Continuous Verification Using Keystroke Dynamics

Traditionally user authentication is based on a username and password. However, a logged station is still vulnerable to imposters when the user leaves her computer without logging-off. Keystroke dynamics methods can be useful for continuously verifying a user once the authentication process has successfully ended. However, current methods require long sessions and significant amounts of keystrokes to reliably verify users. We propose a new method that compactly represents the keystroke patterns by joining similar pairs of consecutive keystrokes. This automatically created representation reduces the session size required for inducing the user´s verification model. The proposed method was evaluated on 21 legitimate users and 165 attackers. The results were encouraging and suggest that the detection performance of the proposed method is better than that of existing methods. Specifically we attained a false acceptance rate (FAR) of 3.47% and false rejection rate (FRR) of 0% using only 250 keystrokes.