TY - JOUR
T1 - CLICKA: Collecting and leveraging identity cues with keystroke dynamics
AU - Buckley, Oliver
AU - Hodges, Duncan
AU - Windle, Jonathan
AU - Earl, Sally
PY - 2022/9
Y1 - 2022/9
N2 - The way in which IT systems are usually secured is through the use of username and password pairs. However, these credentials are all too easily lost, stolen or compromised. The use of behavioural biometrics can be used to supplement these credentials to provide a greater level of assurance in the identity of an authenticated user. However, user behaviours can also be used to ascertain other identifiable information about an individual. In this paper we build upon the notion of keystroke dynamics (the analysis of typing behaviours) to infer an anonymous user’s name and predict their native language. This work found that there is a discernible difference in the ranking of bigrams (based on their timing) contained within the name of a user and those that are not. As a result we propose that individuals will reliably type information they are familiar with in a discernibly different way. In our study we found that it should be possible to identify approximately a third of the bigrams forming an anonymous users name purely from how (not what) they type.
AB - The way in which IT systems are usually secured is through the use of username and password pairs. However, these credentials are all too easily lost, stolen or compromised. The use of behavioural biometrics can be used to supplement these credentials to provide a greater level of assurance in the identity of an authenticated user. However, user behaviours can also be used to ascertain other identifiable information about an individual. In this paper we build upon the notion of keystroke dynamics (the analysis of typing behaviours) to infer an anonymous user’s name and predict their native language. This work found that there is a discernible difference in the ranking of bigrams (based on their timing) contained within the name of a user and those that are not. As a result we propose that individuals will reliably type information they are familiar with in a discernibly different way. In our study we found that it should be possible to identify approximately a third of the bigrams forming an anonymous users name purely from how (not what) they type.
U2 - 10.1016/j.cose.2022.102780
DO - 10.1016/j.cose.2022.102780
M3 - Article
VL - 120
JO - Computers & Security
JF - Computers & Security
SN - 0167-4048
M1 - 102780
ER -