Employee Surveillance Based on Free Text Detection of Keystroke Dynamics

Employee Surveillance Based on Free Text Detection of Keystroke Dynamics

Ahmed Awad E. Ahmed (University of Victoria, Canada)
DOI: 10.4018/978-1-60566-132-2.ch003
OnDemand PDF Download:
$30.00
List Price: $37.50

Abstract

In recent years, many studies have highlighted the unprecedented growth in security threats from multiple and varied sources faced by corporate, as well as governmental organizations. People inside the organization with ready access to confidential or proprietary data can easily violate the organization security policy, maliciously or inadvertently, without being caught. In order to protect their reputation and valuable assets, many organizations take the dramatic but necessary step of deploying and operating employee surveillance and monitoring tools within their network perimeters. In this chapter, we discuss employee surveillance schemes from both technological and legal perspectives. We argue that keystroke dynamics could be used to fight effectively against insider threat, and as such it could play an important role in employee surveillance. We present a keystroke recognition scheme based on free text detection that goes beyond the traditional approach of using keystroke dynamics for authentication or employee performance evaluation, and consider using such information for dynamic user profiling. The generated profiles can be used to identify reliably perpetrators in the event of security breach. Such form of user profiling provides a very effective way of combating insider threat that is less intrusive to individual privacy.
Chapter Preview
Top

Introduction

In recent years, many studies have highlighted the unprecedented growth in security threats from multiple and varied sources (Denning, 1987). Traditional protection mechanisms such as firewall and intrusion detection systems primarily focus on hacking threats originating from outside the organization network perimeter, whereas people inside the organization with ready access to confidential or proprietary data can easily violate the organization security policy, maliciously or inadvertently, without being caught (Ahmed, 2003; Ahmed, 2005). Hence, insiders pose the greatest challenge to data protection. It has been reported that insiders represent the sources of over half of the security and privacy breaches faced by most organizations. Malicious activity by an insider may expose his organization to credibility lost, or significant financial lost related to lost business or lawsuits.

In order to protect their reputation and valuable assets, many organizations take the dramatic but necessary step of deploying and operating employee surveillance and monitoring tools within their network perimeters (Zimmerman, 2002). The rationale behind such approach is that secure management of organization information assets largely depend on the behavior of the employees. Employees are typically involved in all aspects of information flows within an organization. They are producers or end-users of the organization information asset, and have easier access to it compared with outsiders. So mismanagement or misuse of such information by an employee can have devastating impact on the company.

One class of tools that have gained in popularity in the realm of employee surveillance technologies is keystroke monitor. Keystroke monitors can be used to generate and analyze two different kinds of information: the keystrokes data and the keystroke dynamics. The keystrokes data can be used to reconstruct the actual information typed by the user such as the commands or programs run, or the messages typed etc. Keystroke dynamics have so far been used, in existing surveillance technologies, only for employee work performance monitoring purpose by determining and logging, for instance, the employee typing speed. Prior research has shown that keystroke dynamics can also be used for protection. However, the focus of these research works has mostly been on using keystroke dynamics for authentication (Bleha et al., 1990; Brown, 1993; Bergadano, 2002).

We argue that keystroke dynamics could be used to fight effectively against insider threat, and as such it could play an important role in employee surveillance. To achieve this goal we need to go beyond the traditional approach of using keystroke dynamics for authentication or employee performance evaluation, and consider using such information for dynamic user profiling. The generated profiles can be used to identify reliably perpetrators in the event of security breach. Such form of user profiling provides a very effective way of combating insider threat that is less intrusive to individual privacy.

Key Terms in this Chapter

Human-Computer Interaction (HCI): is the study of human behavior when interacting with a computer. Such study can lead to computer UI enhancement for better user experience.

Keystroke Dynamics: a behavioral biometric which describes the user typing rhythm while using a computer keyboard.

Employee Surveillance Technologies: methods and procedures used to monitor and record data collected from employees at work, and detect any misuse of resources.

Behavioral Biometrics: a set of features acquired over time which describes the human behavior in performing specific category of actions.

Free Text Detection of Keystrokes: the process of measuring keystroke dynamics of a stream of previously undetermined keystroke actions.

Insider Threat: a potential risk caused by a trusted individual misusing the given privileges to compromise system security.

Biometric Technologies: systems which process and analyze biological or behavioral characteristics of a human in order to recognize or verify user’s identity.

Complete Chapter List

Search this Book:
Reset