Title: A machine learning approach to keystroke dynamics based user authentication

Authors: Kenneth Revett, Florin Gorunescu, Marina Gorunescu, Marius Ene, Sergio Tenreiro de Magalhaes, Henrique M. Dinis Santos

Addresses: Harrow School of Computer Science, University of Westminster, London, UK. ' Department of Mathematics, Biostatistics and Computer Science, University of Medicine and Pharmacy of Craiova, Romania. ' Department of Mathematics, Biostatistics and Computer Science, University of Medicine and Pharmacy of Craiova, Romania. ' Department of Mathematics, Biostatistics and Computer Science, University of Medicine and Pharmacy of Craiova, Romania. ' Department of Information Systems, Universidade do Minho, Campus de Azurem, Guimaraes 4800-058, Portugal. ' Department of Information Systems, Universidade do Minho, Campus de Azurem, Guimaraes 4800-058, Portugal

Abstract: The majority of computer systems employ a login ID and password as the principal method for access security. In stand-alone situations, this level of security may be adequate, but when computers are connected to the internet, the vulnerability to a security breach is increased. In order to reduce vulnerability to attack, biometric solutions have been employed. In this paper, we investigate the use of a behavioural biometric based on keystroke dynamics. Although there are several implementations of keystroke dynamics available, their effectiveness is variable and dependent on the data sample and its acquisition methodology. The results from this study indicate that the Equal Error Rate (EER) is significantly influenced by the attribute selection process and to a lesser extent on the authentication algorithm employed. Our results also provide evidence that a Probabilistic Neural Network (PNN) can be superior in terms of reduced training time and classification accuracy when compared with a typical MLFN back-propagation trained neural network.

Keywords: biometrics; equal error rate; EER; keystroke dynamics; probabilistic neural networks; PNNs; machine learning; user authentication; access control; electronic security; e-security; internet; attribute selection.

DOI: 10.1504/IJESDF.2007.013592

International Journal of Electronic Security and Digital Forensics, 2007 Vol.1 No.1, pp.55 - 70

Published online: 09 May 2007 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article