Browse > Article
http://dx.doi.org/10.13089/JKIISC.2018.28.2.369

Distance-Based Keystroke Dynamics Smartphone Authentication and Threshold Formula Model  

Lee, Shincheol (Sejong University)
Hwang, Jung Yeon (Electronics and Telecommunications Research Institute)
Lee, Hyungu (Sejong University)
Kim, Dong In (Sejong University)
Lee, Sung-Hoon (University of Science & Technology)
Shin, Ji Sun (Sejong University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.28, no.2, 2018 , pp. 369-383 More about this Journal
Abstract
User authentication using PIN input or lock pattern is widely used as a user authentication method of smartphones. However, it is vulnerable to shoulder surfing attacks and because of low complexity of PIN and lock pattern, it has low security. To complement these problems, keystroke dynamics have been used as an authentication method for complex authentication and researches on this have been in progress. However, many studies have used imposter data in classifier training and validation. When keystroke dynamics authentications are actually applied in reality, it is realistic to use only legitimate user data for training, and using other people's data as imposter training data may result in problems such as leakage of authentication data and invasion of privacy. In response, in this paper, we experiment and obtain the optimal ratio of the thresholds for distance based classification. By suggesting the optimal ratio, we try to contribute to the real applications of keystroke authentications.
Keywords
Keystroke Dynamics; Distance-based classifications; Smartphone Authentication;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 Statista, "Number of smartphone users in the U.S. 2010- 2022," https://www.statista.com/statistics/201182/forecast-of-smartphone-users-in-the-us/
2 Statista, "Number of smartphone users in South Korea from 2015 to 2022," https://www.statista.com/statistics/467171/forecast-of-smartphone-users-in-south-korea/
3 N. Ben-Asher, N. Kirschnick, H. Sieger, J. Meyer, A. Ben-Oved, and S. Moller, "On the need for different security methods on mobile phones," Proceedings of the 13th International Conference on Human Computer Interaction with Mobile Devices and Services, ACM, pp. 465-473, Aug. 2011.
4 T. Y. Chang, C. J. Tsai, W. J. Tsai, C. C. Peng, and H. S. Wu, "A changeable personal identification number-based keystroke dynamics authentication sys- tem on smart phones," Security and Communication Networks, vol. 9, no. 15, pp. 2674-2685, Oct. 2016.   DOI
5 P.K. Sari, G. S. Ratnasari, and A. Prasetio, "An evaluation of authentica- tion methods for smartphone based on users' preferences," IOP Conference Series: Materials Science and Engineering, IOP Publishing, vol. 128, no. 1, pp. 012036, Apr. 2016.
6 P. S. Teh, N. Zhang, A. B. J. Teoh, and K. Chen, "TDAS: a touch dynamics based multi-factor authentication sol- ution for mobile devices," International Journal of Pervasive Computing and Communications, vol. 12, no. 1, pp.127-153, Apr. 2016.   DOI
7 P. S. Teh, N. Zhang, A. B. J. Teoh, and K. Chen, "A survey on touch dynamics authentication in mobile devices," Computers & Security, vol 59, pp. 210-235, Jun. 2016.   DOI
8 R. Spillane, "Keyboard apparatus for personal identification," IBM Technical Disclosure Bulletin, vol. 17, no. 3346, Apr. 1975.
9 D. Umphress and G. Williams, "Identity verification through keyboard characteristics," International Journal of Man-Machine Studies, vol. 23, no. 3, pp. 263-273, Apr. 1985.   DOI
10 N.L. Clarke, S.M. Furnell, B.M. Lines, and P.L. Reynolds, "Subscriber au- thentication for mobile phones using keystroke dynamics," Proceedings of the Third International Network Conference (INC 2002), Plymouth, UK, pp. 347-355, Jul. 2002.
11 N.L. Clarke, S.M. Furnell, B.M. Lines, and P.L. Reynolds, "Keystroke dynamics on a mobile handset: a feasibility study," Information Management & Computer Security, vol. 11, no. 4, pp. 161-166, Oct. 2003.   DOI
12 N.L. Clarke and S.M. Furnell, "Authenticating mobile phone users using keystroke analysis," International Journal of Information Security, vol. 6, no. 1, pp. 1-14, Jan. 2007.   DOI
13 N. Zheng, K. Bai, H. Huang, and H. Wang, "You Are How You Touch: User Verification on Smartphones via Tapping Behaviors," Network Protocols (ICNP), 2014 IEEE 22nd International Conference on. IEEE, pp. 221-232, Oct. 2014.
14 I. De Mendizabal-Vazquez, D. de Santos-Sierra, J. Guerra-Casanova, and C. Sanchez-Avila, "Supervised classi- fication methods applied to keystroke dynamics through mobile devices," 2014 International Carnahan Conference on Security Technology (ICCST), pp. 1-6, Oct. 2014.
15 C. Giuffrida, K. Majdanik, M. Conti, and H. Bos, "I sensed it was you: authenticating mobile users with sensor-enhanced keystroke dynamics," International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, pp. 92-111, Jul. 2014.
16 M. Antal, L. Z. Szabo and I. Laszlo, "Keystroke dynamics on android platform," Procedia Technology, vol. 19, pp. 820-826, Jan. 2015.   DOI
17 J. Wu and Z. Chen, "An Implicit Identity Authentication System Considering Changes of Gesture Based on Keystroke Behaviors," International Journal of Distributed Sensor Networks, vol. 11, no. 6, pp. 470274, Jan. 2015.   DOI
18 J. Kim, H. Kim, and P. Kang, "Enhanced keystroke dynamics user authentication Based on free text strings," Proceedings of the Korean Operations and Management Science Society Conference, pp. 1846-1876, Apr. 2016.
19 ITU, "The world in 2014: ICT facts and f igures," International Telecommunication Union, http://www.itu.int/en/ITUD/Statistics/Documents/facts/ICTFactsFigures2014-e.pdf (accessed: 15 January 2015).
20 G. Ho, "Tapdynamics: Strengthening User Authentication on Mobile Phones with Keystroke Dynamics," Technicalreport, StanfordUniversity, 2014.
21 C. J. Tasia, T. Y. Chang, P. C. Cheng, and J. H. Lin, "Two novel biometric fea- tures in keystroke dynamics authentica- tion systems for touch screen devices," Security and Communication Networks, vol. 7, no. 4, pp. 750-758, Apr. 2014.   DOI
22 L. Jain, J. V. Monaco, M. J. Coakley, and C. C. Tappert, "Passcode Keystroke Biometric Performance on Smartphone Touchscreens in Superior to That on Hardware Keyboards," International Journal of Research in Computer Applications and Information Technology, vol. 2, no. 4, pp. 29-33, Jul. 2014.
23 S. H. Lee, J. H. Roh, S. Kim, and S. H. Jin, "A Study of Adaptive Feature Subset for Improving Accuracy of Keystroke Dynamics Authentication on Mobile Environment," The 2017 Spring Conference of the KIPS, 24(1), pp. 287-290, Apr. 2017.
24 H. Saevanee and P. Bhattarakosol, "Authenticating user using keystroke dy- namics and finger pressure," Consumer Communications and Networking Conference, CCNC 2009, 6th IEEE, pp. 1-2, Jan. 2009.
25 M. Trojahn and F. Ortmeier, "Biometric authentication through a virtual keyboard for smartphones," International Journal of Computer Science & Information Technology, vol. 4, no. 5, pp. 1, Oct. 2012.   DOI
26 J. B. Kim and M. K. Lee, "User authentication using touch positions in a touch-screen interface," Journal of the Korea Institute of Information Security and Cryptology, 21(1), pp. 135-141, Feb. 2011.
27 Wikipedia, "Gyroscope", https://en.wikipedia.org/wiki/Gyroscope
28 L. Cai and H. Chen, "TouchLogger: Inferring Keystrokes on Touch Screen from Smartphone Motion," HotSec, vol. 11, pp. 9, Aug. 2011.
29 Z. Xu, K. Bai, and S. Zhu, "Taplogger: Inferring user inputs on smartphone touchscreens using on-board motion sensors," Proceedings of the fifth ACM conference on Security and Privacy in Wireless and Mobile Networks, pp. 113-124, Apr. 2012.
30 C. Jung, R. Jang, D. Nyang, and K. Lee, "Technique for PIN Entry Using an Accelerometer Sensor and a Vibration Sensor on Smartphone," KIPS Transactions on Computer and Communication Systems, 6(12), pp. 497-506, Dec. 2017.   DOI
31 S. Zahid, M. Shahzad, S.A. Khayam, and M. Farooq, "Keystroke-Based User Identification on Smart Phones," International Workshop on Recent Advances in Intrusion Detection, pp. 224-243, Sep. 2009.