Docstoc

Minimizing the number of retry attempts in keystroke dynamics through inclusion of error correcting schemes

Document Sample
Minimizing the number of retry attempts in keystroke dynamics through inclusion of error correcting schemes Powered By Docstoc
					                                                               (IJCSIS) International Journal of Computer Science and Information Security,
                                                                                                                Vol. 8, No. 7, October 2010

Minimizing the number of retry attempts in keystroke
  dynamics through inclusion of error correcting
                    schemes.
    Pavaday Narainsamy, Student member IEEE                                              Professor K.M.S.Soyjaudah
              Computer Science Department,                                                       Member IEEE
                 Faculty of Engineering                                                      Faculty of Engineering
                University Of Mauritius                                                      University of Mauritius
                 n.pavaday@uom.ac.mu


Abstract— One of the most challenging tasks, facing the security           symbols. Because of these stringent requirements, users adopt
expert, remains the correct authentication of human beings.                unsafe practices such as recording it close to the authentication
Throughout the evolution of time, this has remained crucial to             device, apply same passwords on all accounts or share it with
the fabric of our society. We recognize our friends/enemies by             inmates.
their voice on the phones, by their signature/ writing on a paper,
by their face when we encounter them. Police identify thieves by               To reduce the number of security incidents making the
their fingerprint, dead corpse by their dental records and culprits        headlines, inclusion of the information contained in the
by their deoxyribonucleic acid (DNA) among others. Nowadays                “actions” category has been proposed [4, 5]. An intruder will
with digital devices fully embedded into daily activities, non             then have to obtain the password of the user and mimick the
refutable person identification has taken large scale dimensions.          typing patterns before being granted access to system
It is used in diverse business sectors including health care,              resources.
finance, aviation, communication among others. In this paper we
investigate the application of correction schemes to the most                  The handwritten signature has its parallel on the keyboard
commonly encountered form of authentication, that is, the                  in that the same neuro-physiological factors that account for its
knowledge based scheme, when the latter is enhanced with typing            uniqueness are also present in a typing pattern as detected in
rhythms. The preliminary results obtained using this concept in            the latencies between two consecutive keystrokes. Keystroke
alleviating the retry and account lock problems are detailed.              dynamics is also a behavioural biometric that is acquired over
                                                                           time. It measures the manner and the rhythm with which a user
    Keywords-Passwords, Authentication, Keystroke dynamics,                types characters on the keyboard. The complexity of the hand
errors, N- gram, Minimum edit distance.                                    and its environment make both typed and written signatures
                                                                           highly characteristics and difficult to imitate. On the computer,
                       I.    INTRODUCTION                                  it has the advantage of not requiring any additional and costly
                                                                           equipment. From the measured features, the dwell time and
    Although a number of authentication methods exist, the
                                                                           flight times are extracted to represent a computer user. The
knowledge based scheme has remained the de-facto standard
                                                                           "dwell time" is the amount of time you hold down a particular
and is likely to remain so for a number years due to its
                                                                           key while "flight time" is the amount of time it takes to move
simplicity, ease of use, implementation and its acceptance. Its
                                                                           between keys. A number of commercial products using such
precision can be adjusted by enforcing password-structure
                                                                           schemes already exist on the market [6, 7] while a number of
policies or by changing encryption algorithms to achieve
                                                                           others have been rumored to be ready for release.
desired security level. Passwords represent a cheap and
scalable way of validating users, both locally and remotely, to                Our survey of published work has shown that such
all sorts of services [1, 2]. Unfortunately they inherently suffer         implementations have one major constraint in that the typist
deficiencies reflecting from a difficult compromise between                should not make use of correction keys when keying in the
security and memorability.                                                 required password. We should acknowledge that errors are
                                                                           common in a number of instances and for a number of reasons.
    On one hand it should be easy to remember and provide
                                                                           Even when one knows how to write the word, ones fingers may
swift authentication. On the other for security purposes it
                                                                           have slipped or one may be typing too fast or pressing keys
should be difficult to guess, composed of a special combination
                                                                           simultaneously. In brief whatever be the skills and keyboarding
of characters, changed from time to time, and unique to each
                                                                           techniques used, we do make mistakes, hence the provision for
account [3]. The larger number and more variability in the set
                                                                           correction keys on all keyboards. Nowadays, typical of word
of characters used, the higher is the security provided as it
                                                                           processing softwares, automatic modification based on stored
becomes difficult to violate. However such combinations tend
                                                                           dictionary words can be applied particularly for long sentences.
to be difficult for end users to remember, particularly when the
                                                                           Unfortunately with textual passwords, the text entered is
password does not spell a recognizable word (or includes non-
                                                                           displayed as a string of asterisks and the user cannot spot the
alphanumeric characters such as punctuation marks or other



                                                                      19                              http://sites.google.com/site/ijcsis/
                                                                                                      ISSN 1947-5500
                                                             (IJCSIS) International Journal of Computer Science and Information Security,
                                                                                                              Vol. 8, No. 7, October 2010
mistake and does make a false login attempt when pressing the            keyboard used in a number of applications. Other variants exist
enter key. After three such attempts the account is locked and           in “AZERTY” used mainly by French or “QWERTZ” used by
has to be cleared out by the system administrator. Collected             Germans. Different keyboarding techniques are adopted by
figures reveal that between 25% and 50% of help desk calls               users for feeding data to the device, namely the (i) Hunt and
relate to such problems [8].                                             Peck (ii) Touch typing and (iii) Buffering. More information
                                                                         on these can be found in [11]. The first interaction with a
    Asking the user to input his/her logon credentials all over          keyboard is usually the Hunt and Peck type as the user has to
again instead of using correction keys, clearly demonstrate that         search for the key before hiting on it. Experienced users are
inclusion of keystroke dynamics does not seamlessly integrate            considered to be the touch type with a large number of keys
password mechanism.This can be annoying and stressful for                being struck per minute.
users and will impede on acceptance of the enhanced password
mechanism.Moreover this will reduce the probability of the                   Typographic errors are due to mechanical failure or slip of
typist correctly matching his enrolled template and hence make           the hand or finger, but exclude errors of ignorance. Most
another false attempt at login in. In this project we investigate        involve simple duplication, omission, transposition, or
the use of correcting schemes to improve on this limitation and          substitution of a small number of characters. The typographic
in the long run reduce the number of requests for unlocking              errors for single words have been classified as shown in Table
account password as encountered by system administrators.                1 below.
    Following this short brief on keystroke dynamics, we’ll
dwell on the challenges involved in incorporating error                           TABLE I.     Occurrence of errors in typed text [ 13 ]
correcting techniques technologies to the enhance password
                                                                               Errors                            % of occurrence
mechanism. Our focus will be on a more general approach
rather than checking whether the correction keys have been                     Substitution                      40.2
pressed by the user. A scheme that can be customized to deal
with cases of damaged keys or American keyboard replaced by                    Insertion                         33.2
English keyboard. In section II, we first review the different
correction schemes studied and then the user recognition                       Deletion                          21.4
algorithms to be used before elalorating on an applicable
structure for the proposed work. The experimental results are                  Transposition                     5.2
detailed in section V followed by our conclusions and future
work in the last section of this paper.
                                                                            In another work, Grudin [14] investigated the distribution
                   II.   BACKGROUND STUDY                                of errors for expert and novice users based on their speed of
To evaluate a biometric system’s accuracy, the most                      keying characters. He analysed the error patterns made by six
                                                                         expert typists and eight novice typists after transcribing
commonly adopted metrics are the false rejection rate (FRR)
                                                                         magazines articles. There were large individual differences in
and the false acceptance rate (FAR), which correspond to two
                                                                         both typing speed and types of errors that were made [15].
popular metrics: sensitivity and specificity [9]. FAR
represents the rate at which impostors are accepted in the                   The expert users had a range from 0.4% to 0.9% with the
system as being genuine users while the FRR represents the               majority being insertion errors while for the novice it was 3.2%
rate at which authentic users are rejected in the system as they         on average comprising mainly of substitutions ones. These
cannot match their template representation. The response of              errors are made when the typist knows how to spell the word
the matching system is a score that quantifies the similarity            but may have typed the word hastily. Isolated word error
between the input and the stored representation. Higher score            correction includes detecting the error, generating the
indicates more certainty that the two biometric measurements             appropriate candidates for correction and ranking the
come from the same person. Increasing the matching score                 candidates.
threshold increases the FRR with a decrease in FAR. In                   For this project only errors that occur frequently will be given
practical systems the balance between FAR and FRR dictates               attention as illustrated in table 1 above. Once the errors are
the operational point.                                                   detected, they will be corrected through the appropriate
                                                                         correction scheme to enable a legitimate user to log into the
A. Error types                                                           system. On the other hand it is primordial that impostors are
    Textual passwords are input into systems using                       denied access even though they have correctly guessed the
keypads/keyboards giving posibilities for typing errors to crop          secret code as is normally the case with keystroke dynamics.
in. The main ones are insertion, deletion, substitution and
transposition [10] which amounts to 80 % of all errors                   B. Error correction
encountered [11] with the remaining ones being the split-word
                                                                         Spell checkers operate on individual words by comparing each
and run-on. The last two refer to insertion of space in between
                                                                         of them against the contents of a dictionary. If the word is not
characters and deletion of a space between two words
                                                                         found it is considered to be in error and an attempt is made to
respectively. Historically, to overcome mechanical problems
                                                                         suggest a word that was likely to have been intended. Six main
associated with the alphabetical order keyboard, the QWERTY
                                                                         suggested algorithms for isolated words [16] are listed below.
layout has been proposed [12] and it has become the de-facto



                                                                    20                               http://sites.google.com/site/ijcsis/
                                                                                                     ISSN 1947-5500
                                                            (IJCSIS) International Journal of Computer Science and Information Security,
                                                                                                             Vol. 8, No. 7, October 2010
    1) The Levenshtein distance or edit distance is the                          chosen as the best candidate for the typographical
       minimum number of elementary editing operations                           error.
       needed to transform an incorrect string of characters
       into the desired word. The Levenshtein distance caters               6) Neural networks have also been applied as spelling
       for three kinds of errors, deletion, insertion and                      correctors due to their ability to do associative recall
       substitution. In addition to its use in spell checkers it               based on incomplete and noisy data. They are trained
       has also been applied in speech recognition,                            on the spelling errors themselves and once such a
       deoxyribonucleic acid (DNA) analysis and plagiarism                     scenario is presented they can make the correct
       detector [17]. As an example, to transform "symmdtr"                    inference.
       to "symmetry" requires a minimum of two operations
       which are:                                                       C. Classifier used

             o   symmdtr → symmetr (substitution of 'd' for
                                                                            Keyboard characteristics are rich in cognitive qualities and
                 'e')
                                                                        as personal identifiers they have been the concern of a number
             o   symmetr → symmetry (insert 'y' at the end).            of researchers. The papers surveyed demonstrate a number of
                                                                        approaches that have been used to find adequate keystroke
   Damerau–Levenshtein distance [18] is a variation of the              dynamics with a convenient performance to make it practically
above with the additon of the transpostion operation to the             feasible. Most research efforts related to this type of
basic set. For example to change from ‘metirc’ to ‘metric’              authentication have focused on improving classifier accuracy
requires only a single operation (1 tranposition). Another              [24]. Chronologically it kicked off with statistical classifier
measure is the Jaro-Winkler distance [19] which is a similarity         more particularly with the T test by Gaines et al [25]. Now the
score between two strings and is used in record linkage for             trend is towards the computer extensive neural network
duplicate detection. A normalized value of one represents an            variants. Delving into the details of each approach and finding
exact match while zero represents disimilarity. This distance           the best classifier to use is well beyond the scope of this
metric has been found be best suited for short strings such as          project. Our aim is to use one which will measure the similarity
peoples name [20].                                                      between an input keystroke-timing pattern and a reference
    2) Similarity key techniques have their strengths in that a         model of the legitimate user’s keystroke dynamics. For that
       string is mapped to a code consisting of its first letter        purpose the simple multiple layer perceptron (MLP) with back
       followed by a sequence of three digits, which is same            propagation (BP) used in a previous work was once again
       for all similar strings [21]. The Soundex system                 considered. A thorough mathematical analysis of the model is
       (patented by Odell and Russell [16, 21]) is an                   presented in the work [26]. It provide details about the why and
       application of such a technique in phonetic spelling             how of this model.The transfer function used in the neural
       correction. Letters are grouped according to their               network was the sigmoid function with ten enrollments for
       pronouncation e.g. letters “D”, “T", “P” and ‘B’ as              building each users template.
       they produce the same sound. SPEEDCOP (Spelling
       Error Detection/Correction Project) is a similar work                                    III.      ANALYSIS
       designed to automatically correct spelling errors by
                                                                            The particularity of passwords/secret codes make that they
       finding words similar to the mispelled word [22].
                                                                        have no specific sound and are independent of any language
    3) In rule-based techniques, the knowledge gained from              and may even involve numbers or special characters. Similarity
       previous spelling error patterns is used to construct            technique is therefore not appropriate as it is based on
       heuristics that take advantage of this knowledge.                phonetics and it has limited numbers of possibilities. Moreover
       Given that many errors occur due to inversion e.g. the           with one character and 3 digits for each code there will be
       letters ai being typed as ia, then a rule for this error         frequent collisions as only one thousand combinations exist.
       may be written.                                                  Similarly neural network which focuses on the rules of the
                                                                        language for correcting spelling errors turns out to be very
    4) The N gram technique is used in natural language                 complex and inappropriate for such a scenario. A rule based
       processing and genetic sequence analysis [23]. An N-             scheme would imply a database of possible errors to be built.
       gram is a sub-sequence of n items (of any size) from a           Users will have to type a long list of related passwords and best
       given sequence where the items can be letters, words             results would be obtained only when the user is making the
       or base pairs according to the application. In a typed           same errror repeatedly. The probabilistic technique uses the
       text, unigrams are the single aphabets while digrams             maximum likelihood to determine the best correction. The
       (2-gram) are combinations of 2 alphabets taken                   probabilities are calculated from a number of words derive by
       together.                                                        applying a simple editing operation on the keyed text. Our
    5) The probabilistic technique as the name suggests                 work involves using only the secret code as the target and the
       makes use of probabilities to determine the best                 entered text as the input, so only one calculated value is
       correction possible. Once an error is detected,                  possible, making this scheme useless.
       candidate corrections are proposed as different                      The N-gram technique and the minimum edit distance
       characters are replaced by others using at most one              technique being language and character independent are
       operation. The one having the maximum likelihood is              representative of actual password and were considered for this



                                                                   21                                  http://sites.google.com/site/ijcsis/
                                                                                                       ISSN 1947-5500
                                                                         (IJCSIS) International Journal of Computer Science and Information Security,
                                                                                                                          Vol. 8, No. 7, October 2010
project. The distance technique is mostly used for such                                                  to the left plus the cost of current cell
applications [20].                                                                                       (d[i-1,j-1] + cost cell (I,j)).
    The N-gram technique compares the source and target                               4.   Step 3 is repeated until all characters of source word
words after splitting them into different combination of                                   have been considered.
characters. An intersection and union operations are performed
on the different N-grams from which a similarity score is                             5.   Minimum edit distance is value of the cell (n.m)
calculated.
                                                                                                            IV.    SET UP
     Consider two words conmprising of eight characters and
denoted by source [s1 s2 s3 s4 s5 s6 s7 s8] and target [t1 t2 t3 t4 t5 t6             Capturing keystroke of users is primordial to the proper
t7 t8].                                                                           operation of any keystroke dynamics system. The core of an
                                                                                  accurate timing system is the time measuring device
2-gram for source: * s1, s1s2, s2 s3, s3s4, s4s5, s5s6, s6s7, s7s8,s8*            implemented either through software or hardware. The latter
2-gram for target: * t1, t1t2, t2t3, t3t4, t4t5, t5t6, t6t7, t7t8, t8*            involves dealing with interrupts, handling processes, registers
                                                                                  and addresses which would complicate the design and prevent
*: padding space, n(A): number of element in set A.                               keystroke dynamics from seamlessly integrating password
Union(U) of all digrams= {* s1, s1s2, s2 s3, s3s4, s4s5, s5s6, s6s7,              schemes. Among the different timer options available, the
s7s8,s8*,* t1, t1 t2, t2 t3, t3 t4, t4 t5, t5 t6, t6 t7,t7t7,t8*}                 Query Performance Counter (QPC) was used in a normal
                                                                                  enviroment. This approach provided the most appropriate timer
Intersection(I) of all digrams= {} or null set.                                   for this type of experiment as showed previously [27].
Similarity ratio = n(I)/n(U)                                   equation 1             To obtain a reference template, we followed an approach
    The similarity ratio varies from 0 (which indicates two                       similar to that used by the banks and other financial
completely different words) to 1 (words being identical). The                     institutions. A new user goes through a session where he/she
processs can be repeated for a number of character                                provides a number of digital signatures by typing the selected
combinations starting from 2 (di-grams) to the number of                          password a number of times. The number of enrollment
characters in the word. From above, if di-grams are considered;                   attempts (ten) was chosen to provide enough data to obtain an
for a word length of 8 characters, 1 mistake would give a                         accurate estimation of the user mean digital signature as well as
similarity ratio of 7/11. Seven similar di-grams exist in both                    information about its variability [28]. Another point worth
words compared to the total set of 11 possible di-graphs with                     consideration was preventing annoyance on behalf of the users
both words taken together.                                                        when keying the same text too many times.

    The Minimum Edit Distance calculates the difference                               A toolkit was constructed in Microsoft Visual Basic 6.0
between two strings in terms of number of operations needed to                    which allowed capturing of key depression, key release and
transform one string into another. The algorithm first constructs                 key code for each physical key being used. Feature values were
a matrix with rows being the length of the source word and the                    then computed from the information in the raw data file to
column the length of the target word [17]. The matrix is filled                   characterize the template vector of each authorized user based
with the minimum distance using the operations insertion,                         on flight and dwell times. One of the issues encountered with
deletion and substitution. The last and rightmost value of the                    efficient typists was release of a key only after s/he has
matrix gives the minimum edit distance of the horizontal and                      depressed another. The solution was to temporarily store all the
vertical strings.                                                                 key events for a login attempt and then to re-order them so that
                                                                                  they were arranged in the order they were first depressed. The
    The algorithm proceeds as follows.                                            typed text collected was then compared to the correct password
                                                                                  (string comparison). The similarity score for the N-gram and
     1.    Set n, m to be the length of the source and target
                                                                                  the minimum edit distance was then computed for the captured
           words respectively. Construct a matrix containing m
                                                                                  text in case no typing mistake was noted, the results being
           rows and n columns.
                                                                                  100%. The user was informed of the presence of
     2.    Initialize the first row from 0 to n and the first column              inconsistencies noted (use of correction keys) if any when he
           from 0 to m incrementally.                                             entered the text. Once accepted the automatic correction was
                                                                                  performed and user given access if s/he correctly mimicked his
     3.    Consider each character of source (s) (i from 1 to n).                 template.
                 a.   Examine each character of target (t) (j from 1
                      to m).                                                                                V.    RESULTS
                      •     Assign cost =0 to cell value 0 if s[i]                    The first part of the project was to determine the optimal
                            equals t[j] else cost= 1.                             value of N to be used in the N-gram. The recommended
                                                                                  minimum length for password is eight characters [29] and
                      •     Value allocated to cell is minimum of                 using equation 1, as length increases the similarity score
                            already filled cells aside + value of 1,              decreases. The number of N-grams in common between the
                            i.e upper one (d[i-1,j]+1),left one (d[i,j-           source and target remains the same with different values of N.
                            1]+1), c. The cell diagonally above and               The total set of possible N-grams increases as length increases.
                                                                                  In short for the same error, longer words bring a decrease in the



                                                                             22                               http://sites.google.com/site/ijcsis/
                                                                                                              ISSN 1947-5500
                                                                                   (IJCSIS) International Journal of Computer Science and Information Security,
                                                                                                                                    Vol. 8, No. 7, October 2010
score. The value of 2 was therefore used. The experiment was                                     The possibility for allowing errors in the passwords was then
performed at university in the laboratiry under a controlled                                     investigated. Though it is not recommended for short words,
environment and users were required to type the text                                             for long phrase this can be considered such that users do not
“Thurs1day” a number of times.                                                                   have to retype the whole text again.
Captured text was then sent to the password correction schemes                                   For missing characters the timing used was the one used in the
implemented. Forty users voluntered to participate in the                                        creation of the template but had the highest weight. As reported
survey and stand as authentic users, the results as computed for                                 by Gaines et al [25], each enrollment feature used in building
users whenever errors are detected is shown below.                                               the template is given a weight inversely proportional to its
                                                                                                 distance from the template value. Accordingly the corrected
                  TABLE II.           Values for each type of error
                                                                                                 timing was then sent to the NN toolkit developed as reported in
                                                                                                      [26].
                                         ERRORS
                                                                                                     Out of the 4024 attempts made by all users including
                                                                                                     impostors, all mistakes using special keys (Insert, Delete,
 Type               Insertion                     Substitution               Transposition
                                                                                                     Backspace, Numlock, Space bar) in the typed text could be
                             2                              2                           2            corrected when it was less than the threshold set (1 error).
Number        1                             1                            1                           All genuine users were correctly identified provided they
                       C          S                    C          S               C          S       have correctly entered the password and used the
                                                                                                     correction keys swiftly. Most users who used correction
Min Edit      1         2                   1                            1              2            keys and had a considerable increased in the total time
                                  2                         2
                                                                                                     taken to key in the password, were not postiviely
                                                                 0.43                       0.26     identified. Moreover those who substituted one character
N gram     0.75       0.64                 0.67      0.54               0.54     0.33
                                 0.57                                                                with another and continued typing normally, they were
C:Two characters one follow the other.                                                               correctly identified.

S:Seperated                                                                                      53 cases remained problematic with the system as there were 2
                                                                                                 errors brought into the password. The 2 correction schemes
They were asked to type their text normally i.e. both with and                                   produced results which differed. With a threshold of 0.5 the N
without errors in their password. They were allowed to use                                       gram, did not grant access with 2 transposition mistakes in the
corrections key including the Shift, Insert, Delete and Space                                    password. For 2 errors, the N-gram technique granted the user
bar, Backspace etc. The details were then filtered to get details                                access while the minimum edit distance technique rejected the
on those who tried to log into the system as well as the timings                                 user as the threshold was set to 1.
for the correct paswword as entered. Once the threshold for the
N gram and Minimun edit was exceeded the system then made                                                               VI.    CONCLUSION
the required correction to the captured text. A threshold in the
N gram and Min edit controls the numbers of correction keys                                          Surrogate representations of identity using the password
that can be used. Once the text entered was equivalent to the                                    mechanism no longer suffice. In that context a number of
correct password, the timings were arranged from left to right                                   studies have proposed techniques which caters for user A
for each character pressed as it is in the correct password. In                                  sharing his password with user B and the latter being denied
case flight time had negative values, they were then arranged in                                 access unless he is capable of mimicking the keystroke
the order they were pressed.                                                                     dynamics of A. Most of the paper surveyed had a major
                                                                                                 limitation in that when the user makes mistakes and uses
                                                                                                 backspace or delete key to correct errors, he/she will have to
                                                                                                 start all over again. In attempt to study the application of errors
                                                                                                 correcting schemes in the enhanced password mechanism we
                                                                                                 have we have focused on the commonly used MLP/BP.

                                                                                                                TABLE III.     Effect of error correction.

By spying on an authentic user, an impostor is often able to                                                                                                 WITH ERROR
guess most of the constituents of the password. So for security                                                                   WITHOUT
                                                                                                                                                             CORRECTION
reasons deletion error was not considered in this work as
correction of deletion could grant access to an impostor. The                                                FAR                      1%                        5%

                                                                                                             FRR                       8%                       15%
                    Figure 1: An interaction with the system
                                                                                                    REJECTED ATTEMPTS                 187                        53
Figure 1 above shows an interaction of the user with the system
where even with one error in the timing captured the user is
being given acess to the system.                                                                   The table III above summarizes the results obtained. The
                                                                                                 FAR which was previsouly 1% suffered a major degrade in



                                                                                            23                                http://sites.google.com/site/ijcsis/
                                                                                                                              ISSN 1947-5500
                                                                      (IJCSIS) International Journal of Computer Science and Information Security,
                                                                                                                       Vol. 8, No. 7, October 2010
performance as most users increase their total typing time with                   [6]    www.biopassword.com
the use of correction keys. As expected the FRR changed from                      [7]    www.psylock.com
8 to 15 % when errors were allowed in the password. The                           [8]    I. Armstrong (2003) “Passwords exposed: Users are the weakest link”,
promising deduction was that using a scheme which allowed                                SCMag June 2003 . Available:http://www.scmagazine.com
one character error in the password, they were correctly                          [9]    S. Y. Kung, M. W. Mak, S. H. Lin(2005), “Biometric Authentication”,
identified. Further investigation showed that the major hurdle is                        New Jersey: Prentice Hall, 2005.
with the use of correction keys their normal flow of typing is                    [10]   Loghman Barari, Behrang QasemiZadeh(2005),"CloniZER Spell
                                                                                         Checker, Adaptive, Language Independent Spell Checker",Proc. of the
disrupted and produces false results in keystroke dynamics.                              first ICGST International Conference on Artificial Intelligence and
This clearly demonstrates the possibility for authenticating                             Machine Learning AIML 05, pp 66-71.
genuine users even when the latter has made errors. We have                       [11]   Wikipedia, “Typing” . Available: http://en.wikipedia.org/wiki/Typing .
investigated the use of N-gram and minimum distance as they                       [12]   Sholes, C. Latham; Carlos Glidden & Samuel W. Soule (1868),
can be varied to check for any error or even allow a minimum                             "Improvement in Type-writing Machines", US 79868, issued July 14.
of errors to be made. For the latter, with transposition and                      [13]   James Clawson, Alex Rudnick, Kent Lyons, Thad Starner(2007)
insertion errors the timings captured could easily cater for the                         ,"Automatic Whiteout: Discovery and Correction of Typographical
correct passwrod. The main issue encountered was to find a                               Errors in Mobile Text Input", Proceedings of the 9th conference on
convenient scheme to replace the missing ones. We have                                   Human-computer interaction with mobile devices and services, New
                                                                                         York,      NY,      USA,     2007.    ACM        Press.   available    at
adapted our work with the one documented in Gaines et al [25],                           http://hackmode.org/~alex/pubs/automatic-whiteout_mobileHCI07.pdf,.
where we assume that the attempts closest to the template is                      [14]   Grudin, J.T. (1983), “Error Patterns in Novice and Skilled Transcription
more representative of the user. The results obtained                                    Typing”. In Cognitive Aspects of Skilled Typewriting. Cooper, W.E.
demonstrate the feasibility of this approach and will boost                              (ed.). Springer Verlag. ISBN 0-387-90774-2.
further research in that direction.                                               [15]   Kukich, K. (1992), “Automatic spelling correction: Detection,
                                                                                         correction and context-dependant techniques”. Technical report,
    Our focus has been on commonly encountered errors but                                Bellcore, Morristown, NJ 07960.
other possibilities include the use of run on and split word                      [16]   Michael Gilleland(2001), “Levenshtein Distance, in Three Flavors”,
errors among others. Other works that can be carried out along                           Available: http://www.merriampark.com/ld.htm.
that same line include the use of adaptive learning to be more                    [17]   Wikipedia,”Damerau–Levenshtein distance”,
representative of the user. Logically this will vary considerably                        Available:http://en.wikipedia.org/wiki/Damerau%E2%80%93Levenshtei
as users get acquainted to the input device. Similarly                                   n_distance
investiagtion on the best classifier to use with this scheme                      [18]   Winkler, W. E. (1999). "The state of record linkage and current research
remains an avenue to explore. An intruder detection unit placed                          problems". Statistics of Income Division, Internal Revenue Service
before the Neutral Neural network can enhance its usability and                          Publication,R99/0,
acceptability as a classifier. By removing the intruder attempts                         Available: http://www.census.gov/srd/papers/pdf/rr99-04.pdf.
and presenting only authentic users to the neutral network an                     [19]   Wikipedia,”Jaro–Winkle distance”.
ideal system can be achieved even with learning sample                                   Available: http://en.wikipedia.org/wiki/Jaro-Winkle
consisting of fewer attempts.                                                     [20]   DominicJohnRepici(2002),        “Understanding       Classic    SoundEx
                                                                                         Algorithms”.Available-at
                                                                                         http://www.creativyst.com/Doc/Articles/SoundEx1/SoundEx1.htm
ACKNOWLEDGMENT                                                                    [21]   Pollock, J. J., and Zamora, A. (1984). “Automatic spelling correction in
    The authors are grateful to the staff and students who have                          scientific and scholarly text”. Communications of the ACM, 27(4), pp
                                                                                         358-368(1984).
willingly participated in our experiment. Thanks extended to
                                                                                  [22]   Wikipedia,” N-gram”.
those who in one way of another have contributed to make this
                                                                                         Available: http://en.wikipedia.org/wiki/N-gram.
study feasible.
                                                                                  [23]   S. Cho & S. Hwang(2006), “Artificial Rhythms and Cues for Keystroke
                                                                                         Dynamics Based Authentication”, D. Zhang and A.K. Jain (Eds.):
                             REFERENCES                                                  Springer-Verlag Berlin Heidelberg , ICB 2006, LNCS 3832, pp. 626 –
                                                                                         632.
                                                                                  [24]   R. Gaines et al (1980), “Authentication by Keystroke Timing: Some
[1]   CP, Pfleeger (1997), “Security in Computing”, International Edition,
                                                                                         Preliminary Results”, technical report R-256-NSF, RAND.
      Second Edition, Prentice Hall International, Inc,
                                                                                  [25]   Pavaday N & Soyjaudah. K.M.S, “Investigating performance of neural
[2]   S. Garfinkel & E. H. Spafford (1996), “Practical UNIX Security”, O
                                                                                         networks in authentication using keystroke dynamics”, In Proceedings of
      Reilly, 2nd edition, April 1996.
                                                                                         the IEEE africon conference , pp. 1 – 8, 2007.
[3]    S. Wiedenbeck, J. Waters , J. Birget, A. Brodskiy & Nasir Memon
                                                                                  [26]   Pavaday N , Soyjaudah S & Mr Nugessur Shrikaant, “Investigating &
      (2005), “Passpoints: Design and Longitudinal Evaluation of a
                                                                                         improving the reliability and repeatability of keystroke dynamics
      Graphical Password System”, International Journal of Human-
                                                                                         timers”, International Journal of Network Security & Its Applications
      Computer Studies, vol 63(1-2), pp. 102-127.
                                                                                         (IJNSA), Vol.2, No.3, July 2010.
[4]   A Mészáros, Z Bankó, L Czúni(2007), “Strengthening Passwords by
                                                                                  [27]   Revett, K., Gorunescu, F., Gorunescu, M., Ene, M., de Magalhães, S.T.
      Keystroke Dynamics”, IEEE International Workshop on Intelligent Data
                                                                                         and Santos, H.M.D. (2007) ‘A machine learning approach to keystroke
      Acquisition and Advanced Computing Systems: Technology and
                                                                                         dynamics based user authentication’, International Journal of Electronic
      Applications, Dortmund, Germany.
                                                                                         Security and Digital Forensics, Vol. 1, No. 1, pp.55–70.
[5]   D. Chuda & M. Durfina(2009), “Multifactor authentication based on
                                                                                  [28]   Patricia A Wittich (2003), “ Biometrics: Are You Key to Security?”, pp 1
      keystroke dynamics”, ACM International Conference Proceeding Series;
                                                                                         – 12 , SANS Institute 2003.
      Vol. 433, Proceedings of the International Conference on Computer
      Systems and Technologies and Workshop for PhD Students in                   [29]   Sebastian Deorowicz, Marcin G.Ciura(2005),"Correcting the spelling
      Computing, Article No.: 89                                                         errors by modelling their causes”, Int.ernational Journal of Applied.
                                                                                         Mathematics. Computer. Science., 2005, Vol. 15, No.2,pp 275–285.




                                                                             24                                      http://sites.google.com/site/ijcsis/
                                                                                                                     ISSN 1947-5500
                                                                         (IJCSIS) International Journal of Computer Science and Information Security,
                                                                                                                          Vol. 8, No. 7, October 2010



                           AUTHORS PROFILE
Mr. N. Pavaday is now with the Computer Science, Faculty on Engineering,
University of Mauritius, having previously done his research training with the
Biometric Lab, School of Industrial Technology, University of Purdue West
Lafayette, Indiana, 47906 USA, (phone: +230-4037727 e-mail:
n.pavaday@uom.ac.mu).

Professor K.M.S.Soyjaudah is with the same university as the first author. He
is interested in all aspect of communication with focus on improving its
security. He can also be contacted on the phone +230 403-7866 ext 1367 (e-
mail: ssoyjaudah@uom.ac.mu)




                                                                                 25                           http://sites.google.com/site/ijcsis/
                                                                                                              ISSN 1947-5500

				
DOCUMENT INFO
Description: Vol. 8 No. 6 September 2010 International Journal of Computer Science and Information Security