Keystroke Authentication It’s All in How You Type John C. Checco BiometriTech 2003 bioChec™

Slides:

Advertisements

Similar presentations

Keystroke Authentication Its All in How You Type John C. Checco, CISSP bioChec.

Advertisements

15 Tactical Improvements to IT Security Virtual Keyboard, Two Factor Authentication, Active Confirmation and FAA Access to CPS Online Ganesh Reddy.

BIOMETRICS Presented By Rickie Jackson.  Outline –Introduction –Biometrics techniques –Strengths, and weaknesses –FAR/FRR –Major Players –Summary.

BIOMETRICS: Libraries have begun to see the value of biometrics. M.G. SELVI Technical Officer Center of Advanced Study in Crystallography and Biophysics,

By: Monika Achury and Shuchita Singh

BIOMETRICS AND NETWORK AUTHENTICATION Security Innovators.

FIT3105 Biometric based authentication and identity management

Introduction to Biometrics Dr. Pushkin Kachroo. New Field Face recognition from computer vision Speaker recognition from signal processing Finger prints.

PALM VEIN TECHNOLOGY.

Biometrics and Authentication Shivani Kirubanandan.

Going beyond passwords

Biometrics Kyle O'Meara April 14, Contents Introduction Specific Types of Biometrics Examples Personal Experience Questions.

VOICE BOX® VOICE RECOGNITION Using YOUR Voice to Protect YOUR Identity! By Neil Madadi, Allison Wright, Ava Embry, Jacob Howard.

B IOMETRICS Akash Mudubagilu Arindam Gupta. O VERVIEW What is Biometrics? Why Biometrics? General Biometric System Different types of Biometrics Uses.

TEAM-1 JACKIE ABBAZIO SASHA PEREZ DENISE SILVA ROBERT TESORIERO Face Recognition Systems.

Security-Authentication

1J. M. Kizza - Ethical And Social Issues Module 16: Biometrics Introduction and Definitions Introduction and Definitions The Biometrics Authentication.

Module 14: Biometrics Introduction and Definitions The Biometrics Authentication Process Biometric System Components The Future of Biometrics J. M. Kizza.

Security systems need to be able to distinguish the “white hats” from the “black hats”. This all begins with identity. What are some common identifiers.

Biometrics: Ear Recognition

Biometrics Viktor MINKIN OutlineOutline Outline Introduction Biometric systems Biometric characteristics Fingerprints Unimodal systems.

Karthiknathan Srinivasan Sanchit Aggarwal

Security Measures Using IS to secure data. Security Equipment, Hardware Biometrics –Authentication based on what you are (Biometrics) –Biometrics, human.

By Alvaro E. Escobar 1 Biometrics Agenda I. Video II. Biometric Overview III. Biometric Technologies IV. Accuracy Metrics V. BioPrivacy Concerns.

Access and Identity Management System (AIMS) Federal Student Aid PESC Fall 2009 Data Summit October 20, 2009 Balu Balasubramanyam.

Speaker Recognition By Afshan Hina.

CS 736 A methodology for Analyzing the Performance of Authentication Protocol by Laseinde Olaoluwa Peter Department of Computer Science West Virginia.

Chapter 5 Input By: Matthew D McCoog What Is Input? Any data or instructions entered into the memory of a computer.

The solution is at your fingertips!. BARTEX 2000 Corp. BARTEX brings You integrated security solutions using the most advanced technology available in.

B IOMETRIC STANDARDS A N OVERVIEW OF BIOMETRICS AND IDENTITY MANAGEMENT Supervisor : Ahmed Abu Mosameh Prepared by samaher el nbahen UNIVERSITY.

BIOMETRICS. BIOMETRICS BIOMETRICS  Forget passwords...  Forget pin numbers...  Forget all your security concerns...

DigitalPersona, Inc. Biometric Authentication for Digital Authentication Presented by: Brian Farley, Western Sales Regional Manager DigitalPersona.

BIOMETRICS By: Lucas Clay and Tim Myers. WHAT IS IT?  Biometrics are a method of uniquely identifying a person based on physical or behavioral traits.

Lecture 7 Page 1 CS 236 Online Challenge/Response Authentication Authentication by what questions you can answer correctly –Again, by what you know The.

Introduction to Biometrics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #14 Behavioral Biometrics October 10, 2005.

Lecture 7 Page 1 CS 236, Spring 2008 Challenge/Response Authentication Authentication by what questions you can answer correctly –Again, by what you know.

BIOMETRICS FOR RECOGNITION. Presentation Outlines  Traditional methods of security  Need for biometrics  Biometrics recognition techniques  How biometrics.

1 Information Systems CS-507 Lecture Types of Controls Access Controls – Controlling who can access the system. Input Controls – Controls over how.

Biometrics Authentication Technology

Introduction to Biometrics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #18 Biometrics Applications - III October 26, 2005.

Chapter 2 Securing Network Server and User Workstations.

Biometrics and Retina Scan Technology Lum OSMANI Alex CHERVENKOV Course: Information Security April 2008.

PRESENTATION ON BIOMETRICS

Biometric Technologies

Biometrics Chuck Cook Matthew Etten Jeremy Vaughn.

INTRODUCTION TO BIOMATRICS ACCESS CONTROL SYSTEM Prepared by: Jagruti Shrimali Guided by : Prof. Chirag Patel.

L. F. Coppenrath & Associates PASSWORD BIOPASSWORD ® Biometric Keystroke Dynamics Technology Overview.

Networking Network Classification, by there: 3 Security And Communications software.

Chapter 3 Pre-Incident Preparation Spring Incident Response & Computer Forensics.

Biometrics Ryan Epling. What Are Biometrics? “Automated methods of verifying or recognizing a living person on the basis of some physiological characteristics,

CSCE 201 Identification and Authentication Fall 2015.

LEARNING AREA 1 : INFORMATION AND COMMUNICATION TECHNOLOGY PRIVACY AUTHENTICATION VERIFICATION.

BOPS – Biometric Open Protocol Standard Emilio J. Sanchez-Sierra.

Managing Secure Biometric Systems Meghan Armes IA Management April 24, 2007.

What does it mean to us?.  History  Biometrics Defined  Modern Day Applications  Spoofing  Future of Biometrics.

By Kyle Bickel. Road Map Biometric Authentication Biometric Factors User Authentication Factors Biometric Techniques Conclusion.

An Introduction to Biometrics

A l a d d I n. c o m Strong Authentication and Beyond Budai László, IT Biztonságtechnikai tanácsadó.

Challenge/Response Authentication

FACE RECOGNITION TECHNOLOGY

Biometrics Reg: AMP/HNDIT/F/F/E/2013/067.

Seminar Presentation on Biometrics

Biometric technology.

Asst. Prof. Arvind Selwal, CUJ,Jammu

Presentation Outlines

A SEMINAR REPORT ON BIOMETRICS

Protection Mechanisms in Security Management

Presentation transcript:

Keystroke Authentication It’s All in How You Type John C. Checco BiometriTech 2003 bioChec™

Overview What is Keystroke Authentication How Effective is Keystroke Authentication Advantages of Keystroke Authentication Markets for Keystroke Authentication Future for Keystroke Authentication

What is Keystroke Authentication Biological Measurements  Measurement of physical aspects of a person that determine identity  Static measurement ڤAbsolute match  Quality of measurement is only variable by the quality of the capture device.  Examples: ڤDNA, ڤIris/Retina Scan, ڤFingerprint, ڤHand Geometry … Behavioral Measurements  Measurement of characteristic traits exhibited by a person that can determine identity  Dynamic measurement ڤConfidence match  Quality of measurement varies by behavioral and other external factors.  Examples: ڤKeystroke Heuristics, ڤHandwriting Analysis, ڤVoice Verification …

What is Keystroke Authentication Keystroke Heuristics / Keystroke Dynamics  Pattern exhibited by a person using an input device in a consistent manner ڤKeyboard, Keypad, Stylus ڤRelies on spatial configuration, timing, cadence, and content.  Measurements captured are already available by the input device: ڤDwell time ڤFlight time ڤAbsolute versus Relative timing  Processing consists of deducing a series of key factors from an arbitrary data stream: ڤRobotic vision, Economic trending, Quantum physics ڤBeing consistent as well as consistently inconsistent.

What is Keystroke Authentication History of the World, Part I  1979: ڤTechnology originally developed by SRI International.  1984: ڤNational Bureau of Standards (NBS) study concluded that computer keystroke authentication of 98% accuracy.  1988: ڤKeystroke authentication hardware device passes NIST Computer Security Act of  2000: ڤKeystroke authentication passes the Financial Services Technology Consortium (FSTC) / International Biometric Group (IBG) Comparative Testing program.  Patents (partial list): ڤ , , , , ,

How Effective is Keystroke Authentication Fingerprint  FAR= ~0%  FRR= ~1% Keystroke Heuristics  FAR = ~0.01%  FRR = ~3.0% ڤManufacturer recommended settings ڤVariable (application-defined) Facial Recognition  FAR/FRR vary according to: compression, distance, illumination, media, pose, resolution, and other temporal factors. Voice Recognition  FAR = ~1.6%  FRR = ~8.1%

How Effective is Keystroke Authentication What If ….  I injure my hand? ڤHow many people have you met that have had hand injuries? ڤHow many people have you met that forgot their password?  I enrolled on one keyboard and want to login on another? ڤTactile versus membrane ڤFull-size versus compact ڤKey-character layout  My connection is hijacked and someone replays my keystrokes? ڤFraud detection methods vary by manufacturer.  I have a bad day?

Advantages of Keystroke Authentication Deployment / Maintenance:  No physical hardware to install or maintain.  No manpower needed on client-side deployment for installations or upgrades. Technical:  Inherently narrows the identification pool to achieve authentication FAR/FRR. Portable:  Users are not limited to individual or specific workstations.  Can support remote access and telecommuting Adjustable:  Application and/or user managed levels of security.  Can constantly adjust/refine a user’s biometric template over time. Breadth:  Software-only components allow integration into any software project. User Acceptance:  Non-invasive capture  Can support invisible (background) enrollment.  Works better with phrases familiar (easy to remember) for the user.

Markets for Keystroke Authentication Network Security:  Integration with Single Sign-on Solutions.  RADIUS integration  Integration into terminal access applications.  Integration into NTFS Volume Protection.  Promote proper use of existing licensing.  Logging of biometric access creates better forensic evidence. Personal Information Security:  Primary authorization for individual document encryption.  Secondary authorization mechanism for online purchases. Asset Identification:  Integration with Online Training/Testing.  Document signing (e.g. HIPAA)  Software Licensing and Registration.

Future for Keystroke Authentication Consumer Market:  ATM  PDA  RIM  Cell phones  Home Security Access Pads

Questions and Comments Notes:

Contact Information John C. Checco President, bioChec™ Checco Services, Inc