On the effectiveness of sensor-enhanced keystroke dynamics against statistical attacks

Valeriu-Daniel Stanciu, Riccardo Spolaor, Mauro Conti, Cristiano Giuffrida

Research output: Chapter in Book / Report / Conference proceedingConference contributionAcademicpeer-review

Abstract

In recent years, simple password-based authentication systems have increasingly proven ineffective for many classes of real-world devices. As a result, many researchers have concentrated their efforts on the design of new biometric authentication systems. This trend has been further accelerated by the advent of mobile devices, which offer numerous sensors and capabilities to implement a variety of mobile biometric authentication systems. Along with the advances in biometric authentication, however, attacks have also become much more sophisticated and many biometric techniques have ultimately proven inadequate in face of advanced attackers in practice. In this paper, we investigate the effectiveness of sensor enhanced keystroke dynamics, a recent mobile biometric authentication mechanism that combines a particularly rich set of features. In our analysis, we consider different types of attacks, with a focus on advanced attacks that draw from general population statistics. Such attacks have already been proven effective in drastically reducing the accuracy of many state-of-the-art biometric authentication systems. We implemented a statistical attack against sensor enhanced keystroke dynamics and evaluated its impact on detection accuracy. On one hand, our results show that sensor-enhanced keystroke dynamics are generally robust against statistical attacks with a marginal equal-error rate impact (<0.14%). On the other hand, our results show that, surprisingly, keystroke timing features non-trivially weaken the security guarantees provided by sensor features alone. Our findings suggest that sensor dynamics may be a stronger biometric authentication mechanism against recently proposed practical attacks.

Original languageEnglish
Title of host publicationCODASPY 2016 - Proceedings of the 6th ACM Conference on Data and Application Security and Privacy
PublisherAssociation for Computing Machinery, Inc
Pages105-112
Number of pages8
ISBN (Electronic)9781450339353
DOIs
Publication statusPublished - 9 Mar 2016
Event6th ACM Conference on Data and Application Security and Privacy, CODASPY 2016 - New Orleans, United States
Duration: 9 Mar 201611 Mar 2016

Conference

Conference6th ACM Conference on Data and Application Security and Privacy, CODASPY 2016
Country/TerritoryUnited States
CityNew Orleans
Period9/03/1611/03/16

Keywords

  • biometric authentication
  • statistical attacks
  • sensor dynamics
  • mobile security
  • keystroke dynamics
  • classsidechannels
  • classmobile

Fingerprint

Dive into the research topics of 'On the effectiveness of sensor-enhanced keystroke dynamics against statistical attacks'. Together they form a unique fingerprint.

Cite this