Biometric Authentication and Identification using Keystroke Dynamics with Alert Levels
Master thesis
Permanent lenke
https://hdl.handle.net/10642/523Utgivelsesdato
2007Metadata
Vis full innførselSamlinger
Sammendrag
Proper authentication is needed to avoid theft and destruction of data by unauthorized
parties. This research proposes to add software biometrics to the authentication
and verification process, using keystroke dynamics. The goal is to grant
or revoke users privileges by distinguishing one user’s typing pattern from another.
Login samples were recorded by monitoring keystroke parameters such as
KeyDown time and KeyWait time, in an 8 character password.
A system to generate user profiles, with the ability to accommodate continuous
growth, was developed. By using appropriate Alert Levels, a 2.25% False Acceptance
Rate and 4.17% False Rejection Rate was achieved. A method to recognize
and identify users, based on one login sample, was able to trace 65% of
the samples back to the original user. The work in this thesis was unable to find
an applicable method for statistical pattern recognition. It concludes that by enabling
a biometric keystroke dynamic authentication system, 97.75% of all false
login attempts, with stolen but valid credentials, can be prevented, although with
a potential downside of increasing the number of falsely rejected logins by 4.17%.
However, as users grow accustomed to their password, the false rejection rate will
go down and the system will increase in reliability. Password DoS attacks as well
as automated dictionary attacks will be prevented, but a potential increase in administration
cost is probable because of altered user behavior due to physical or
environmental changes.
Beskrivelse
Master i nettverks- og systemadministrasjon
Utgiver
Høgskolen i Oslo. Avdeling for ingeniørutdanningUniversitetet i Oslo