project report
TRANSCRIPT
Account Protection UsingKeystroke Analysis
in Java
A Report submitted in partial fulfillment ofrequirements for the Mini Project of
Bachelor of Technologyin
Computer Science and Engineering
ByAlakananda V,Mounica M
and Lavanya M
Under the guidance ofMr.P Venkateswara Rao, Asst. Professor, CSE.
Department of Sophomore EngineeringK L University
Andhra Pradesh, India
CertificateThis is to certify that the project work entitled "Account Protection Us-
ing Keystroke Analysis" being submitted to Department of Sophomore En-gineering, K L University by Alakananda.V,Mounica.M,Lavanya.M (RollNo. 10100242, 10100401 and 10100369), in partial fulfillment for the MiniProject, is a bonafide work carried out by them under my supervision.
P.Venkateswara Rao M. VishnuvardhanDepartment of CSE HOD(SED-IV)K L University Department of CSE
K L University
1
AcknowledgementsWe would like to acknowledge the support and guidance of our supervisor
Mr.P Venkateswara Rao, Asst. Professor, CSE.. This Mini project hasbeen possible because of his trust and confidence in us and our work. He hasalways encouraged, supported, corrected and guided us during the Mini project.The Mini project has been a learning and growing experience for us.
We would like to thank the Mr.V Sandeep, Asst. Professor, CSE. andMr.B Ramesh Babu,Associate Professor ,SED. for all the guidance thatthey have provided us. We would also like to thank the Open Source Communitywho provided the free software and documentation to work with.
We are extremely grateful to our Dean SED Dr. V. Srikanth and Head ofDepartment, M. Vishnuvardhan, for providing excellent computing facilitiesand such a nice atmosphere for doing our mini project.
Alakananda V,Mounica M,Lavanya M
2
AbstractAt present authentication for any web sites or online applicationsare carried out through a username and password mechanism
which is not an accurate and secure way of authentication. Thereare many drawbacks in this system until the strength of the
password is strong there are many chances of losing password. Asmany of new users use regular name and birthdays as passwordswhich can be easily hacked so this proposed system will explain
about new method which is secure and accurate with cost efficient.The project Keystroke analysis employs user’s identity by the wayin which their way of typing in a computer keyboard. The typedkey measurements from every keyboard are recorded and this isused to determine dwell time when the key is pressed and flighttime which is between key transitions. This recorded keystroke
data is processed for a neural algorithm that determines a primarypattern which can be compared in future. This new method willwork on artificial intelligence neural networks for finding out theperson details based on typing patterns and bio metrics. Thisapplication is cost effective and scalable. This application is
developed in java and oracle platform.
This application is developed in five modules:
• Registration module
• Password verification module
• Identification module
• Verification module
• Decision making module.
3
Contents
List of Figures 6
1 Account Protection Using Keystroke Analysis 71.1 Title Page . . . . . . . . . . . . . . . . . . . . . . . . 71.2 Introduction . . . . . . . . . . . . . . . . . . . . . . . 7
1.2.1 Present Scenario . . . . . . . . . . . . . . . . 81.2.2 Proposed System . . . . . . . . . . . . . . . . 91.2.3 Present State of Proposed System . . . . . . . 9
1.3 Program Interface . . . . . . . . . . . . . . . . . . . . 101.4 Program Execution . . . . . . . . . . . . . . . . . . . 10
1.4.1 Main Application Frame . . . . . . . . . . . . 111.4.2 New User Registration . . . . . . . . . . . . . 111.4.3 Existing user Authentication . . . . . . . . . . 11
1.5 Input and Output . . . . . . . . . . . . . . . . . . . . 111.5.1 Screen Shots . . . . . . . . . . . . . . . . . . . 11
1.6 Program Structure . . . . . . . . . . . . . . . . . . . 181.6.1 Java Swing Package . . . . . . . . . . . . . . 181.6.2 JComponents . . . . . . . . . . . . . . . . . . 181.6.3 Security . . . . . . . . . . . . . . . . . . . . . 201.6.4 Database Connectivity:java.sql package . . . . 201.6.5 Back End:Validation and Keystroke Dynamics 221.6.6 Algorithm Implemented . . . . . . . . . . . . 23
1.7 Testing . . . . . . . . . . . . . . . . . . . . . . . . . . 231.8 Examples:Present Applications . . . . . . . . . . . . 241.9 Improvements and Extensions . . . . . . . . . . . . . 27
1.9.1 Improvements: . . . . . . . . . . . . . . . . . 271.9.2 Extensions: . . . . . . . . . . . . . . . . . . . 27
1.10 Difficulties Encountered . . . . . . . . . . . . . . . . 271.11 Conclusion . . . . . . . . . . . . . . . . . . . . . . . . 29
4
A Applet and HTML code 31A.1 Applet Code . . . . . . . . . . . . . . . . . . . . . . . 31A.2 Embedding Applet in html document . . . . . . . . . 40
5
List of Figures
1.1 Main Html Document . . . . . . . . . . . . . . . . . 121.2 Main Window . . . . . . . . . . . . . . . . . . . . . . 131.3 New User . . . . . . . . . . . . . . . . . . . . . . . . 131.4 Password Mismatch during Registration . . . . . . . 141.5 User Already Exists . . . . . . . . . . . . . . . . . . . 141.6 Registration Successful . . . . . . . . . . . . . . . . . 151.7 Existing user login Frame . . . . . . . . . . . . . . . 151.8 User Not Found during Authentication . . . . . . . . 161.9 Wrong Password During Authentication . . . . . . . 161.10 Incorrect keystroke Pattern during Authentication . . 171.11 Authentication Successful . . . . . . . . . . . . . . . 171.12 Current Status of Parameters . . . . . . . . . . . . . 28
6
Chapter 1
Account Protection UsingKeystroke Analysis
1.1 Title Page
Project title:Account Protection Using Keystroke Analysis.Submitted By:Alakananda V,Mounica M,Lavanya M.Project Details:A programming project which produces an appletthat can be embedded in any website to provide secure authenti-cation with additional security of behavioural biometric:KeystrokeDynamics.Date:9th April 2012
1.2 Introduction
The deficiencies of traditional password-based access systems havebecome more acute as these systems have grown in size and scope.Researchers are actively investigating ways to improve the securityof password systems or offer replacements. One category of im-provements uses keystroke biometrics, an approach which seeks toidentify an individual by their typing characteristics.Since 1980, a number of techniques have been proposed for accu-rately harnessing keystroke dynamics for system authentication andother novel uses. But do these systems deliver on their promise toincrease system security and simultaneously ease the burden of log-ging into systems and remembering passwords? And do databasesof users’ keystroke profiles present additional privacy concerns?The keystroke bio metrics is used with the application in news re-porting system. It will detect the person who send the news is thereporter or some other person who hacked the user name and pass-
7
word of the system. First the pattern of the reporter is stored withthe server system. Server after receiving the text then it matcheswith the text pattern information in it.Today, all computer based system claims for more sophisticatedmechanisms to guarantee the information security. The fast evo-lution of communication systems provided us a great volume of in-formation anywhere any time. The security question became propri-etary. Making these systems reliable and secure is one of the mostimportant challenges of the communication evolution.As an attempt to develop more powerful authentication system, withlow cost and good acceptance by users, we proposed here an authen-tication mechanism based on biometric information of human typingpatterns.Today, all computer based system claims for more sophis-ticated mechanisms to guarantee the information security. The fastevolution of communication systems provided us a great volume ofinformation anywhere any time. The security question became pro-prietary. Making these systems reliable and secure is one of themost important challenges of the communication evolution.
1.2.1 Present Scenario
Authentication is the way to correctly verify one person who he orshe claims to be. Many research works have been developed on theway to correctly identify somebody. Since old times, the humanstry to identify each other correctly. The most traditional way toconfirm that somebody who he or she claims to be is to verify hisor her handwritten signature. In computer systems, similar issueshould be considered.All information systems adopt some king of authentication. Themost common mechanism is called user name and password. Thismechanism consists of basically of an association between a publicinformation (username â“ normally everyone knows it) that uniquelyidentify the user on the system, and a secret word (nobody beyondthe user should know it) that confirms that the person associatedby that user name is who he or she to be. This mechanism presentssome drawbacks that make it very week. Some of its drawbacks are:Persons choose easy to break passwords as family names and birth-day dates; persons normally write their passwords in places of easyaccess; one can easily see one password on steal it with no knowledgeof disclosure. On the other hand, to develop an additional authen-tication mechanism that carries some advantages like low cost; highperformance and high acceptability are not easy.
8
1.2.2 Proposed System
User name and password are easy to implement (low cost) and arelargely acceptable by the users. That is why still most famous au-thentication mechanism applied nowadays. There are three maintechniques to verify ones identification: something a person knows(a code); something a person posses (a card); some ting a personhas(a characteristic). All these three techniques can be combined onthe way to produce more efficient identification system. Naturally ifwe apply all the three techniques together a more secure authentica-tion mechanism will be produced. However we still have to evaluatethe cost and the acceptance issues involved in establishing a moresophisticated authentication mechanism.The last technique is based on ones biometrics characteristics. Abiometrical system is a pattern recognition system that establishesthe authenticity either specific physiological characteristics (someparticular structural characteristics such as hand size or iris formatand color) or behavioral characteristics (some particular behavioralcharacteristic such as typing speed or writing pressure) inherent toa user.One kind of biometrical behavioral characteristic that can be used toprovide a particular identification is the dynamics characteristics ofsomeones typing or the human typing pattern. Many studies shownthat this approach is possible and effective.The project aims at developing a secure module for recording userwhose keystoke pattern during registration and later authenticat-ing him/her based on recorded and stored values.The main purposeof the system is to develop a secure, cheap and effective securitysystem for securing the computer applications and data based ontyping biometrics called typing patterns.
1.2.3 Present State of Proposed System
Keystroke verifcation techniques can be classifed as either static orcontin- uous. Static verifcation approaches analyze keystroke ver-ifcation character- istics only at specifc times, for example, duringthe login sequence. Static approaches provide more robust user ver-ifcation than simple passwords, but do not provide continuous secu-rity they can not detect a substitution of the user after the initialverifcation. Continuous verifcation, on the contrary, monitors theuserwhose typing behavior throughout the course of the interaction.As early as 1980 researchers have been studying the use of habitualpatterns in a users typing behavior for identifcation. To our knowl-
9
edge, Gaines et. al. were the frst to investigate the possibility ofusing keystroke timings for authentication. Experiments were con-ducted with a very small population of seven secretaries. A test ofstatistical independence of their profles was carried out using theT-Test under the hypothesis that the means of the digraph timesat both sessions were the same, but the variances different. Similarexperiments were conducted by Leggett et. al.with seventeen pro-grammers but for the continuous approach to user verifcation. Theauthors report an identity verifer that validates the results of anidentity verifcation system with false alarm rate of about 5.5 per-cent and impostor pass rate of approximately 5.0 percent.While the approaches of Gaines et. al. and Leggett et. al.address anumber of problems inherent with identity verifcation via keystroketimings, there was considerable room for improvement. For exam-ple, the pool variance estimate used in is meaningful only when thereis homogeneity of vari- ance across all reference digraph latencies;however, studies by Mahar et. al. show that there is signifcant vari-ability with which typist produce each digraph, and hence the useof a pooled estimate digraph latency variability is inappropriate.
1.3 Program Interface
The main Interface is the applet that is embedded in the web doc-ument provided.The User need to start the application from hereby clicking ’Start Application’.Once the application starts the usercan choose from given options by clicking required option.The re-sult of user action is displayed in the text area of the interface. Theuser can exit the application by clicking exit in main window or byclosing it or by clicking close in any of the consecutive windows andexiting the browser.
1.4 Program Execution
The applet generated can be embedded in any website and acts asthe main interface for the user.The interface is divided into 3 parts:
1. Main Application Frame
2. New User Registration
3. Existing User Authentication
10
1.4.1 Main Application Frame
Once the user starts the application he can choose wether to registerif he is a new user,login if he is an existing user or exit by clickingthe corresponding button.Clicking on Exit will exit the application.
1.4.2 New User Registration
In this window a new user is to provide his/her username alongwith the desired password.It is required to take the password atleast twice to establish a range.So the user needu to input the samepassword twice and click registe.Selecting close will return the userto main window.
1.4.3 Existing user Authentication
Existing users in order to authenticate need to enter a valid nameand password inorder to be authenticated.The user also needs toensure that his typing speed /pattern matches the one with whichhe registered violating which authentication is not possible.
1.5 Input and Output
The designed application ensures that any incorrect inputs are pre-vented from authentication.However no restrictions were placed re-garding the input length or character pattern. Valid inputs are takenthrough the text fields and processed to display output in the textarea in every screen Sample screen shots are to illustrate variousinputs and their corresponding outputs.
1.5.1 Screen Shots
11
Figure 1.1: Main Html Document
12
Figure 1.2: Main Window
Figure 1.3: New User13
Figure 1.4: Password Mismatch during Registration
Figure 1.5: User Already Exists14
Figure 1.6: Registration Successful
Figure 1.7: Existing user login Frame15
Figure 1.8: User Not Found during Authentication
Figure 1.9: Wrong Password During Authentication16
Figure 1.10: Incorrect keystroke Pattern during Authentication
Figure 1.11: Authentication Successful17
1.6 Program Structure
The project utilizes various classes and features of JAVA as ex-plained in following subsections.
1.6.1 Java Swing Package
The front-end interface of the program is developed entirely by usingthe swings package of java. Swing is the primary Java GUI widgettoolkit. It is part of Oracle whose Java Foundation Classes (JFC)â” an API for providing a graphical user interface (GUI) for Javaprograms. Swing was developed to provide a more sophisticatedset of GUI components than the earlier Abstract Window Toolkit(AWT). Swing provides a native look and feel that emulates thelook and feel of several platforms, and also supports a pluggablelook and feel that allows applications to have a look and feel unre-lated to the underlying platform. It has more powerful and flexiblecomponents than AWT. In addition to familiar components such asbuttons, check box and labels, Swing provides several advanced com-ponents such as tabbed panel, scroll panes, trees, tables and lists.Unlike AWT components, Swing components are not implementedby platform-specific code. Instead they are written entirely in Javaand therefore are platform-independent. The term "lightweight" isused to describe such an element.
1.6.2 JComponents
All Swing components whose names begin with "J" descend from thejcomponent API class. For example, JPanel, JScrollPane, JButton,and JTable all inherit from JComponent. However, JFrame doesn’tbecause it implements a top-level container. The JComponent classextends the Container api class, which itself extends Componentapi. The Component class includes everything from providing lay-out hints to supporting painting and events. The Container classhas support for adding components to the container and laying themout.
• JPANEL:The JPanel class provides general-purpose containers for lightweightcomponents. By default, panels do not add colors to anythingexcept their own background; however, you can easily add bor-ders to them and otherwise customize their painting.
18
• JFRAME:Frame is Swing’s version of Frame and is descended directlyfrom that class. It is used to create Windows in a Swing pro-gram. The components added to the frame are referred to asits contents; these are managed by the contentPane. To add acomponent to a JFrame, we must use its contentPane instead.
• JBUTTON:The JButton object generally consists of a text label and/orimage icon that describes the purpose of the button , an emptyarea around the text/icon and border.
• JLABEL:JLabel, descended from JComponent, is used to create textlabels. It can display text but images as well.
• JTEXTAREA:
• JTextArea:component is used to accept several lines of text from user.JTextArea can be used in conjunction with class JScrollPaneto achieve scrolling. The underlying JScrollPane:can be forced to always or never have either the vertical orhorizontal scrollbar.
• JLIST:JList provides a scrollable set of items from which one or moremay be selected. JList can be populated from an Array orVector. JsList does not support scrolling directly, instead, thelist must be associated with a scrollpane. The view port usedby the scroll pane can also have a user-defined border. JListactions are handled using ListSelectionListener.
• THE SWING MESSAGE BOX:Windowing environments commonly contain a standard set ofmessage boxes that allow you to quickly post information to theuser or to capture information from the user. In Swing, thesemessage boxes are contained in JOptionPane sophisticated),but the ones most commonly used are probably the messagedialog and confirmation dialog, invoked using the static JOp-tionPane.showMessageDialog( ) and JOptionPane. showCon-firmDialog( ).
• PACKAGE JAVAX.IMAGEIO DESCRIPTION:The main package of the Java Image I/O API. Many common
19
image I/O operations may be performed using the static meth-ods of the ImageIO class.This package contains the basic classesand interfaces for describing the contents of image files, includ-ing metadata and thumbnails (IIOImage); for controlling theimage reading process (ImageReader, ImageReadParam, andImageTypeSpecifier) and image writing process (ImageWriterand ImageWriteParam); for performing transcoding betweenformats (ImageTranscoder), and for reporting errors (IIOEx-ception).
• JFILECHOOSER:File choosers provide a GUI for navigating the file system, andthen either choosing a file or directory from a list, or enteringthe name of a file or directory. To display a file chooser, youusually use the JFileChooser API to show a modal dialog con-taining the file chooser.A JFileChooser is a dialog to select afile or files.
1.6.3 Security
Every time download a normal program is downloaded, there is arisk of a viral infection. Prior to Java, most users did not downloadexecutable programs frequently, and those who did scan them forviruses prior to execution. Most users still worried about the pos-sibility of infecting their systems with a virus. In addition, anothertype of malicious program exists that must be guarded against. Thistype of program can gather private information, such as credit cardnumbers, bank account balances, and passwords. Java answers boththese concerns by providing a firewall between a network applicationand your computer. When you use a Java-compatible Web browser,you can safely download Java applets without fear of virus infectionor malicious intent.
1.6.4 Database Connectivity:java.sql package
Provides the API for accessing and processing data stored in a datasource (usually a relational database) using the JavaTM program-ming language. This API includes a framework whereby differentdrivers can be installed dynamically to access different data sources.Although the JDBCTM API is mainly geared to passing SQL state-ments to a database, it provides for reading and writing data fromany data source with a tabular format. The reader/writer facility,available through the javax.sql.RowSet group of interfaces, can becustomized to use and update data from a spread sheet, flat file, or
20
any other tabular data source.The application utizes Jdbc-Odbc Bridge driver (also known asType-1 driver) for connecting with the database.The database usedin this application is MS Access. JDBC allows multiple implementa-tions to exist and be used by the same application. The API providesa mechanism for dynamically loading the correct Java packages andregistering them with the JDBC Driver Manager.The Driver Man-ager is used as a connection factory for creating JDBC connections.JDBC drivers are client-side adapters (installed on the client ma-chine, not on the server) that convert requests from Java programsto a protocol that the DBMS can understand. There are commer-cial and free drivers available for most relational database servers.These drivers fall into one of the following types:
• Type 1 that calls native code of the locally available ODBCdriver.
• Type 2 that calls database vendor native library on a clientside. This code then talks to database over network.
• Type 3, the pure-java driver that talks with the server-sidemiddleware that then talks to database.
• Type 4, the pure-java driver that uses database native protocol.
The JDBC API defines the Connection interface to represent a con-nection to an. underlying data source (Data Sase). In a typicalscenario, a JDBC application will connect to a target data sourceusing one of two mechanisms:
• DriverManager - this fully implemented class was introduced inthe original JDBC 1.0 API. When an application first attemptsto connect to a data source by specifying a URL, DriverMan-ager will automatically load any JDBC 4.0 drivers found withinthe CLASSPATH (any drivers that are pre-JDBC 4.0 must beexplicitly loaded by the application).
• DataSource - this interface was introduced in the JDBC 2.0Optional Package API. It is preferred over DriverManager be-cause it allows details about the underlying data source to betransparent to the application.
A DataSource object whose properties are set so that it represents aparticular data source. When its getConnection method is invoked,the DataSource instance will return a connection to that data source.An application can be directed to a different data source by simply
21
changing the DataSource object whose properties; no change in ap-plication code is needed. Likewise, a DataSource implementationcan be changed without changing the application code that uses it.The JDBC API also defines two important extensions of the Data-Source interface tosupport enterprise applications. These extensionsare the following two interfaces:
• ConnectionPoolDataSource - supports caching and reusing ofphysical connections, which improves application performanceand scalability
• XADataSource - prOVides connections that can participate ina distributed transaction.
1.6.5 Back End:Validation and Keystroke Dynamics
The application makes efficient utilization of java which has inbuiltevent handling mechanisms to generate and compare users keystrokepattern and implement this behavioural biometric for the purposeof authentication.
Event Handling:java.awt.event package
Provides interfaces and classes for dealing with different types ofevents fired by AWT components. See the java.awt.AWTEvent classfor details on the AWT event model. Events are fired by eventsources. An event listener registers with an event source to receivenotifications about the events of a particular type. This packagedefines events and event listeners, as well as event listener adapters,which are convenience classes to make easier the process of writingevent listeners. This robust package is utilized in the applicationfor recording and generating unique keystroke pattern for each userwho registers and later compare while the user tries to login.
KeyListener class:The keypress and keyrelease methods are usedto identify the users keystroke even so as to calculate the dwell time.
Time Calculation:java.util.date package
The time to generate a unique pattern is calculated by makinguse the Date() function which returns the time in milliseconds(long datatype).The timestamp is obtained after every keypress and
22
keyrealease,the dwell time obtained by substracting them and aver-age obtained by dividing with number of characters in password.
1.6.6 Algorithm Implemented
The fundamental algorithm used is calculation of dwell time for eachcharacter in password and average for entire password twice and es-tablishing a range.The behavioral biometric of Keystroke Dynamicsuses the manner and rhythm in which an individual types charac-ters on a keyboard. The keystroke rhythms of a user are measuredto develop a unique biometric template of the users typing patternfor future authentication. Raw measurements available from mostevery keyboard can be recorded to determine:
1. Dwell time (the time a key pressed) and
2. Flight time (the time between key up and the next key down).
A small variation used:In the designed application variant ofabove algorithm is used and only the dwell time was considered.Thisvariation is done to simplify the implementation and to test theaccuracy of the method.
1.7 Testing
The applications functionality can be tested by the following seriesof steps:
1. Start the application from the html document
2. Register with a username and password.This module can befurther tested as:
(a) Check for Password mismatch case,which should dipaly anerror in output area.
(b) Reregistring the same user should indicate so during out-put.
3. Check the autentication Module as:
(a) Check by entering wrong Password , which should dipalyan error in output area.
(b) Entering wrong username should indicate so during output.(c) Invalid or non-existing user should be diplayed a user not
found message.
23
(d) Wrong keystroke pattern should be recognized thus warn-ing the user.
(e) Correct details includind password and valid registered pat-tern should authenticate the user.
1.8 Examples:Present Applications
There are several home software and commercial software productswhich claim to use keystroke dynamics to authenticate a user.
• Intensity Analytics (http://www.intensityanalytics.com) - isbased near Washington, DC, and has a patent-pending solu-tion called CVMetrics which uses a variety of hyperaccuratemethods for identifying and validating users on a continuousbasis across applications. The CVMetrics application deliversa number of different statistical weights and measures for im-plementation in different environments from compliance anddocumentation, to authentication, to forensics, to field intelli-gence applications, and others.
• AdmitOneSecurity - formerly BioPassword (http://www.admitonesecurity.com)is a patented commercial system which uses keystroke dynam-ics - in addition to other transparent authentication factors -to associate a user to their digital identity and detect onlinefraud â” see the References section below for a link to a reviewfrom PC Magazine as well as a research report from CoalfireSystems on how the product enables PCI, FFIEC, and HIPAAcompliance.
• BioTracker - from (http://plurilock.com/) is a biometric au-thentication software that uses continuous authentication toverify the identity of a user. By collecting behavioral biomet-rics (mouse and free-text keystroke movements),BioTracker cre-ates a unique biometric profile for each individual accessing thenetwork. This powerful application can authenticate users inreal-time, offering large organizations unprecedented levels ofnetwork security.
• KeyTrac (http://www.keytrac.de) - unlike traditional meth-ods, KeyTrac works with any text the user enters (not only
24
passwords or always-the-same-text methods), thus making itthe first method able to analyze any text input in the back-ground, without disrupting the work flow of the end user. Theconcealed background keystroke recording, combined with thehigh level of security, offer a number of attractive options forimplementing the system in e-commerce applications â” some-thing that would not be possible using traditional keyboardbiometrics.
• iMagic Software (http://www.imagicsoftware.com) makes TrustablePasswords, a patented commercial system which is designedfor both web authentication and large-scale enterprise authen-tication in conjunction with eSSO and supports all platforms(Windows, Mac, Linux) and major enterprise infrastructure.Trustable Passwords is being used by websites to authenticatecustomers and in enterprises including multi-hospital healthsystems for user authentication and interfaces with other au-thentication technologies including Knowledge-Based, Deviceforensic, and out-of-band authentication.
• ID Control (http://www.idcontrol.net) delivers keystroke dy-namics with KeystrokeID which offers an impressively low FRRand FAR for verification and identification. KeystrokeID iseasy to enroll and manage through their fully integrated andcentralized identity and access management solution called IDControl Server. Deepnet Security (http://www.deepnetsecurity.com)has also developed a keystroke biometric authentication sys-tem, TypeSense. It is claimed that their product employs ad-vanced new algorithms such as auto-correlative training andadaptive learning, and achieve better result than other similarproducts.
• Psylock (http://www.psylock.com) is a method for biometricauthentication based on a user whose typing behavior. There-fore the user is authenticated by the way he types on a conven-tional keyboard and depending on the result of the analysis hegets access to certain data. Psylock was a finalist in the GlobalSecurity Challenge award 2007 and third in the German IT-Security Award 2008. Concerning the error rates (FAR/FRR),Psylock claims to be the technological leader for keystroke dy-namics.
25
• Authenware Corp. (http://www.authenware.com) providesthe highest security levels to enterprise applications, the web,and any form of transaction that engages a software artifact.Founded in 2006 and is headquartered in Miami, Florida (USA).Certified by International Biometric Group (http://www.biometricgroup.com)in 2009. AuthenWare Corp. is a global company with morethan 14 technical Commercial Offices around the world and aResearch Development Laboratory in Mendoza, Argentina.
• bioChecâ„ (http://www.bioChec.com) has a patented imple-mentation which uses keystroke dynamics for ubiquitous web-based login as well as workstation authentication. It is therecipient of the "BiometricTech Best of Show 2003" award aswell as receiving "SC Magazine Global Awards 2005 Finalist".
• DiBiSoft (http://www.dibisoft.com) has an implementationwhich uses keystroke dynamics for Windows authentication inhidden mode.
• Probayes (http://www.probayes.com) has developed a uniquekeystroke dynamics solution for web applications. The solutionleverages one of Probayes whose patents on probabalistic com-puting.
• Delfigo Security (http://www.delfigosecurity.com) providesmulti-factor risk-based authentication to prevent identity theftand fraud. The solution from Delfigo Security uses keystrokebiometrics and other behavioral characteristics in an AI basedalgorithm to create unique digital identity of an individual.Delfigo whose solution easily integrates out-of-band capabilityto in-band authentication methods.
• BehavioSec(http://www.behaviosec.com) provide behaviomet-ric solutions encompassing keystroke, mouse, environment dy-namics for both windows continuous authentication and client-less web based to aid fraud prevention. BeahvioSec are head-quartered in Sweden.
26
1.9 Improvements and Extensions
1.9.1 Improvements:
The designed application can be further improved by including fol-lowing features:
• Restricting password entry by providing a minimum and max-imum limit.
• Strengthening protection by allowing only certain pattern forpassword.
• Improving accuracy by multiple keystroke recording during reg-istration process.
• Increasing security by allowing only limited no. of invalid at-tempts.
1.9.2 Extensions:
The application can be extended by applying it to a real life authen-tication systems such as:
• Authentication for delicate system
• Rejection of hackers
• Alternate for password systems
1.10 Difficulties Encountered
The efficiency of the keystroke dynamics application depends on thefollowing parameters:
• Failure To Enroll Rate (FTR):Ability of the Biometric To En-roll a Biometric User
• False Acceptance Rate (FAR):The Rate an Imposter Could BeVerified or Identified
• False Rejection Rate (FRR):The Rate a Legitimate User IsRejected
• Equal Error Rate (ERR):Cross Over Point When FRR = FAR
27
Figure 1.12: Current Status of Parameters
The design of the application for a good implementation of the bio-metric feature should be able to maintain an optimal rate of abovementioned parameters.
Limitations:
1. Keystroke analysis can be easily employed for internet bankingwhen the user needs to specify the user name and password toget authenticated to the network.
2. it cannot be implemented for ATM, credit cards and similarother places where the user need not type to get authenticatedto the system or network
3. Dynamic change in typing patterns
4. Injury, skill of the user
5. Change of keyboard hardware.
28
1.11 Conclusion
The project describes a methodology of combining the keystrokeAnalysis along with the existing authentication mechanisms to im-prove the Security of delicate applications. Thus, it can be used as acomplementary of alternative way for user authentication and as anaid to intrusion detection to improve computer Security.Althoughthe use of a behavioral trait (rather than a physiological charac-teristic) as a sign of identity has inherent limitations, when imple-mented in conjunction with traditional schemes, keystroke dynamicsallows for the design of more robust authentication systems than tra-ditional password based alternatives alone. The inherent limitationsthat arise with the use of keystroke dynamics as an authenticationmechanism are attributed to the na- ture of the reference signatureand its relationship to the user|recognizing users based on habitualrhythm in their typing pattern uses dynamic perfor- mance featuresthat depend upon an act the rhythm is a function of the user andthe environment.
29
Bibliography
[1] http://www.authorstream.com/Presentation/aSGuest129364-1358874-keystroke-analysis-improved-authentication-mechanism/
[2] http://www.cs.stir.ac.uk/ lss/NNIntro/InvSlides.htmlwhat
[3] http://www.youtube.com/watch?v=7D1XKzsWRmg
[4] http://www4.ncsu.edu/ kksivara/sfwr4c03/projects/SamHyland-Project
[5] VIRTUAL KEY FORCE â“ A NEW FEATURE FORKEYSTROKE -paper by D. SHANMUGAPRIYA, DR. G.PADMAVATHI
[6] 2008 Deployment of Keystroke Analysis on a Smartphone ABuchoux University of Plymouth N L. Clarke Edith Cowan Uni-versity
[7] Comparing Anomaly-Detection Algorithms for Keystroke Dy-namics -Kevin S. Killourhy, Roy A. Maxion
30
Appendix A
Applet and HTML code
A.1 Applet Code
import java.awt.event.*;import javax.swing.*;import java.sql.*;
public class finalone extends JApplet{
public void init(){
try{SwingUtilities.invokeAndWait(new Runnable(){public void run(){JButton mainn=new JButton("Start Application");//seting size for main windowmainn.setBounds(200,150,100,40);add(mainn);mainn.addActionListener(new ActionListener()
{public void actionPerformed(ActionEvent ae){
//initiating the main frame windownew mframe();
}});}});}catch(Exception e){}
}}class mframe{
public JFrame mfrm=new JFrame("Welcome");mframe(){
31
//components for main windowJButton subb1=new JButton("New User");JButton canf=new JButton("Exit");
//initialting other windows on clicksubb1.addActionListener(new ActionListener(){public void actionPerformed(ActionEvent ae){
mfrm.setVisible(false);new fr1();
}});JButton subb2=new JButton("User Authentication");subb2.addActionListener(new ActionListener(){public void actionPerformed(ActionEvent ae){
mfrm.setVisible(false);new fr2();
}});canf.addActionListener(new ActionListener(){public void actionPerformed(ActionEvent ae){
mfrm.setVisible(false);}
});JLabel newuse=new JLabel("New Users Click");JLabel exuse=new JLabel("Existing user Click");JLabel exitt=new JLabel("To exit");mfrm.add(newuse);mfrm.add(exuse);mfrm.add(exitt);
//adding components in proper ordernewuse.setBounds(50,100,150,40);exuse.setBounds(50,200,150,40);exitt.setBounds(50,300,150,40);subb1.setBounds(300,100,150,40);subb2.setBounds(300,200,150,40);canf.setBounds(300,300,150,40);mfrm.setLayout(null);mfrm.add(subb1);mfrm.add(subb2);mfrm.add(canf);mfrm.setSize(500,600);mfrm.setVisible(true);
32
}}//class for the user registration moduleclass fr1{JTextArea ha=new JTextArea("");long count1=0;long count2=0;long totaltime1;long starttime1;long endtime1;long keypressed1;long keyreleased1;long tgap1;long tavg1;long totaltime2;long starttime2;long endtime2;long keypressed2;long keyreleased2;long tgap2;long tavg2;String user;String pass;JFrame jfrm4=new JFrame("New User Welcome");JButton sub=new JButton("Submit");JButton can=new JButton("Close");
JTextField us=new JTextField();JPasswordField psw1=new JPasswordField();JPasswordField psw2=new JPasswordField();fr1(){//initiating componentsJLabel use=new JLabel("Username ");JLabel p1=new JLabel("Type Your Password:");JLabel p2=new JLabel("Type Password again:");jfrm4.setLayout(null);use.setBounds(100,100,150,40);us.setBounds(300,100,150,40);p1.setBounds(100,200,150,40);psw1.setBounds(300,200,150,40);p2.setBounds(100,300,150,40);psw2.setBounds(300,300,150,40);sub.setBounds(100,400,150,40);can.setBounds(300,400,150,40);
33
ha.setBounds(100,500,300,50);//adding components in proper orderjfrm4.add(use);jfrm4.add(us);
jfrm4.add(p1);jfrm4.add(psw1);jfrm4.add(p2);jfrm4.add(psw2);jfrm4.add(sub);
jfrm4.add(can);jfrm4.add(ha);//calculating total time for password typepsw1.addFocusListener(new FocusAdapter(){public void focusGained(FocusEvent fe){starttime1=new java.util.Date().getTime();}public void focusLost(FocusEvent fe){endtime1=new java.util.Date().getTime();totaltime1=endtime1-starttime1;}
});//calculating dwell time for first password//registrationpsw1.addKeyListener(new KeyAdapter(){public void keyPressed(KeyEvent ke){
//keypress timekeypressed1=new java.util.Date().getTime();
count1++;}public void keyReleased(KeyEvent ke){count1++;
//key release timekeyreleased1=new java.util.Date().getTime();
//dwell time storedtgap1=keyreleased1-keypressed1;
//average consideredtavg1+=tgap1;
}});
//reregistring paswword timepsw2.addFocusListener(new FocusAdapter(){
34
public void focusGained(FocusEvent fe){starttime2=new java.util.Date().getTime();}public void focusLost(FocusEvent fe){endtime2=new java.util.Date().getTime();totaltime2=endtime2-starttime2;}
});//re calculating dwell time for setting rangepsw2.addKeyListener(new KeyAdapter(){public void keyPressed(KeyEvent ke){count2++;keypressed2=new java.util.Date().getTime();
}public void keyReleased(KeyEvent ke){count2++;keyreleased2=new java.util.Date().getTime();tgap2=keyreleased2-keypressed2;tavg2+=tgap2;
}});
sub.addActionListener(new ActionListener(){public void actionPerformed(ActionEvent ae){
//storing collected info in databaseuser="";pass="";user=us.getText();pass=psw1.getText();String t1=""+(tavg1/count1);String t2=""+(tavg2/count2);if(pass.equals(psw2.getText())){sub.setVisible(false);try {Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
}catch(Exception x){ha.setText("Execute error"+x);
}
35
try{Connection dbConnection4=DriverManager.getConnection("jdbc:odbc:userreg");//connecting to ms accessString s="insert into user values(’"+user+"’,’"+pass+"’,’"+t1+"’,’"+t2+"’);";
//storing valuesStatement st=dbConnection4.createStatement();st.executeUpdate(s);ha.setText("Executed");dbConnection4.close();
}catch( SQLException x ){ha.setText("User already exists");
}}//checking for proper entrieselse{ha.setText("Password mismatch");}
}});can.addActionListener(new ActionListener()
{public void actionPerformed(ActionEvent ae){ jfrm4.setVisible(false); new mframe(); }});
jfrm4.setSize(500,600);jfrm4.setVisible(true);
}}//class for user authentication moduleclass fr2{JTextArea ta=new JTextArea("");long count3=0;long tavggot1;long tavggot2;long totaltime1;long starttime1;long endtime1;long keypressed1;long keyreleased1;long tgap1;long tavg1;String pmatch;String user;String pass;
36
JFrame jfrm1=new JFrame("Existing User:Authentication");JButton sub=new JButton("Authenticate");JButton can=new JButton("Close");JTextField us=new JTextField();JPasswordField psw1=new JPasswordField();long i=0;fr2(){//components for authenticationJLabel use=new JLabel("Username ");JLabel p1=new JLabel("Type Your Password:");jfrm1.setLayout(null);use.setBounds(100,100,150,40);us.setBounds(300,100,150,40);p1.setBounds(100,200,150,40);psw1.setBounds(300,200,150,40);sub.setBounds(100,300,150,40);can.setBounds(300,300,150,40);ta.setBounds(100,400,300,50);jfrm1.add(use);jfrm1.add(us);jfrm1.add(p1);jfrm1.add(psw1);jfrm1.add(sub);jfrm1.add(can);jfrm1.add(ta);//calculating total time during//authenticationpsw1.addFocusListener(new FocusAdapter(){
public void focusGained(FocusEvent fe){starttime1=new java.util.Date().getTime();}public void focusLost(FocusEvent fe){endtime1=new java.util.Date().getTime();totaltime1=endtime1-starttime1;}
});//calculating dwell time for authenticationpsw1.addKeyListener(new KeyAdapter(){public void keyPressed(KeyEvent ke){count3++;keypressed1=new java.util.Date().getTime();
}public void keyReleased(KeyEvent ke)
37
{count3++;keyreleased1=new java.util.Date().getTime();tgap1=keyreleased1-keypressed1;tavg1+=tgap1;
}});sub.addActionListener(new ActionListener(){public void actionPerformed(ActionEvent ae){
//retrieving data from databaseuser=us.getText();pass=psw1.getText();try {
Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
}catch(Exception x){ta.setText(""+x);
}try{
//storing retrieved valuesConnection dbConnection1=DriverManager.getConnection("jdbc:odbc:userreg");Statement st=dbConnection1.createStatement();ResultSet rs=st.executeQuery("select username,password,minavgtime,maxavgtime FROM user;");
if(rs==null){
//checking for proper userta.setText("invalid user");
}else{
boolean flag=false;while(rs.next()){
String u=rs.getString("username");pmatch=rs.getString("password");String tavgot2=rs.getString("minavgtime");String tavgot1=rs.getString("maxavgtime");if(u.equals(user))
38
{flag=true;ta.setText("user found");if(pmatch.equals(pass)){
//authenticating by matching//registered dwell time with//current dwell time.if((Long.parseLong(tavgot2)>Long.parseLong(tavgot1)) ?((tavg1/count3)>= (Long.parseLong(tavgot1)) &&(tavg1/count3)<=(Long.parseLong(tavgot2))):((tavg1/count3)<= (Long.parseLong(tavgot1)) &&(tavg1/count3)>=(Long.parseLong(tavgot2))))
{ta.setText("user authenticated");
}else{
ta.setText("wrong user:"+"\nYour average Keystroke gap:"+(tavg1/count3)+"\nEnrolled Users average Keystoke range is:"+tavgot1+" to "+tavgot2);
}}else{
ta.setText("wrong password");}
}}if(flag==false)
ta.setText("User not found");}dbConnection1.close();sub.setVisible(false);
}catch( SQLException x ){ta.setText(""+x);
}}
});can.addActionListener(new ActionListener()
{
39
public void actionPerformed(ActionEvent ae){ jfrm1.setVisible(false); new mframe();}});
jfrm1.setSize(500,600);jfrm1.setVisible(true);
}}//end of all modules
A.2 Embedding Applet in html document
<html><head>Keystroke Analysis and authentication</head><body><h1>Welcome to Secure Authentication</h1><applet code="finalone" height=40 width=200></applet></body></html>