Presentation is loading. Please wait.

Presentation is loading. Please wait.

Typing Pattern Authentication Techniques 3 rd Quarter Luke Knepper.

Published byGeorge Stone Modified over 9 years ago

Similar presentations

Presentation on theme: "Typing Pattern Authentication Techniques 3 rd Quarter Luke Knepper."— Presentation transcript:

1 Typing Pattern Authentication Techniques 3 rd Quarter Luke Knepper

2 Agenda Background Final Process Experimentation Current Results Goals

3 The Dilemma Passwords can sometimes be suboptimal Advanced biometrics are expensive Need an alternative

4 A Solution Authenticate people by how they type Typing patterns differ by person Studies show that people can be authenticated by their typing patterns Cheap and flexible to implement

5 A Problem Usually will measure the user's keystrokes when typing in username & passwords Commercial packages available (ex. Psylock) However, uses static text (username & password) → easy to hack Need an improvement

6 The Fix Generate random text and record keystrokes while the user types it Not a static text segment → Makes it considerably harder to hack

7 Another Advantage What if another person jumps on the computer while you are logged in? Can continuously monitor the user's typing patterns during program use If a change is detected, system suspects an intruder and locks the user out

8 Background Measures users' typing patterns, compares to a previous standard Technique first used in WWII Works with ~90% Accuracy Usually implemented in a neural network structure

9 Background

10 Process (front-end) On account set-up, user will type large amounts of dynamic text On subsequent log-ins, user will type smaller amount of dynamic text User will still need to use username, password, etc.

11 Process (back-end) Set-up data will be used to breed (i.e. train) a neural network The optimal weight vector can be generated efficiently via back-propagation, genetic algorithms, parallel processing Log-in data will be fed through neural network: result either meets threshold (admitted) or does not meet (rejected)

12 Continuous Authentication Uses same general process as log-in time authentication Measures the user's typing patterns while the system is in use Runs the typing data through the neural network at regular intervals Raise the warning level if a change is detected, lock out after critical point

13 Experimentation Goals:  Develop and test the accuracy of different types of neural networks for this purpose  Develop and test log-in authentication application  Develop and test continuous authentication application

14 Experimentation Neural Network Optimization: 1.Develop online data collection applet 2.Collect massive amounts of data 3.Use data to train multiple neural network types 4.Test different network types to determine accuracy of each type

15 Experimentation Neural Network Optimization: Will train a neural network for each data file collected Sample data will be sent through the neural network Success vs. Failure ratio will be measured and compared between different network types

16 Experimentation Accuracy Testing: 1.Collect large number of test subjects 2.Subjects set up dummy accounts 3.Subjects attempt to log into their accounts and accounts of others on subsequent sittings (spaced out by 1 week and 1 month) 4.Measure final accuracy

17 Current Results Proof-of-concept program Determines the mystery typer between two known users Uses simple single-layer neural network Correct 18 / 20 = 90%

18 Current Results Data collection Flash applet Shows user segment of dynamic text, asks them to type it in a box below Records their keystroke times Sends keystroke data to server to be stored in separate files Collected over 1,500 samples

19 Current Results Keystroke data file format: – For each keystroke, records the following: Key-# / up-or-down / time-in-millis Example: “65 U 22424” – Flexible format allows for different characteristics to be measured (e.g. time between strokes or time of depression)

20 Current Results Working on an automated testing system First will train neural networks of each type for every data file as noted before Then will record the results of each neural network through automated tested Finally will compute statistics for the accuracy of the different types

21 Current Results Developped continuous authentication simulation program Simulates an instant-messaging session with an automated chat bot Asks the user questions and measures typing data for each response Locks the user out if a significant change is detected

22 Goals Final program interface will be:  Easily implementable  Difficult to crack  Accurate above 90%  Will be combined with password security to make inexpensive and secure system

23 Fin Questions and wrap-up

Download ppt "Typing Pattern Authentication Techniques 3 rd Quarter Luke Knepper."

Similar presentations

1 VLDB 2006, Seoul Mapping a Moving Landscape by Mining Mountains of Logs Automated Generation of a Dependency Model for HUG’s Clinical System Mirko Steinle,

1 VLDB 2006, Seoul Mapping a Moving Landscape by Mining Mountains of Logs Automated Generation of a Dependency Model for HUG’s Clinical System Mirko Steinle,
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
Password Cracking Lesson 10. Why crack passwords?

Password Cracking Lesson 10. Why crack passwords?
CSC 386 – Computer Security Scott Heggen. Agenda Authentication Passwords Reducing the probability of a password being guessed Reducing the probability.

CSC 386 – Computer Security Scott Heggen. Agenda Authentication Passwords Reducing the probability of a password being guessed Reducing the probability.
Detecting Computer Intrusions Using Behavioral Biometrics Ahmed Awad E. A, and Issa Traore University of Victoria PST’05 Oct 13,2005.

Detecting Computer Intrusions Using Behavioral Biometrics Ahmed Awad E. A, and Issa Traore University of Victoria PST’05 Oct 13,2005.
Copyright 2004 Monash University IMS5401 Web-based Systems Development Topic 2: Elements of the Web (g) Interactivity.

Copyright 2004 Monash University IMS5401 Web-based Systems Development Topic 2: Elements of the Web (g) Interactivity.
Research Experiment Design Sprint: Keystroke Biometric Intrusion Detection Ned Bakelman Advisor: Dr. Charles Tappert.

Research Experiment Design Sprint: Keystroke Biometric Intrusion Detection Ned Bakelman Advisor: Dr. Charles Tappert.
Research Experiment Design Sprint: Keystroke Biometric Intrusion Detection Ned Bakelman Advisor: Dr. Charles Tappert.

Research Experiment Design Sprint: Keystroke Biometric Intrusion Detection Ned Bakelman Advisor: Dr. Charles Tappert.
Secure Shell – SSH Tam Ngo Steve Licking cs265. Overview Introduction Brief History and Background of SSH Differences between SSH-1 and SSH- 2 Brief Overview.

Secure Shell – SSH Tam Ngo Steve Licking cs265. Overview Introduction Brief History and Background of SSH Differences between SSH-1 and SSH- 2 Brief Overview.
1 Chapter 11: Authentication Basics Passwords. 2 Establishing Identity Authentication: binding of identity to subject One or more of the following –What.

1 Chapter 11: Authentication Basics Passwords. 2 Establishing Identity Authentication: binding of identity to subject One or more of the following –What.
Mouse Movement Biometrics, Pace University, Fall'20071 Mouse Movement Biometrics Fall 2007 Capstone -Team Members Rafael Diaz Michael Lampe Nkem Ajufor.

Mouse Movement Biometrics, Pace University, Fall'20071 Mouse Movement Biometrics Fall 2007 Capstone -Team Members Rafael Diaz Michael Lampe Nkem Ajufor.
CS 691 - Team 5 Alex Wong Raheel Khan Rumeiz Hasseem Swati Bharati Biometric Authentication System.

CS Team 5 Alex Wong Raheel Khan Rumeiz Hasseem Swati Bharati Biometric Authentication System.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Keystroke Biometrics Test Taker Setup and Data Collection Fall 2009.

Keystroke Biometrics Test Taker Setup and Data Collection Fall 2009.
Keystroke Biometric Studies Keystroke Biometric Identification and Authentication on Long-Text Input Book chapter in Behavioral Biometrics for Human Identification.

Keystroke Biometric Studies Keystroke Biometric Identification and Authentication on Long-Text Input Book chapter in Behavioral Biometrics for Human Identification.
Computer Assisted Audit Techniques

Computer Assisted Audit Techniques
Intrusion detection Anomaly detection models: compare a user’s normal behavior statistically to parameters of the current session, in order to find significant.

Intrusion detection Anomaly detection models: compare a user’s normal behavior statistically to parameters of the current session, in order to find significant.
1 Security problems of your keyboard –Authentication based on key strokes –Compromising emanations consist of electrical, mechanical, or acoustical –Supply.

1 Security problems of your keyboard –Authentication based on key strokes –Compromising emanations consist of electrical, mechanical, or acoustical –Supply.
System Implementation

System Implementation
Authentication for Humans Rachna Dhamija SIMS, UC Berkeley DIMACS Workshop on Usable Privacy and Security Software July 7, 2004.

Authentication for Humans Rachna Dhamija SIMS, UC Berkeley DIMACS Workshop on Usable Privacy and Security Software July 7, 2004.

Similar presentations

Ads by Google