1 / 20

Dynamic Authentication of Typing Patterns

2 nd Quarter Luke Knepper. Dynamic Authentication of Typing Patterns. Agenda. Background Final Process Experimentation Current Results Goals. The Dilemma. Passwords are outdated Advanced biometrics are expensive Need an alternative. A Solution. Authenticate people by how they type

ncarrillo
Télécharger la présentation

Dynamic Authentication of Typing Patterns

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. 2nd Quarter Luke Knepper Dynamic Authentication of Typing Patterns

  2. Agenda • Background • Final Process • Experimentation • Current Results • Goals

  3. The Dilemma • Passwords are outdated • Advanced biometrics are expensive • Need an alternative

  4. A Solution • Authenticate people by how they type • Typing patterns differ by person • Studies show that people can be authenticated by their typing patterns • Cheap and flexible to implement

  5. The Problem • Usually will measure the user's keystrokes when typing in username & passwords • Commercial packages available • However, uses static text (username & password) → easy to hack • Need an improvement

  6. The Fix • Generate random text and record keystrokes while the user types it • Not a static text segment → Makes it considerably harder to hack • No research found on dynamic text segments

  7. Background • Measures users' typing patterns, compares to a previous standard • Technique first used in WWII • Works with ~90% Accuracy • Usually implemented in a neural network structure

  8. Background

  9. Process (front-end) • On account set-up, user will type large amounts of dynamic text • On subsequent log-ins, user will type smaller amount of dynamic text • User will still need to use username, password, etc.

  10. Process (back-end) • Set-up data will be used to breed (i.e. train) a neural network • The optimal weight vector can be generated efficiently via back-propagation, genetic algorithms, parallel processing • Log-in data will be fed through neural network: result either meets threshold (admitted) or does not meet (rejected)

  11. Experimentation • Requirements: • Must develop optimal neural network and threshold value for back-end • Must develop optimal GUI / Corpus size • Must determine accuracy

  12. Experimentation • Neural Network Optimization: • Develop online data collection applet • Collect massive amounts of data • Use data to train multiple neural network types • Test different network types to determine optimal network and threshold

  13. Experimentation • Neural Network Optimization: Will train a neural network for each data file collected Sample data will be sent through the neural network Success vs. Failure ratio will be measured and compared between different network types

  14. Experimentation • Accuracy Testing: • Collect large number of test subjects • Subjects set up dummy accounts • Subjects attempt to log into their accounts and accounts of others on subsequent sittings (spaced out by 1 week and 1 month) • Measure final accuracy

  15. Current Results • Proof-of-concept program • Determines the mystery typer between two known users • Uses simple single-layer neural network • Correct 18 / 20 = 90%

  16. Current Results • Data collection Flash applet • Shows user segment of dynamic text, asks them to type it in a box below • Records their keystroke times • Sends keystroke data to server to be stored in separate files

  17. Current Results • Keystroke data file format: • For each keystroke, records the following: • Key-# / up-or-down / time-in-millis • Example: “65 U 22424” • Flexible format allows for different characteristics to be measured (e.g. time between strokes or time of depression)

  18. Current Results • Working on an automated testing system • First will train neural networks of each type for every data file as noted before • Then will record the results of each neural network through automated tested • Finally will compute statistics for the accuracy of the different types

  19. Goals • Final program interface will be: • Easily implementable • Difficult to crack • Accurate above 90% • Will be combined with password security to make inexpensive and secure system

  20. Fin • Questions and wrap-up

More Related