the correct authentication of human beings. unsafe practices such as recording it close to the authentication
Throughout the evolution of time, this has remained crucial to device, apply same passwords on all accounts or share it with
the fabric of our society. We recognize our friends/enemies by inmates.
their voice on the phones, by their signature/ writing on a paper,
by their face when we encounter them. Police identify thieves by To reduce the number of security incidents making the
their fingerprint, dead corpse by their dental records and culprits headlines, inclusion of the information contained in the
by their deoxyribonucleic acid (DNA) among others. Nowadays “actions” category has been proposed [4, 5]. An intruder will
with digital devices fully embedded into daily activities, non then have to obtain the password of the user and mimick the
refutable person identification has taken large scale dimensions. typing patterns before being granted access to system
It is used in diverse business sectors including health care, resources.
finance, aviation, communication among others. In this paper we
investigate the application of correction schemes to the most The handwritten signature has its parallel on the keyboard
commonly encountered form of authentication, that is, the in that the same neuro-physiological factors that account for its
knowledge based scheme, when the latter is enhanced with typing uniqueness are also present in a typing pattern as detected in
rhythms. The preliminary results obtained using this concept in the latencies between two consecutive keystrokes. Keystroke
alleviating the retry and account lock problems are detailed. dynamics is also a behavioural biometric that is acquired over
time. It measures the manner and the rhythm with which a user
Keywords-Passwords, Authentication, Keystroke dynamics, types characters on the keyboard. The complexity of the hand
errors, N- gram, Minimum edit distance. and its environment make both typed and written signatures
highly characteristics and difficult to imitate. On the computer,
I. INTRODUCTION it has the advantage of not requiring any additional and costly
equipment. From the measured features, the dwell time and
Although a number of authentication methods exist, the
flight times are extracted to represent a computer user. The
knowledge based scheme has remained the de-facto standard
"dwell time" is the amount of time you hold down a particular
and is likely to remain so for a number years due to its
key while "flight time" is the amount of time it takes to move
simplicity, ease of use, implementation and its acceptance. Its
between keys. A number of commercial products using such
precision can be adjusted by enforcing password-structure
schemes already exist on the market [6, 7] while a number of
policies or by changing encryption algorithms to achieve
others have been rumored to be ready for release.
desired security level. Passwords represent a cheap and
scalable way of validating users, both locally and remotely, to Our survey of published work has shown that such
all sorts of services [1, 2]. Unfortunately they inherently suffer implementations have one major constraint in that the typist
deficiencies reflecting from a difficult compromise between should not make use of correction keys when keying in the
security and memorability. required password. We should acknowledge that errors are
common in a number of instances and for a number of reasons.
On one hand it should be easy to remember and provide
Even when one knows how to write the word, ones fingers may
swift authentication. On the other for security purposes it
have slipped or one may be typing too fast or pressing keys
should be difficult to guess, composed of a special combination
simultaneously. In brief whatever be the skills and keyboarding
of characters, changed from time to time, and unique to each
techniques used, we do make mistakes, hence the provision for
account [3]. The larger number and more variability in the set
correction keys on all keyboards. Nowadays, typical of word
of characters used, the higher is the security provided as it
processing softwares, automatic modification based on stored
becomes difficult to violate. However such combinations tend
dictionary words can be applied particularly for long sentences.
to be difficult for end users to remember, particularly when the
Unfortunately with textual passwords, the text entered is
password does not spell a recognizable word (or includes non-
displayed as a string of asterisks and the user cannot spot the
alphanumeric characters such as punctuation marks or other

19 http://sites.google.com/site/ijcsis/
ISSN 1947-5500
(IJCSIS) International Journal of Computer Science and Information Security,
Vol. 8, No. 7, October 2010
mistake and does make a false login attempt when pressing the keyboard used in a number of applications. Other variants exist
enter key. After three such attempts the account is locked and in “AZERTY” used mainly by French or “QWERTZ” used by
has to be cleared out by the system administrator. Collected Germans. Different keyboarding techniques are adopted by
figures reveal that between 25% and 50% of help desk calls users for feeding data to the device, namely the (i) Hunt and
relate to such problems [8]. Peck (ii) Touch typing and (iii) Buffering. More information
on these can be found in [11]. The first interaction with a
Asking the user to input his/her logon credentials all over keyboard is usually the Hunt and Peck type as the user has to
again instead of using correction keys, clearly demonstrate that search for the key before hiting on it. Experienced users are
inclusion of keystroke dynamics does not seamlessly integrate considered to be the touch type with a large number of keys
password mechanism.This can be annoying and stressful for being struck per minute.
users and will impede on acceptance of the enhanced password
mechanism.Moreover this will reduce the probability of the Typographic errors are due to mechanical failure or slip of
typist correctly matching his enrolled template and hence make the hand or finger, but exclude errors of ignorance. Most
another false attempt at login in. In this project we investigate involve simple duplication, omission, transposition, or
the use of correcting schemes to improve on this limitation and substitution of a small number of characters. The typographic
in the long run reduce the number of requests for unlocking errors for single words have been classified as shown in Table
account password as encountered by system administrators. 1 below.
Following this short brief on keystroke dynamics, we’ll
dwell on the challenges involved in incorporating error TABLE I. Occurrence of errors in typed text [ 13 ]
correcting techniques technologies to the enhance password
Errors % of occurrence
mechanism. Our focus will be on a more general approach
rather than checking whether the correction keys have been Substitution 40.2
pressed by the user. A scheme that can be customized to deal
with cases of damaged keys or American keyboard replaced by Insertion 33.2
English keyboard. In section II, we first review the different
correction schemes studied and then the user recognition Deletion 21.4
algorithms to be used before elalorating on an applicable
structure for the proposed work. The experimental results are Transposition 5.2
detailed in section V followed by our conclusions and future
work in the last section of this paper.
In another work, Grudin [14] investigated the distribution
II. BACKGROUND STUDY of errors for expert and novice users based on their speed of
To evaluate a biometric system’s accuracy, the most keying characters. He analysed the error patterns made by six
expert typists and eight novice typists after transcribing
commonly adopted metrics are the false rejection rate (FRR)
magazines articles. There were large individual differences in
and the false acceptance rate (FAR), which correspond to two
both typing speed and types of errors that were made [15].
popular metrics: sensitivity and specificity [9]. FAR
represents the rate at which impostors are accepted in the The expert users had a range from 0.4% to 0.9% with the
system as being genuine users while the FRR represents the majority being insertion errors while for the novice it was 3.2%
rate at which authentic users are rejected in the system as they on average comprising mainly of substitutions ones. These
cannot match their template representation. The response of errors are made when the typist knows how to spell the word
the matching system is a score that quantifies the similarity but may have typed the word hastily. Isolated word error
between the input and the stored representation. Higher score correction includes detecting the error, generating the
indicates more certainty that the two biometric measurements appropriate candidates for correction and ranking the
come from the same person. Increasing the matching score candidates.
threshold increases the FRR with a decrease in FAR. In For this project only errors that occur frequently will be given
practical systems the balance between FAR and FRR dictates attention as illustrated in table 1 above. Once the errors are
the operational point. detected, they will be corrected through the appropriate
correction scheme to enable a legitimate user to log into the
A. Error types system. On the other hand it is primordial that impostors are
Textual passwords are input into systems using denied access even though they have correctly guessed the
keypads/keyboards giving posibilities for typing errors to crop secret code as is normally the case with keystroke dynamics.
in. The main ones are insertion, deletion, substitution and
transposition [10] which amounts to 80 % of all errors B. Error correction
encountered [11] with the remaining ones being the split-word
Spell checkers operate on individual words by comparing each
and run-on. The last two refer to insertion of space in between
of them against the contents of a dictionary. If the word is not
characters and deletion of a space between two words
found it is considered to be in error and an attempt is made to
respectively. Historically, to overcome mechanical problems
suggest a word that was likely to have been intended. Six main
associated with the alphabetical order keyboard, the QWERTY
suggested algorithms for isolated words [16] are listed below.
layout has been proposed [12] and it has become the de-facto

20 http://sites.google.com/site/ijcsis/
ISSN 1947-5500
(IJCSIS) International Journal of Computer Science and Information Security,
Vol. 8, No. 7, October 2010
1) The Levenshtein distance or edit distance is the chosen as the best candidate for the typographical
minimum number of elementary editing operations error.
needed to transform an incorrect string of characters
into the desired word. The Levenshtein distance caters 6) Neural networks have also been applied as spelling
for three kinds of errors, deletion, insertion and correctors due to their ability to do associative recall
substitution. In addition to its use in spell checkers it based on incomplete and noisy data. They are trained
has also been applied in speech recognition, on the spelling errors themselves and once such a
deoxyribonucleic acid (DNA) analysis and plagiarism scenario is presented they can make the correct
detector [17]. As an example, to transform "symmdtr" inference.
to "symmetry" requires a minimum of two operations
which are: C. Classifier used

o symmdtr → symmetr (substitution of 'd' for
Keyboard characteristics are rich in cognitive qualities and
'e')
as personal identifiers they have been the concern of a number
o symmetr → symmetry (insert 'y' at the end). of researchers. The papers surveyed demonstrate a number of
approaches that have been used to find adequate keystroke
Damerau–Levenshtein distance [18] is a variation of the dynamics with a convenient performance to make it practically
above with the additon of the transpostion operation to the feasible. Most research efforts related to this type of
basic set. For example to change from ‘metirc’ to ‘metric’ authentication have focused on improving classifier accuracy
requires only a single operation (1 tranposition). Another [24]. Chronologically it kicked off with statistical classifier
measure is the Jaro-Winkler distance [19] which is a similarity more particularly with the T test by Gaines et al [25]. Now the
score between two strings and is used in record linkage for trend is towards the computer extensive neural network
duplicate detection. A normalized value of one represents an variants. Delving into the details of each approach and finding
exact match while zero represents disimilarity. This distance the best classifier to use is well beyond the scope of this
metric has been found be best suited for short strings such as project. Our aim is to use one which will measure the similarity
peoples name [20]. between an input keystroke-timing pattern and a reference
2) Similarity key techniques have their strengths in that a model of the legitimate user’s keystroke dynamics. For that
string is mapped to a code consisting of its first letter purpose the simple multiple layer perceptron (MLP) with back
followed by a sequence of three digits, which is same propagation (BP) used in a previous work was once again
for all similar strings [21]. The Soundex system considered. A thorough mathematical analysis of the model is
(patented by Odell and Russell [16, 21]) is an presented in the work [26]. It provide details about the why and
application of such a technique in phonetic spelling how of this model.The transfer function used in the neural
correction. Letters are grouped according to their network was the sigmoid function with ten enrollments for
pronouncation e.g. letters “D”, “T", “P” and ‘B’ as building each users template.
they produce the same sound. SPEEDCOP (Spelling
Error Detection/Correction Project) is a similar work III. ANALYSIS
designed to automatically correct spelling errors by
The particularity of passwords/secret codes make that they
finding words similar to the mispelled word [22].
have no specific sound and are independent of any language
3) In rule-based techniques, the knowledge gained from and may even involve numbers or special characters. Similarity
previous spelling error patterns is used to construct technique is therefore not appropriate as it is based on
heuristics that take advantage of this knowledge. phonetics and it has limited numbers of possibilities. Moreover
Given that many errors occur due to inversion e.g. the with one character and 3 digits for each code there will be
letters ai being typed as ia, then a rule for this error frequent collisions as only one thousand combinations exist.
may be written. Similarly neural network which focuses on the rules of the
language for correcting spelling errors turns out to be very
4) The N gram technique is used in natural language complex and inappropriate for such a scenario. A rule based
processing and genetic sequence analysis [23]. An N- scheme would imply a database of possible errors to be built.
gram is a sub-sequence of n items (of any size) from a Users will have to type a long list of related passwords and best
given sequence where the items can be letters, words results would be obtained only when the user is making the
or base pairs according to the application. In a typed same errror repeatedly. The probabilistic technique uses the
text, unigrams are the single aphabets while digrams maximum likelihood to determine the best correction. The
(2-gram) are combinations of 2 alphabets taken probabilities are calculated from a number of words derive by
together. applying a simple editing operation on the keyed text. Our
5) The probabilistic technique as the name suggests work involves using only the secret code as the target and the
makes use of probabilities to determine the best entered text as the input, so only one calculated value is
correction possible. Once an error is detected, possible, making this scheme useless.
candidate corrections are proposed as different The N-gram technique and the minimum edit distance
characters are replaced by others using at most one technique being language and character independent are
operation. The one having the maximum likelihood is representative of actual password and were considered for this

21 http://sites.google.com/site/ijcsis/
ISSN 1947-5500
(IJCSIS) International Journal of Computer Science and Information Security,
Vol. 8, No. 7, October 2010
project. The distance technique is mostly used for such to the left plus the cost of current cell
applications [20]. (d[i-1,j-1] + cost cell (I,j)).
The N-gram technique compares the source and target 4. Step 3 is repeated until all characters of source word
words after splitting them into different combination of have been considered.
characters. An intersection and union operations are performed
on the different N-grams from which a similarity score is 5. Minimum edit distance is value of the cell (n.m)
calculated.
IV. SET UP
Consider two words conmprising of eight characters and
denoted by source [s1 s2 s3 s4 s5 s6 s7 s8] and target [t1 t2 t3 t4 t5 t6 Capturing keystroke of users is primordial to the proper
t7 t8]. operation of any keystroke dynamics system. The core of an
accurate timing system is the time measuring device
2-gram for source: * s1, s1s2, s2 s3, s3s4, s4s5, s5s6, s6s7, s7s8,s8* implemented either through software or hardware. The latter
2-gram for target: * t1, t1t2, t2t3, t3t4, t4t5, t5t6, t6t7, t7t8, t8* involves dealing with interrupts, handling processes, registers
and addresses which would complicate the design and prevent
*: padding space, n(A): number of element in set A. keystroke dynamics from seamlessly integrating password
Union(U) of all digrams= {* s1, s1s2, s2 s3, s3s4, s4s5, s5s6, s6s7, schemes. Among the different timer options available, the
s7s8,s8*,* t1, t1 t2, t2 t3, t3 t4, t4 t5, t5 t6, t6 t7,t7t7,t8*} Query Performance Counter (QPC) was used in a normal
enviroment. This approach provided the most appropriate timer
Intersection(I) of all digrams= {} or null set. for this type of experiment as showed previously [27].
Similarity ratio = n(I)/n(U) equation 1 To obtain a reference template, we followed an approach
The similarity ratio varies from 0 (which indicates two similar to that used by the banks and other financial
completely different words) to 1 (words being identical). The institutions. A new user goes through a session where he/she
processs can be repeated for a number of character provides a number of digital signatures by typing the selected
combinations starting from 2 (di-grams) to the number of password a number of times. The number of enrollment
characters in the word. From above, if di-grams are considered; attempts (ten) was chosen to provide enough data to obtain an
for a word length of 8 characters, 1 mistake would give a accurate estimation of the user mean digital signature as well as
similarity ratio of 7/11. Seven similar di-grams exist in both information about its variability [28]. Another point worth
words compared to the total set of 11 possible di-graphs with consideration was preventing annoyance on behalf of the users
both words taken together. when keying the same text too many times.

The Minimum Edit Distance calculates the difference A toolkit was constructed in Microsoft Visual Basic 6.0
between two strings in terms of number of operations needed to which allowed capturing of key depression, key release and
transform one string into another. The algorithm first constructs key code for each physical key being used. Feature values were
a matrix with rows being the length of the source word and the then computed from the information in the raw data file to
column the length of the target word [17]. The matrix is filled characterize the template vector of each authorized user based
with the minimum distance using the operations insertion, on flight and dwell times. One of the issues encountered with
deletion and substitution. The last and rightmost value of the efficient typists was release of a key only after s/he has
matrix gives the minimum edit distance of the horizontal and depressed another. The solution was to temporarily store all the
vertical strings. key events for a login attempt and then to re-order them so that
they were arranged in the order they were first depressed. The
The algorithm proceeds as follows. typed text collected was then compared to the correct password
(string comparison). The similarity score for the N-gram and
1. Set n, m to be the length of the source and target
the minimum edit distance was then computed for the captured
words respectively. Construct a matrix containing m
text in case no typing mistake was noted, the results being
rows and n columns.
100%. The user was informed of the presence of
2. Initialize the first row from 0 to n and the first column inconsistencies noted (use of correction keys) if any when he
from 0 to m incrementally. entered the text. Once accepted the automatic correction was
performed and user given access if s/he correctly mimicked his
3. Consider each character of source (s) (i from 1 to n). template.
a. Examine each character of target (t) (j from 1
to m). V. RESULTS
• Assign cost =0 to cell value 0 if s[i] The first part of the project was to determine the optimal
equals t[j] else cost= 1. value of N to be used in the N-gram. The recommended
minimum length for password is eight characters [29] and
• Value allocated to cell is minimum of using equation 1, as length increases the similarity score
already filled cells aside + value of 1, decreases. The number of N-grams in common between the
i.e upper one (d[i-1,j]+1),left one (d[i,j- source and target remains the same with different values of N.
1]+1), c. The cell diagonally above and The total set of possible N-grams increases as length increases.
In short for the same error, longer words bring a decrease in the

22 http://sites.google.com/site/ijcsis/
ISSN 1947-5500
(IJCSIS) International Journal of Computer Science and Information Security,
Vol. 8, No. 7, October 2010
score. The value of 2 was therefore used. The experiment was The possibility for allowing errors in the passwords was then
performed at university in the laboratiry under a controlled investigated. Though it is not recommended for short words,
environment and users were required to type the text for long phrase this can be considered such that users do not
“Thurs1day” a number of times. have to retype the whole text again.
Captured text was then sent to the password correction schemes For missing characters the timing used was the one used in the
implemented. Forty users voluntered to participate in the creation of the template but had the highest weight. As reported
survey and stand as authentic users, the results as computed for by Gaines et al [25], each enrollment feature used in building
users whenever errors are detected is shown below. the template is given a weight inversely proportional to its
distance from the template value. Accordingly the corrected
TABLE II. Values for each type of error
timing was then sent to the NN toolkit developed as reported in
[26].
ERRORS
Out of the 4024 attempts made by all users including
impostors, all mistakes using special keys (Insert, Delete,
Type Insertion Substitution Transposition
Backspace, Numlock, Space bar) in the typed text could be
2 2 2 corrected when it was less than the threshold set (1 error).
Number 1 1 1 All genuine users were correctly identified provided they
C S C S C S have correctly entered the password and used the
correction keys swiftly. Most users who used correction
Min Edit 1 2 1 1 2 keys and had a considerable increased in the total time
2 2
taken to key in the password, were not postiviely
0.43 0.26 identified. Moreover those who substituted one character
N gram 0.75 0.64 0.67 0.54 0.54 0.33
0.57 with another and continued typing normally, they were
C:Two characters one follow the other. correctly identified.

S:Seperated 53 cases remained problematic with the system as there were 2
errors brought into the password. The 2 correction schemes
They were asked to type their text normally i.e. both with and produced results which differed. With a threshold of 0.5 the N
without errors in their password. They were allowed to use gram, did not grant access with 2 transposition mistakes in the
corrections key including the Shift, Insert, Delete and Space password. For 2 errors, the N-gram technique granted the user
bar, Backspace etc. The details were then filtered to get details access while the minimum edit distance technique rejected the
on those who tried to log into the system as well as the timings user as the threshold was set to 1.
for the correct paswword as entered. Once the threshold for the
N gram and Minimun edit was exceeded the system then made VI. CONCLUSION
the required correction to the captured text. A threshold in the
N gram and Min edit controls the numbers of correction keys Surrogate representations of identity using the password
that can be used. Once the text entered was equivalent to the mechanism no longer suffice. In that context a number of
correct password, the timings were arranged from left to right studies have proposed techniques which caters for user A
for each character pressed as it is in the correct password. In sharing his password with user B and the latter being denied
case flight time had negative values, they were then arranged in access unless he is capable of mimicking the keystroke
the order they were pressed. dynamics of A. Most of the paper surveyed had a major
limitation in that when the user makes mistakes and uses
backspace or delete key to correct errors, he/she will have to
start all over again. In attempt to study the application of errors
correcting schemes in the enhanced password mechanism we
have we have focused on the commonly used MLP/BP.

TABLE III. Effect of error correction.

By spying on an authentic user, an impostor is often able to WITH ERROR
guess most of the constituents of the password. So for security WITHOUT
CORRECTION
reasons deletion error was not considered in this work as
correction of deletion could grant access to an impostor. The FAR 1% 5%

FRR 8% 15%
Figure 1: An interaction with the system
REJECTED ATTEMPTS 187 53
Figure 1 above shows an interaction of the user with the system
where even with one error in the timing captured the user is
being given acess to the system. The table III above summarizes the results obtained. The
FAR which was previsouly 1% suffered a major degrade in

23 http://sites.google.com/site/ijcsis/
ISSN 1947-5500
(IJCSIS) International Journal of Computer Science and Information Security,
Vol. 8, No. 7, October 2010
performance as most users increase their total typing time with [6] www.biopassword.com
the use of correction keys. As expected the FRR changed from [7] www.psylock.com
8 to 15 % when errors were allowed in the password. The [8] I. Armstrong (2003) “Passwords exposed: Users are the weakest link”,
promising deduction was that using a scheme which allowed SCMag June 2003 . Available:http://www.scmagazine.com
one character error in the password, they were correctly [9] S. Y. Kung, M. W. Mak, S. H. Lin(2005), “Biometric Authentication”,
identified. Further investigation showed that the major hurdle is New Jersey: Prentice Hall, 2005.
with the use of correction keys their normal flow of typing is [10] Loghman Barari, Behrang QasemiZadeh(2005),"CloniZER Spell
Checker, Adaptive, Language Independent Spell Checker",Proc. of the
disrupted and produces false results in keystroke dynamics. first ICGST International Conference on Artificial Intelligence and
This clearly demonstrates the possibility for authenticating Machine Learning AIML 05, pp 66-71.
genuine users even when the latter has made errors. We have [11] Wikipedia, “Typing” . Available: http://en.wikipedia.org/wiki/Typing .
investigated the use of N-gram and minimum distance as they [12] Sholes, C. Latham; Carlos Glidden & Samuel W. Soule (1868),
can be varied to check for any error or even allow a minimum "Improvement in Type-writing Machines", US 79868, issued July 14.
of errors to be made. For the latter, with transposition and [13] James Clawson, Alex Rudnick, Kent Lyons, Thad Starner(2007)
insertion errors the timings captured could easily cater for the ,"Automatic Whiteout: Discovery and Correction of Typographical
correct passwrod. The main issue encountered was to find a Errors in Mobile Text Input", Proceedings of the 9th conference on
convenient scheme to replace the missing ones. We have Human-computer interaction with mobile devices and services, New
York, NY, USA, 2007. ACM Press. available at
adapted our work with the one documented in Gaines et al [25], http://hackmode.org/~alex/pubs/automatic-whiteout_mobileHCI07.pdf,.
where we assume that the attempts closest to the template is [14] Grudin, J.T. (1983), “Error Patterns in Novice and Skilled Transcription
more representative of the user. The results obtained Typing”. In Cognitive Aspects of Skilled Typewriting. Cooper, W.E.
demonstrate the feasibility of this approach and will boost (ed.). Springer Verlag. ISBN 0-387-90774-2.
further research in that direction. [15] Kukich, K. (1992), “Automatic spelling correction: Detection,
correction and context-dependant techniques”. Technical report,
Our focus has been on commonly encountered errors but Bellcore, Morristown, NJ 07960.
other possibilities include the use of run on and split word [16] Michael Gilleland(2001), “Levenshtein Distance, in Three Flavors”,
errors among others. Other works that can be carried out along Available: http://www.merriampark.com/ld.htm.
that same line include the use of adaptive learning to be more [17] Wikipedia,”Damerau–Levenshtein distance”,
representative of the user. Logically this will vary considerably Available:http://en.wikipedia.org/wiki/Damerau%E2%80%93Levenshtei
as users get acquainted to the input device. Similarly n_distance
investiagtion on the best classifier to use with this scheme [18] Winkler, W. E. (1999). "The state of record linkage and current research
remains an avenue to explore. An intruder detection unit placed problems". Statistics of Income Division, Internal Revenue Service
before the Neutral Neural network can enhance its usability and Publication,R99/0,
acceptability as a classifier. By removing the intruder attempts Available: http://www.census.gov/srd/papers/pdf/rr99-04.pdf.
and presenting only authentic users to the neutral network an [19] Wikipedia,”Jaro–Winkle distance”.
ideal system can be achieved even with learning sample Available: http://en.wikipedia.org/wiki/Jaro-Winkle
consisting of fewer attempts. [20] DominicJohnRepici(2002), “Understanding Classic SoundEx
Algorithms”.Available-at
http://www.creativyst.com/Doc/Articles/SoundEx1/SoundEx1.htm
ACKNOWLEDGMENT [21] Pollock, J. J., and Zamora, A. (1984). “Automatic spelling correction in
The authors are grateful to the staff and students who have scientific and scholarly text”. Communications of the ACM, 27(4), pp
358-368(1984).
willingly participated in our experiment. Thanks extended to
[22] Wikipedia,” N-gram”.
those who in one way of another have contributed to make this
Available: http://en.wikipedia.org/wiki/N-gram.
study feasible.
[23] S. Cho & S. Hwang(2006), “Artificial Rhythms and Cues for Keystroke
Dynamics Based Authentication”, D. Zhang and A.K. Jain (Eds.):
REFERENCES Springer-Verlag Berlin Heidelberg , ICB 2006, LNCS 3832, pp. 626 –
632.
[24] R. Gaines et al (1980), “Authentication by Keystroke Timing: Some
[1] CP, Pfleeger (1997), “Security in Computing”, International Edition,
Preliminary Results”, technical report R-256-NSF, RAND.
Second Edition, Prentice Hall International, Inc,
[25] Pavaday N & Soyjaudah. K.M.S, “Investigating performance of neural
[2] S. Garfinkel & E. H. Spafford (1996), “Practical UNIX Security”, O
networks in authentication using keystroke dynamics”, In Proceedings of
Reilly, 2nd edition, April 1996.
the IEEE africon conference , pp. 1 – 8, 2007.
[3] S. Wiedenbeck, J. Waters , J. Birget, A. Brodskiy & Nasir Memon
[26] Pavaday N , Soyjaudah S & Mr Nugessur Shrikaant, “Investigating &
(2005), “Passpoints: Design and Longitudinal Evaluation of a
improving the reliability and repeatability of keystroke dynamics
Graphical Password System”, International Journal of Human-
timers”, International Journal of Network Security & Its Applications
Computer Studies, vol 63(1-2), pp. 102-127.
(IJNSA), Vol.2, No.3, July 2010.
[4] A Mészáros, Z Bankó, L Czúni(2007), “Strengthening Passwords by
[27] Revett, K., Gorunescu, F., Gorunescu, M., Ene, M., de Magalhães, S.T.
Keystroke Dynamics”, IEEE International Workshop on Intelligent Data
and Santos, H.M.D. (2007) ‘A machine learning approach to keystroke
Acquisition and Advanced Computing Systems: Technology and
dynamics based user authentication’, International Journal of Electronic
Applications, Dortmund, Germany.
Security and Digital Forensics, Vol. 1, No. 1, pp.55–70.
[5] D. Chuda & M. Durfina(2009), “Multifactor authentication based on
[28] Patricia A Wittich (2003), “ Biometrics: Are You Key to Security?”, pp 1
keystroke dynamics”, ACM International Conference Proceeding Series;
– 12 , SANS Institute 2003.
Vol. 433, Proceedings of the International Conference on Computer
Systems and Technologies and Workshop for PhD Students in [29] Sebastian Deorowicz, Marcin G.Ciura(2005),"Correcting the spelling
Computing, Article No.: 89 errors by modelling their causes”, Int.ernational Journal of Applied.
Mathematics. Computer. Science., 2005, Vol. 15, No.2,pp 275–285.

24 http://sites.google.com/site/ijcsis/
ISSN 1947-5500
(IJCSIS) International Journal of Computer Science and Information Security,
Vol. 8, No. 7, October 2010

AUTHORS PROFILE
Mr. N. Pavaday is now with the Computer Science, Faculty on Engineering,
University of Mauritius, having previously done his research training with the
Biometric Lab, School of Industrial Technology, University of Purdue West
Lafayette, Indiana, 47906 USA, (phone: +230-4037727 e-mail:
n.pavaday@uom.ac.mu).

Professor K.M.S.Soyjaudah is with the same university as the first author. He
is interested in all aspect of communication with focus on improving its
security. He can also be contacted on the phone +230 403-7866 ext 1367 (e-
mail: ssoyjaudah@uom.ac.mu)

25 http://sites.google.com/site/ijcsis/
ISSN 1947-5500