A Framework for Improving the Accuracy of Keystroke Dynamics-Based Biometric Authentication Using Soft Computing Techniques

A Framework for Improving the Accuracy of Keystroke Dynamics-Based Biometric Authentication Using Soft Computing Techniques

Shanmugapriya D. (Avinashilingam Institute for Home Science and Higher Education for Women, India) and Padmavathi Ganapathi (Avinashilingam Institute for Home Science and Higher Education for Women, India)
Copyright: © 2019 |Pages: 28
DOI: 10.4018/978-1-5225-7724-9.ch009

Abstract

The global access of information and resources from anywhere has increased the chance of intrusion and hacking of confidential data. Username with password is the commonly used authentication mechanism which is used for almost all online applications from net banking to online examinations. However, advanced safeguard mechanisms are sought against unauthorized access as the passwords can be hacked easily. To strengthen the password, it can be combined with biometric technology. Keystroke biometrics, a strong behavioral biometric, can be considered as a secure method compared to other methods even if the imposter knows the username and password as it is based on user habitual typing rhythm patterns. For any online application the accuracy level plays a vital role. But the accuracy of keystroke authentication when compared with other biometric authentication mechanisms is low. To improve the accuracy and minimize the training and testing time, this chapter proposes a wrapper-based classification using PSO-ELM-ANP algorithm which gives 99.92% accuracy.
Chapter Preview
Top

Introduction

Unauthorized access of vital information threatens the computer security. User authentication is the only way to prevent the unauthorized access. User Authentication is classified into three categories namely: Knowledge based authentication, Object based authentication and Biometric based authentication. The Figure 1 shows the classification of User Authentication mechanisms.

Figure 1.

User authentication methods

978-1-5225-7724-9.ch009.f01

Knowledge Based Authentication

Knowledge based authentication is based on “something the user knows”. Passwords or PINs come under this category. Passwords are widely used because they are simple, inexpensive, and portable.

Even though the passwords are strong or weak or medium, they are one of the very poor forms of authentication because they can be easily cracked or hacked by Guessing, Brute force attacks, Dictionary attacks, Shoulder surfing, Key logger attack. Apart from the above mentioned, user may have multiple passwords or a password that needs to be continuously changed, which are very hard to remember by the user. Passwords are classified as Strong passwords, Weak Passwords and Medium Passwords according to password generators. Strong passwords are hard to remember which may lead to dictionary attacks. Medium and Weak passwords can easily be hacked or cracked.

Knowledge based Authentication can be categorized as Static and Dynamic Knowledge based authentication methods. Static method is commonly used by banks, financial services companies and e-mail providers where the user has to authenticate with the password before accessing the information. The user has to provide the answer for a shared secret question during the registration phase. The user is allowed to reset the password using shared secret question by providing answer for the question. If the shared secret question is hacked or the imposter is able to guess the answer for the question, he can easily authenticate and access the information. The Dynamic knowledge based authentication does not require the user to provide the secret questions and answers during registration phase. The questions will be generated by the system based on the records of the individuals. A time limit will be given for the user to respond to the Questions and numbers of attempts are also limited to answer the question. This method provides high level of authentication than the static method.

Object Based Authentication

Something the user has or possesses is called Object based authentication. Tokens like ATM cards, credit/ debit cards, ID cards etc., comes under this category of authentication through “something the user has”. This authentication method is popular because tokens are portable and does not require any special software or equipment. Tokens prevent the stolen password from accessing the website by the unauthorized user as he/she must steal the physical token as well as the password.

However, they are expensive when compared with Knowledge based authentication as it requires replacement of tokens every few years. Object based authentications are not convenient for the user since he/she must manually enter the token value as well as the password. Tokens can also be stolen by strange party which leads to the stealing of information. In this type of authentication, user can either forget the password or lose the card.

Complete Chapter List

Search this Book:
Reset