Presentation Attack and Detection in Keystroke Dynamics
MetadataShow full item record
Biometric authentication is already making an entry in consumer security, notably with face and fingerprint recognition. Keystroke dynamics is an aspect of behavioral biometrics based on typing behavior to verify the identification of the user. It is both easy to implement, and is less intrusive for the user. If the system already relies on a password for authentication, then keystroke based biometrics can offer an additional hidden layer of security. Alternatively it can be used for continuous authentication to continuously verify the user identity based on their interaction with the system. Many biometric systems have been demonstrated to be vulnerable to attacks. The research on attack detection is a way of making the systems more robust, and can be seen as an indicator of the maturity the systems have for security applications. This project will focus on presentation attacks and detection techniques on keystroke dynamics using hardware to artificially inject keystrokes for the system. The goal of this project is to study the impact of keystroke dynamics as a possible security feature, we do this either by demonstrating the existing security, or by proposing techniques that can defend against targeted attacks from malicious actors. Based on our results, we find that keystroke dynamics is probably not secure against a resourceful attacker. However, we also find that it does protect the user against attacks that most systems are normally vulnerable against. Further, we did not find any reliable way to deteect an ongoing attack. For future work we would therefore like to see more thorough study of the security, as well as research into possible ways of detecting ongoing attacks.