Premium
Multimodal mobile keystroke dynamics biometrics combining fixed and variable passwords
Author(s) -
Alshanketi Faisal,
Traoré Issa,
Awad Ahmed
Publication year - 2019
Publication title -
security and privacy
Language(s) - English
Resource type - Journals
ISSN - 2475-6725
DOI - 10.1002/spy2.48
Subject(s) - password , keystroke dynamics , biometrics , computer science , keystroke logging , computer security , login , leverage (statistics) , artificial intelligence , human–computer interaction , s/key
Recent works have demonstrated the possibility to craft successful statistical attacks against keystroke dynamic biometric password. Those attacks leverage the possibility to capture several keystroke dynamics samples for a given password string, and then extract and use their distributional properties to craft the attack. These approaches are by design more likely to be successful when launched against fixed passwords, as several samples of the passwords can be captured through successive login sessions. Although the dynamics obtained from specific keys or key sequences for consecutive passwords slightly vary, by definition the distributional properties remain fairly stable for the same user. One way to thwart such that attack to use a variable password, also know as one‐time password (OTP). However, the fact that the keystroke dynamic OTP is different from one session to the other, makes it extremely difficult to reconstruct a valid biometric profile for a user. Modeling accurate keystroke dynamic OTP is challenging, due to the underlying variability and the sparse amount of information involved. We tackle the aformentioned challenge by presenting, in this paper, by presenting a multimodal approach tat combines fixed and variable keystroke dynamic biometric passwords. We investigate two different fusion models and evaluate our approach using a data set involving 100 different users, yielding encouraging performance results in terms of accuracy and resistance against statistical attacks.