Keystroke Authentication Its All in How You Type John C. Checco, CISSP bioChec.

Slides:



Advertisements
Similar presentations
Security for Mobile Devices
Advertisements

INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.
Overview of biometric technology. Contents: 1. What is Biometrics The term “biometrics” is derived from the Greek words “bio” (life) and “metrics” (to.
Lecture 6 User Authentication (cont)
15 Tactical Improvements to IT Security Virtual Keyboard, Two Factor Authentication, Active Confirmation and FAA Access to CPS Online Ganesh Reddy.
BIOMETRICS: Libraries have begun to see the value of biometrics. M.G. SELVI Technical Officer Center of Advanced Study in Crystallography and Biophysics,
By Aidan Summerville.  The process inn which a person’s unique physical and other traits are detected and recorded by an electronic device or system.
By: Monika Achury and Shuchita Singh
FIT3105 Biometric based authentication and identity management
1 November Applicability of Biometrics As a Means of Authentication Scholarship for Service William Kwan.
PALM VEIN TECHNOLOGY.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Biometrics and Authentication Shivani Kirubanandan.
TEAM-1 JACKIE ABBAZIO SASHA PEREZ DENISE SILVA ROBERT TESORIERO Face Recognition Systems.
Security-Authentication
1J. M. Kizza - Ethical And Social Issues Module 16: Biometrics Introduction and Definitions Introduction and Definitions The Biometrics Authentication.
Module 14: Biometrics Introduction and Definitions The Biometrics Authentication Process Biometric System Components The Future of Biometrics J. M. Kizza.
Biometrics: Ear Recognition
Dr. John P. Abraham Professor UTPA.  Particularly attacks university computers  Primarily originating from Korea, China, India, Japan, Iran and Taiwan.
Karthiknathan Srinivasan Sanchit Aggarwal
Security Measures Using IS to secure data. Security Equipment, Hardware Biometrics –Authentication based on what you are (Biometrics) –Biometrics, human.
Zachary Olson and Yukari Hagio CIS 4360 Computer Security November 19, 2008.
Biometrics. Outline What is Biometrics? Why Biometrics? Physiological Behavioral Applications Concerns / Issues 2.
By Alvaro E. Escobar 1 Biometrics Agenda I. Video II. Biometric Overview III. Biometric Technologies IV. Accuracy Metrics V. BioPrivacy Concerns.
Access and Identity Management System (AIMS) Federal Student Aid PESC Fall 2009 Data Summit October 20, 2009 Balu Balasubramanyam.
AIS, Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)
The solution is at your fingertips!. BARTEX 2000 Corp. BARTEX brings You integrated security solutions using the most advanced technology available in.
1 Biometrics and the Department of Defense February 17, 2003.
B IOMETRIC STANDARDS A N OVERVIEW OF BIOMETRICS AND IDENTITY MANAGEMENT Supervisor : Ahmed Abu Mosameh Prepared by samaher el nbahen UNIVERSITY.
 INADEQUATE SECURITY POLICIES ›Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA.
Lecture 7 Page 1 CS 236 Online Challenge/Response Authentication Authentication by what questions you can answer correctly –Again, by what you know The.
Introduction to Biometrics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #14 Behavioral Biometrics October 10, 2005.
BIOMETRICS.
Lecture 7 Page 1 CS 236, Spring 2008 Challenge/Response Authentication Authentication by what questions you can answer correctly –Again, by what you know.
BIOMETRICS FOR RECOGNITION. Presentation Outlines  Traditional methods of security  Need for biometrics  Biometrics recognition techniques  How biometrics.
Keystroke Authentication It’s All in How You Type John C. Checco BiometriTech 2003 bioChec™
Biometrics Authentication Technology
Chapter 2 Securing Network Server and User Workstations.
Biometrics and Retina Scan Technology Lum OSMANI Alex CHERVENKOV Course: Information Security April 2008.
McGraw-Hill/Irwin ©2008 The McGraw-Hill Companies, All Rights Reserved INFORMATION SECURITY SECTION 4.2.
PRESENTATION ON BIOMETRICS
Iris Technology Presented By: D.SRIKANTH Biometrics Identifying individuals using their distinct physical or behavior characteristics. Features measured.
Biometric Technologies
INTRODUCTION TO BIOMATRICS ACCESS CONTROL SYSTEM Prepared by: Jagruti Shrimali Guided by : Prof. Chirag Patel.
L. F. Coppenrath & Associates PASSWORD BIOPASSWORD ® Biometric Keystroke Dynamics Technology Overview.
Biometric Devices Biometric devices use secure identification and authentication in order for someone to use the device. These devices use automated.
Networking Network Classification, by there: 3 Security And Communications software.
Biometrics Ryan Epling. What Are Biometrics? “Automated methods of verifying or recognizing a living person on the basis of some physiological characteristics,
CSCE 201 Identification and Authentication Fall 2015.
My topic is…………. - It is the fundamental building block and the primary lines of defense in computer security. - It is a basic for access control and.
LEARNING AREA 1 : INFORMATION AND COMMUNICATION TECHNOLOGY PRIVACY AUTHENTICATION VERIFICATION.
BOPS – Biometric Open Protocol Standard Emilio J. Sanchez-Sierra.
Managing Secure Biometric Systems Meghan Armes IA Management April 24, 2007.
What does it mean to us?.  History  Biometrics Defined  Modern Day Applications  Spoofing  Future of Biometrics.
By Kyle Bickel. Road Map Biometric Authentication Biometric Factors User Authentication Factors Biometric Techniques Conclusion.
ASHRAY PATEL Protection Mechanisms. Roadmap Access Control Four access control processes Managing access control Firewalls Scanning and Analysis tools.
An Introduction to Biometrics
Biometrics Security in Banking Systems Image processing in ATM
System Access Authentication
Access control techniques
Configuring and Troubleshooting Routing and Remote Access
Authentication.
INFORMATION SECURITY The protection of information from accidental or intentional misuse of a persons inside or outside an organization Comp 212 – Computer.
Biometrics.
Biometrics Reg: AMP/HNDIT/F/F/E/2013/067.
Seminar Presentation on Biometrics
Biometric technology.
Presentation Outlines
A SEMINAR REPORT ON BIOMETRICS
A Framework of Remote Biometric Authentication on the Open Network
Presentation transcript:

Keystroke Authentication Its All in How You Type John C. Checco, CISSP bioChec

Overview What is Keystroke Biometrics How Effective is Keystroke Biometrics Advantages of Keystroke Biometrics Markets for Keystroke Biometrics Future for Keystroke Biometrics

What is Keystroke Biometrics Biological Measurements Physical aspects of a person that determine identity Static measurement Absolute match Quality of measurement is only variable by the quality of the capture device Examples: DNA Iris/Retina Scan Fingerprint Hand Geometry / Vein Structure Facial Recognition

What is Keystroke Biometrics Behavioral Measurements Characteristic traits exhibited by a person that can determine identity Dynamic measurement Confidence match Quality of measurement varies by behavioral and other external factors Examples: Keystroke Heuristics Handwriting Analysis Voice Verification Language Removal Identification

What is Keystroke Biometrics Pattern exhibited by an individual using an input device in a consistent manner Input Device Keyboard, Keypad, Stylus, … Raw measurements available by the input device Dwell time Flight time Absolute versus Relative timing Factors Timing / Cadence Content Spatial Configuration Consistency (as well as consistent inconsistencies) Signature Processing Deduction of key factors from an arbitrary data stream Robotic vision, Economic trending, Quantum physics

What is Keystroke Biometrics History of the World, Part I 1979: Technology originally developed by SRI International. 1984: National Bureau of Standards (NBS) study concluded that computer keystroke authentication of 98% accuracy. 1988: Keystroke authentication hardware device passes NIST Computer Security Act of : Keystroke authentication passes the Financial Services Technology Consortium (FSTC) / International Biometric Group (IBG) Comparative Testing program. Patents (partial list): , , , , ,

How Effective is Keystroke Biometrics Fingerprint FAR= ~0% FRR= ~1% Keystroke Biometrics FAR= ~0.01% FRR= ~3.0% Manufacturer recommended settings Variable (application-defined) Facial Recognition FAR/FRR vary according to: compression, distance, illumination, media, pose, resolution, and other temporal factors. Voice Recognition FAR= ~1.6% FRR= ~8.1%

How Effective is Keystroke Biometrics What If …. I injure my hand? How many people have you met that have had hand injuries? How many people have you met that forgot their password? I enrolled on one keyboard and want to login on another? Tactile versus membrane Full-size versus compact Key-character layout My connection is hijacked and someone replays my keystrokes? Fraud detection methods vary by manufacturer I have a bad day?

Advantages of Keystroke Biometrics Technology Advantages Performance: Inherently narrows the identification pool to achieve lower FAR/FRR Portability: Users are not limited to individual or specific workstations Flexibility: Dynamically managed threshold for acceptance Security: Constant biometric refinement of templates over time User Acceptance: Non-invasive capture Support for invisible (background) enrollment Works better with pass phrases familiar to the user translation: passwords can be easy to remember Paradigm: Only solution that provides for limited liability risk mitigation. Capabilities based policies, not simply role based

Advantages of Keystroke Biometrics Implementation Advantages Deployment / Maintenance: No physical hardware to install or maintain No manpower needed on client-side deployment for installations or upgrades Coverage: Support for remote access and telecommuting Software-only components allow integration into any software solution Policy Management: Secondary authorization does not change current policies Application and/or user managed levels of security Audit Control: Promote proper use of existing licensing Logging of biometric access creates better forensic evidence Exit / Override Strategies No additional resources needed to override or temporarily disable biometric. No invasive exit strategy …. Just turn off server-side secondary authentication process.

Markets for Keystroke Biometrics Network / Intranet Security: Single Sign-on Solutions RADIUS Corporate Application Access xFS Volume Protection Document Control Management Corporate Internet Access

Markets for Keystroke Biometrics Asset Identification: Online Training / Testing Document Signing Software Licensing and Registration Personal Information Security: Primary Authorization for individual document encryption Secondary Authorization mechanism for online purchases Secure Laptop Access

Future for Keystroke Biometrics Consumer Market: PDA / Tablet / Stylus Input RIM ATM Cell phones Home Security Access Pads

Questions and Comments Commonly Asked Questions: Can keystroke biometrics determine if an employee is incapacitated due to inebriation or drug abuse? How does keystroke biometrics protect against Cyrano de Bergerac breaches?

Q.E.D. John C. Checco President, bioChec Checco Services, Inc. Stony Point, New York

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.