Applications of keystroke analysis for improved login security and continuous user authentication |
This paper examines the use of keystroke analysis as a means of improving authentication in modern information systems, based upon the biometric measurement of user typing characteristics. The discussion identifies that the concept may be implemented in two ways, providing the basis for both an enhanced authentication front-end as well as for continuous, transparent supervision throughout the session.
Furnell SM, Morrissey JP, Sanders P, Stockel CT
Two practical systems have been implemented, based upon static and dynamic verification techniques. The static verifier uses a neural network approach, whilst the dynamic verifier involves statistical analysis methods. The effectiveness of each module is examined using experimental test subject groups. The results observed allow the strategies to be contrasted, with a general assessment of the protection that the combination of techniques would afford.
The paper also discusses how the techniques could be integrated within a more comprehensive intrusion detection framework, capable of identifying various classes of abuse