Robustness of keystroke-dynamics based biometrics against synthetic forgeries

Computers and Security

Volumn 31, Issue 1, 2012, Pages 109-121

  Stefan, Deian ^a   Shu, Xiaokui ^b   Yao, Danfeng ^b  

^a Cooper Union ^*  (United States)

^b State University   (United States)

Author keywords

Attack; Authentication; Bot; Classification; Forgery; Keystroke dynamics; Malware detection

Indexed keywords

ATTACK; BOT; FORGERY; KEYSTROKE DYNAMICS; MALWARE DETECTION;

BIOMETRICS; CLASSIFICATION (OF INFORMATION); DYNAMICS; MARKOV PROCESSES;

AUTHENTICATION;

EID: 84855983623     PISSN: 01674048     EISSN: None     Source Type: Journal    
DOI: 10.1016/j.cose.2011.10.001     Document Type: Conference Paper

References (29)

1. C. Bishop Pattern recognition and machine learning 2006 Springer
2. S. Bleha, C. Slivinsky, and B. Hussien Computer-access security systems using keystroke dynamics IEEE Transactions on Pattern Analysis and Machine Intelligence 12 12 1990 1217 1222
3. W. Cui, R.H. Katz, and W. Tian Tan Design and implementation of an extrusion-based break-in detector for personal computers 2005 IEEE Computer Society 361 370 ACSAC
4. R. Gummadi, H. Balakrishnan, P. Maniatis, and S. Ratnasamy Not-a-bot: improving service availability in the face of botnet attacks NSDI'09: proceedings of the 6th USENIX symposium on networked systems design and implementation 2009 USENIX Association Berkeley, CA, USA 307 320
5. T. Hastie, and R. Tibshirani M.I. Jordan, M.J. Kearns, S.A. Solla, Classification by pairwise coupling 1997 The MIT Press NIPS
6. J. Ilonen Keystroke dynamics 2003 http://www2.it.lut.fi/kurssit/03-04/ 010970000/seminars/Ilonen.pdf
7. S. Keerthi, S. Shevade, C. Bhattacharyya, and K. Murthy Improvements to platt's smo algorithm for SVM classifier design Neural Computation 13 3 2001 637 649 (Pubitemid 33595014)
8. Lkl linux keylogger, http://sourceforge.net/projects/lkl/; 2001.
9. Kernel Based Keylogger. http://packetstormsecurity.org/UNIX/security/; 2001.
10. K.S. Killourhy, and R.A. Maxion The effect of clock resolution on keystroke dynamics R. Lippmann, E. Kirda, A. Trachtenberg, RAID Lecture notes in computer science vol. 5230 2008 Springer 331 350
11. K. Killourhy, and R. Maxion Why did my detector do that?! predicting keystroke-dynamics error rates Proceedings of the Recent Advances in Intrusion detection (RAID) Lecture notes in computer science vol. 6307 2010 256 276
12. rd, writing linux kernel keylogger, Phrack Magazine 12(14), http://freeworld.thc.org/papers/writing-linux-kernel-keylogger.txt; 2001.
13. F. Monrose, and A. Rubin Keystroke dynamics as a biometric for authentication Future Generation Computer Systems 16 4 2000 351 359 (Pubitemid 30552905)
14. Mori G, Malik J. Recognizing objects in adversarial clutter: breaking a visual CAPTCHA, in: Proceedings of the IEEE computer society conference on computer vision and pattern recognition, 2003, pp. 134-141.
15. S. Ortolani, C. Giuffrida, and B. Crispo Bait your hook: a novel detection technique for keyloggers S. Jha, R. Sommer, C. Kreibich, RAID Lecture notes in computer science vol. 6307 2010 Springer 198 217
16. B.D. Payne, and W. Lee Secure and flexible monitoring of virtual machines 2007 IEEE Computer Society 385 397 ACSAC
17. Platt J, Fast training of support vector machines using sequential minimal optimization, in: Advances in kernel methods - support vector learning, 1998, Ch. 12.
18. M. Pusara, and C.E. Brodley C.E. Brodley, P. Chan, R. Lippman, W. Yurcik, User re-authentication via mouse movements 2004 VizSEC, ACM 1 8
19. R. Sailer, X. Zhang, T. Jaeger, and L. van Doorn Design and implementation of a TCG-based integrity measurement architecture USENIX security symposium 2004 USENIX 223 238
20. J. Shirley, and D. Evans The user is not the enemy: fighting malware by tracking user intentions NSPW '08: proceedings of the 2008 workshop on new security paradigms 2008 ACM New York, NY, USA 33 45 http://doi.acm.org/10.1145/ 1595676.1595683
21. Song D, Wagner D, Tian X. Timing analysis of keystrokes and SSH timing attacks, In: Proceedings of the 10th USENIX security symposium; 2001.
22. Stefan D, Wu C, Yao D, Xu G. Cryptographic provenance verification for the integrity of keystrokes and outbound network traffic, in: Proceedings of the 8th International Conference on Applied Cryptography and Network Security (ACNS), 2010.
23. L. von Ahn, M. Blum, and J. Langford Telling humans and computers apart automatically Communications of the ACM 47 2 2004 56 60
24. J. Wei, B.D. Payne, J. Giffin, and C. Pu Soft-timer driven transient kernel control flow attacks and defense ACSAC '08: proceedings of the 2008 annual computer security applications conference 2008 IEEE Computer Society Washington, DC, USA 97 107 http://dx.doi.org/10.1109/ACSAC.2008.40
25. I.H. Witten, E. Frank, and Data Mining Practical machine learning tools and techniques 2nd ed. 2005 Morgan Kaufmann San Francisco Available at: http://www.cs.waikato.ac.nz/ml/weka/
26. Xiong H, Malhotra P, Stefan D, Wu C, Yao D. User-assisted host-based detection of outbound malware traffic, in: Proceedings of International Conference on Information and Communications Security (ICICS), 2009.
27. Xu K, Yao D, Ma Q, Crowell A. Detecting infection onset with behavior-based policies, in: Proceedings of the fifth international conference on Network and System Security (NSS), 2011.
28. E. Yu, and S. Cho Novelty detection approach for keystroke dynamics identity verification 2003 LNCS 1016-1023
29. Zhang K, Wang X. Peeping Tom in the neighborhood: keystroke eavesdropping on multi-user systems, in: proceedings of the USENIX security symposium, 2009.