Combining Periodic and Continuous Authentication using Keystroke Dynamics

Abstract

If a user leaves their computer without locking it, any nearby person can simply walk over and take control over the machine as if they were the genuine user. If the imposter also has malicious intentions, the genuine user could face serious consequences such as identity theft or blackmailing. Keystroke dynamics enables the system to repeatedly authenticate the user in the background by recognizing their personal typing pattern. Seen from another perspective, the system can lock the imposter out based on detecting unfamiliar typing patterns.

The aim of this project was to combine two such authentication mechanism, namely continuous and periodic authentication. Continuous authentication (CA) systems react to every single keystroke action performed by the user, though such systems base their decisions on very limited amounts of information derived from a couple of keystrokes at a time. Periodic authentication (PA) systems base their decisions on statistics from samples containing a large number of keystrokes, however, they only perform checks after that large number of keystrokes has been collected. This gives the imposter a certain period of freedom before being locked out. By integrating a PA system into a CA system, we eliminated the disadvantages of both authentication mechanisms while still benefiting from their advantages, in addition to improving the CA system's imposter detection performance by over 18\%. Alternatively, the combination of the systems could give the genuine user an increase in the average number of keystrokes before being wrongfully locked out by over 8\%.