User Authentication via Keyboard Typing Behavior
Biometrics (the measurement and analysis of physical or behavioral characteristics) can be used to identify and authenticate an individual, and to manage access to sensitive information or resources. A limitation with use of a single-point physical biometric (such as a fingerprint) is that access may be granted indefinitely, even after the user is no longer present. This problem can be overcome by use of continuous authentication. However, continuous or repeated authentication using a fingerprint or other physical characteristic is intrusive and cumbersome. Limitations of behavioral biometric authentication methods include delayed authentication, and current authentication methods do not work during all computer interactions. Researchers at MSU have developed a continuous authentication system that overcomes these limitations.
Description of Technology
Two new methods use continuous user authentication based on keystroke sound and keystroke behavior. These two methods can be used independently or in combination.
- Authentication via keystroke sound: The sound of a user typing on the keyboard is captured by a microphone attached to the computer. The sound is passed to the system for feature extraction and matching. A virtual alphabet is constructed and used instead of the real alphabet to increase privacy and eliminate the need for logging of the actual keystrokes. Software analyzes the data and provides continuous identification and authentication of the user.
- Authentication via keyboard typing behavior: A webcam pointed towards the keyboard provides a continuous stream of a user’s hand movements. These movements are analyzed by computer vision algorithms that extract feature representations from each frame, and then uses these features to form a multi-dimensional descriptor. Using these descriptors, the similarity between the streamed video and a video in the gallery is computed. The computer vision algorithm verifies the spatio-temporal patters of movement of the user continuously using the similarity metrics.
- Continuous and non-invasive authentication
- Inexpensive implementation
- Shorter verification time
- Increased privacy
- Continuous user authentication via keyboard access
- Web fraud detection
- Behavior detection
- Context aware computing
- Passive biometrics
Licensing Rights Available
Full licensing rights available
Inventors: Xiaoming Liu, Arun Ross, Joseph Roth, Dimitris Matexas
Tech ID: TEC2014-0012 & TEC2014-0013
For Information, Contact:
Michigan State University