incaseofmobilephonetheft,users(insteadofbeingworriedaboutthecostofthes - PDF document

incaseofmobilephonetheft,users(insteadofbeingworriedaboutthecostofthestolenphone)arebecomingmoreconcernedwithmisuseofinformationandservicesonthestolenphones[1].Therefore,itisimportanttodevelopintelligentuseridenticationschemesformobilephones.Despiteitsneedandimportance,useridenticationonmobilephoneshasreceivedlittleattentioninresearchliterature.UseridenticationsystemsformobilephonesareusuallybasedonsecretPINnumbers[28].Theseidenticationtechniquesareborrowedfromdesktopcomputers'domainandhavenotbeenveryeffectiveonmobilephones[7],[28].Forinstance,freelyavailabletoolsempowerintruders,whohavephysicalac-cesstotheSubscriber'sIdentityModule(SIM)andknowthePersonalIdenticationNumber(PIN),toreverseengineertheInternationalMobileSubscriberIdentity(IMSI)andthesecretkeyofGSMmobilephoneusers[20].Similarly,token-basedauthenti-cationschemesdevelopedfordesktopsarenotsuitableformobilephonesbecause[10]:(1)theycannotbeefcientlyimplementedonresource-constraineddevices[10],and(2)lossofatokeninessencemeanslossofthedevice[26].Biometrichardwareformobilephonesarenowbeingdevelopedtoovercometheshortcomingsoftoken-basedauthentication[26].Acommondrawbackoftheseauthenticationparadigmsisthattheyperformone-timeidentitycheckatthebeginningofasessionthatallowsimposterstoaccessthesmartphonesonceasessionisloggedin.Inthispaper,weproposearobustapproachtoidentifyalegitimateuserofamobilephonebylearninghis/her“in-session”keystrokedynamics.Theschemerequiresnoadditionalhardwareorsoftwareresourcesandisuser-friendlyasitrequiresminimumuserinterventionafterinstallation.Whilekeystroke-baseduseridenticationwasac-tivelypursuedinthedesktopcomputer'sdomain[27],[18],[15],[19],itssuitabilityformobilephoneshasnotbeenexplored,exceptthepreliminaryworkreportedin[8],[16].Tousekeystrokeinformationforuseridentication,wecollectandanalyzekeystrokedataof25diversemobilephoneusersincludingresearchers,studentsandprofessionalsfromvaryingagegroups.Basedonouranalysis,weselectsixdistinguishingkeystrokefeaturesthatcanbeusedforuseridentication.Twoofthesefeatures–Keyholdtime(howlongakeyispressed)andErrorRate(numberoftimesbackspaceispressed)–areborrowedfromthedesktopdomain.Wealsocustomizeasetoffourfeaturestocapturetheuniqueswitchingbehavioracrossmultiplexedmobilephonekeysusing:(1)HorizontalDigraph:timetoswitchbetweenhorizontallyadjacentkeys,(2)VerticalDigraph:timetoswitchbetweenverticallyadjacentkeys,(3)Non-AdjacentHorizontalDigraph:timetoswitchbetweennon-adjacenthorizontalkeys,and(4)Non-AdjacentVerticalDigraph:timetoswitchbetweennon-adjacentverticalkeys.Werevealthat,whilethesekeystrokefeaturesdifferacrossusers,leveragingthemforaccurateuseridenticationonmobilephonesissignicantlymorechallengingthanonadesktopcomputerbecauseonamajorityofcontemporarymobilephones:(1)differentkeysaremultiplexedonasmallkeypad,(2)thevariableanddiscontinuouskeystrokeusageofamobilephoneuserresultsinahighlydiffused(overlapping)andtime-varyingfeaturespacethatmakesitdifculttoclusterandclassifydifferentusers,and(3)animpostercangetaccesstoamobilephoneatanytimesotechniquesthatrelyonstatic,application-specicorkeyword-specicauthenticationarenotfeasible.ThesechallengesareaggravatedbythefactthatmostofthemobileOSvendorsdonotprovide2 2RelatedWorkTheideaofusingkeystrokedynamicsforuserauthenticationisnotnewastherehavebeenanumberofpriorstudiesinthisareafordesktopcomputers.Mostofthesepriorstudieshavefocusedonstaticorcontext-independentdynamicanalysisusingtheinter-keystrokelatencytimingmethodfordesktopkeyboardsonly.Fromtheearlieststudiesin1980[6],thefocushasbeenontheanalysisofdelaysbetweentwoconsecutivekeystrokes–alsocalleddigraph.Laterstudies[15],[21]furtherenhancedthework,identifyingadditionalstatisticalanalysismethodsthatprovidedmorereliableresults.Thissectionbrieysummarizessomeoftheprominentresearchonkeystrokebaseduseridentication.OneoftheearlierworksintheareaofkeystrokedynamicswasaccomplishedbyUmphressandWilliams[27]in1985.Theyuseddigraphsastheunderlyingkeystrokebiometric.However,theywereonlyabletoachieveaFARof6%.In1987,WilliamsandLeggett[18]furtherextendedtheworkby:(1)increasingthenumberofusersinthestudy,(2)reducingexperimentalvariables,and(3)discardinginappropriatedigraphsaccordingtolatencyandfrequency.TheymanagedtoreducetheFARto5%.Anotherextensionoftheaboveworkwasconductedin1990byLeggettetal.[19].Whiletheresultsofthestaticprocedureofenteringareferenceandtestingprolesachievedthesame5%FAR,theyweretherstonestoutilizetheconceptofkeystrokedynamicsfordoingvericationinadynamicenvironment.TheywereabletoachieveFARof12.8%andFRRof11.1%usingstatisticaltheory.InastudybyJoyceandGupta[15],theusernamewascomparedtotheparticularproleforthatuser.Theloginhadfourcomponents–username,password,rstnameandlastname.Digraphswerethencalculatedandbasicstatisticalmethodofmeans,variancesandstandarddeviationswereusedtodetermineamatch.Usingthismethod,theFARwasjust0.25%buttheFRRwas16.67%.Blehaetal.[4],in1990,usedadifferentstatisticalmethod:theBayesclassicationalgorithm.Thevericationsystemgaveresultsof8.1%forFRRand2.8%fortheFAR.Regardingfeatures'set,nosignicantadditionsoccurreduntil1997whenObaidatandSadoun[22]introducedkeyholdtimesasanotherfeatureofinterest.Currently,themostcommonandwidely-knownapplicationthatuseskeystrokedynamicstechnologyisBioPassword[13].Tothebestofourknowledge,BioPasswordistheonlyproductavailableinthemarketthathasrelativelywideusage.Thesestudies,however,havefocusedtheirresearchonlyondesktopcomputers.Exceptfor[8],[16],noworkhasbeendoneonuseridenticationusingkeystrokedy-namicsonmobilephones.Clarkeetal.[8]haveusedneuralnetworkstoclassifyauserusingkeyholdtimeandinter-keylatencyordigraph.Theyperformedthreesetsofex-perimentsonmobilephoneemulators:(1)onPINverication,(2)onspecictext,and(3)onphonenumberentry.TheyachievedFARsof3%,15%and18%respectivelyforthesethreeexperiments,howeverFRRswere40%,28%and29%,respectively.3DataAcquisitionAsarststeptowardsdevelopingarobustmobilephoneuseridenticationsystem,wedevelopedanapplicationtologmobilekeystrokedata.Wedecidedtodeveloptheappli-cationforSymbianOS3rdEditionbecause:(1)ithadarelativelylargecustomerbase4 Thisdiversityinphonesetsisimportanttoensurethatoursystemdesignandevaluationspansacrossawiderangeofmodernmobilephones.Foralltheanalysisprovidedlaterinthepaper,weuseadatasetof25usersspanningover7days.Wequantifythekeystrokesintoaproleof250key-hitseach,whichwecalla`Keyhitprole'.AjusticationforthisprolesizeisgiveninSection6.Table1showsthatpeoplefromdifferentwalksoflifehavedifferentnumberofkeyhitprolesinaccordancewiththeirsocialstatus.Weobservethatstudents,teenagersandprofes-sionalsusekeyboardofmobilephonesaggressivelywhileseniorcitizensandmanagersusekeyboardofmobilephonelessfrequently.Forinstance,usersu10,u14andu15havemorethan50keyhitproleswhileusersu1,u3,u16,u17andu19makelessthan20keyhitprolesoverthesameperiodof7days.Aftersuccessfullycollectingthedataset,westartedthenextphaseofourresearch–systematicallyanalyzingourrawdatatoextractusefulfeaturesforuseridentication.Weobservedthatsomepeopletendtotypefasterwithlesserrorsascomparedtoothers,whilesomeotherstypeveryslowlywhichisuniquelylinkedtotheirsocialstatusandageasshowninTable1.Basedonthispreliminaryanalysis,weobservedthatifwecanidentifyakeystrokedynamicsfeaturesetthatcoversallaspectsofapersons'uniquetypingpattern,wecanactuallyidentifythemobilephoneuser.Therefore,weextracted6featurestocorrectlyidentifyauser–2ofthesefeatureshavebeenborrowedfromthedesktopworldwhiletheremaining4arecustomizedformobilephones'multiplexedkeypads.Adetaileddiscussionofthisfeaturesetisprovidedinthenextsection.4FeatureSelectionandStudyofDesktop-basedSchemesInthissection,werstanalyzethreewell-knownfeaturesthathavebeenusedforuseridenticationondesktop/laptopcomputers.Wethencustomizethesefeaturesformo-bilephones.Finally,weevaluatetheaccuraciesofexistingkeystroke-baseduseriden-ticationschemesinidentifyingmobileusers.4.1FeatureSelectionAftercollectingdataofthemobilephoneusers,weextractedthreefeaturesfromthisdata–keyholdtime,digraph,anderrorrate.Thesefeatureshavebeenusedforkeystroke-baseduseridenticationfordesktop/laptopcomputers[18],[15].However,theirusabil-itytoidentifyalegitimateuseronmobilephoneshasnotbeenexploredbefore.Thesefeaturesaredenedas:Keyholdtime.Thetimedifferencebetweenpressingakeyandreleasingit;Digraphtime.Thetimedifferencebetweenreleasingonekeyandpressingthenextone;andErrorrate.Thenumberoftimesbackspacekeyispressed.Weobservedthatidentifyingauserbasedonthesethreefeaturesislesschallengingondesktopsbecauseofarelativelydistinguishedfeaturevectorforeachuser.Asanexample,weinstalledakey-loggingapplicationonthelaptopsof6usersforaperiodof5days.Theplotofthesethreefeaturesextractedfromthedesktopkeyloggingdata6 4.2AccuracyEvaluationofExistingTechniquesAsanextlogicalstep,weinvestigatetheaccuracyofexistingclassicationschemes,developedfordesktopcomputers,onthemobilephonesdataset.Tothisend,weevaluateveprominentclassiersproposedin[25],[23],[14],[29],[9],[24].Theseclassiersarequitediverse.NaiveBayes[25]isaprobabilisticclassier;whileBackPropagationNeuralNetwork(BPNN)[23]andRadialBasisFunctionNetwork(RBFN)[14]belongtothecategoryofneuralnetworks.Incomparison,Kstar[9]isastatisticalclassierandJ48[24]isadecisiontreeclassier.Inordertoremoveanyimplementationrelatedbias,wehaveperformedourexperimentsinWEKA[29].Ideally,weneedaclassierthatclassiesauseraslegitimateorimposterwith100%accuracy.Inourcurrentaccuracyevaluationsetup,theerrorsareoftwotypes:(1)FalseAcceptanceRate(FAR)isdenedastheprobabilitythatanimposterisclassiedasalegitimateuser,and(2)FalseRejectionRate(FRR)isdenedastheprobabilitythatalegitimateuserisclassiedasanimposter.TheresultsofourexperimentsaretabulatedinTable4.WecanseethattheexistingclassiersprovideanFARof30-40%whichisnotacceptable.Similarly,FRRofmostoftheclassiersisapproximately30%ormoreandthisagainconrmsthattheirac-curaciesarenotacceptableforreal-worlddeploymentsbecausesuchahighFRRwillsimplyfrustratelegitimateusers.Table2.Acomparativestudyoftechniquesonthebasisofkeyholdtime,digraphanderrorpercentage NaiveBayes BPNN RBFN Kstar J48 Users FAR FRR FAR FRR FAR FRR FAR FRR FAR FRR u1 51.1 6.31 56.2 12.4 33.2 9.31 13.2 22.1 44.3 39.2 u2 32.4 17.9 31.5 58.4 28.4 11.9 11.2 38.4 31.2 67.4 u3 42.1 11.6 45.3 19.6 22.5 11.2 34.2 11.5 44.3 26.4 u4 56.9 7.28 31.4 11.3 58.3 12.4 49.8 19.5 21.3 32.4 u5 33.1 36.6 44.2 24.5 45.2 21.4 32.1 31.3 33.4 25.8 u6 44.6 17.8 53.4 20.5 48.9 11.5 37.6 18.4 24.6 32.4 u7 40.2 21.3 45.6 18.9 36.7 21.4 43.1 33.4 21.2 24.8 u8 29.8 58.2 37.5 23.6 68.9 18.9 44.6 26.5 24.6 32.1 u9 27.3 62.7 40.4 44.2 44.1 31.3 24.6 21.3 44.3 38.5 u10 24.5 63.2 36.7 72.4 30.9 43.2 27.6 53.2 42.1 79.6 u11 41.6 18.9 42.1 19.6 23.5 12.3 23.2 31.2 21.7 34.5 u12 33.1 37.3 42.1 28.5 33.2 33.5 31.2 43.2 43.8 73.5 u13 32.1 53.4 42.6 61.3 19.5 54.3 24.6 34.2 19.5 75.2 u14 22.5 63.5 28.9 23.1 33.5 31.3 26.6 21.5 43.5 39.3 u15 21.5 38.8 33.4 78.9 20.4 59.6 21.3 31.2 12.4 81.2 u16 43.1 35.8 56.7 19.6 67.5 15.6 52.3 33.4 21.7 30.4 u17 49.6 11.9 61.3 12.4 39.4 13.7 34.6 28.5 41.2 23.2 u18 29.8 63.4 31.2 73.2 34.5 35.6 28.7 39.2 23.5 34.6 u19 52.4 4.16 64.7 13.2 37.4 15.8 38.6 30.5 47.7 32.4 u20 29.8 13.2 22.5 38.6 33.3 66.7 27.9 35.4 33.2 28.3 u21 39.8 19.7 53.7 19.2 28.5 19.8 32.3 31.2 31.4 25.3 u22 39.1 35.6 39.6 44.2 22.1 33.1 19.4 31.3 19.4 28.5 u23 30.9 23.3 28.6 26.7 21.8 32.1 12.5 43.2 23.4 55.3 u24 33.5 21.3 41.4 21.4 31.2 24.1 18.4 22.3 16.4 39.2 u25 42.5 19.7 29.6 19.6 38.2 22.4 21.3 38.2 19.4 18.3 average 36.9 30.5 41.6 32.2 36.0 26.5 29.2 30.8 29.9 40.7 standarddeviation 9.50 19.9 11.1 20.8 13.5 15.7 11.0 9.22 10.9 19.2 8 problemofkeystroke-basedmobileuseridentication.Specically,variationinthefea-tures'setresultsinadiffuseddatasetandconsequentlyitisnotpossibletoassigncrispclassicationboundariestodifferentusers.Astudyofexistingclassiersrevealsthatclassiersbaseduponfuzzylogic[30]arewell-suitedforthisproblem.Fuzzyclassierscanprovideacceptableaccuraciesondiffuseddatasetsbecausetheyassignagivendatapointadegreeofmembershiptoallavailableclasses.Theprimarytaskoffuzzyclas-sicationistodeterminetheboundariesofthedecisionregionsbasedonthetrainingdatapoints.Oncetheclass-labeleddecisionregionsinthefeaturespacearedetermined,classicationofanunknownpointisachievedbysimplyidentifyingtheregioninwhichtheunknownpointresides.Sincefuzzylogicassignseachdatapointadegreeofmem-bershiptodifferentdecisionregionsinsteadofasingleassociationtoadecisionregion,weexpectafuzzyclassiertoprovideanaccurateandefcientlearningmechanismforthediffusedmobilephonefeature-set.Theremainderofthissectiondevelopsandevaluatesafuzzyclassierformobileuserclassication.InitialLearningusingaFeed-ForwardFuzzyClassierWeareworkingonatwo-classclassicationproblemasweneedtodistinguishbetweenalegitimateuserandanimposter.Afuzzysystemisbasedonadatabase,rulebase,andafuzzyinferencesystem.Thedatabaseiscomposedoflinguisticvariables,fuzzypartitions,andmem-bershipfunctions.Wenowdescribeourfuzzyclusteringalgorithmandthenevaluateitsaccuracyonthemobilekeystrokesdataset.Inordertodetermineaninitialrulebaseforfuzzysystem,wedenethecentroidofaclusterintheformof(x1;x2;:::;xz),wherex1,x2,...,xzarethevaluesoftherst,second,...,zthfeature,respectively,wherezisthedimensionofthefeaturevector.Itismentionedearlierthatweusez=6features.Foragivendatapoint,wesearchitsvalueinthecorrespondingfuzzysets,determineitsdegreeofmembershiptoeachfuzzypartitionandthenassignthepointtothepartitionwiththemaximumdegreeofmembership.Todeterminetheconsequentofarule,wendthedensityoftheclusterofthecentroidforwhichwearedeninganantecedentoftherule.Ifaclusterhashigh,mediumorlowdensitythentheoutputbelongstothefuzzypartitionshigh,mediumorlow,respectively,intheconsequentoftherule.Werepeatthisprocedureforalltrainingdatapointstodenearule-baseusingthecentroidsofalltheclusters.Togiveapreliminaryindicationoftheaccuracyoftherstphaseofourproposedsystem,theFARandFRRvaluesofthefuzzyclassierareshowninTable3.FARandFRRofapproximately18.6%and19.0%,respectively–muchbettercomparedwithexistingclassiersinTable4–arestillfarfromacceptable.Theseaccuracyresultsdonotmeettherequirementsthatwehavesetforoursystem.Inourperformanceevalu-ation,weobservedthatthemainaccuracylimitingfactorforthefuzzyclassierwasthedynamicallychangingkeystrokebehaviorofmobileusers.Thustheperformanceofthefeed-forwardfuzzyclassiercanbeimprovedifweuseanonlinedynamicop-timizerthatcandynamicallytrackandfeedbackthechangingfeaturetrendsintothefuzzysystem.PriorworkhasshownthatParticleSwarmOptimizers(PSO)andGeneticAlgo-rithms(GAs)havethecapabilitytoadaptwithchangesindata[11],[5].Therefore,in10 siderably.Ifwecansomehowusetheconceptoffeedbackandrandomnesstogether,theoreticallytheaccuracyofourfuzzyclassiershouldbeimproved.Forthissce-nario,weusePSOandGAtogetherforoptimizingthedatabaseandrulebaseofthefeed-forwardfuzzyclassier.TheresultsofthefuzzyclassieroptimizedbyahybridPSO-GAoptimizeraretabulatedinTable3.ItcanbeseenthattheFARandFRRhaveimprovedsubstantiallytoapproximately2%;asaresult,ourhybridsystemisabletomeettheaccuracyrequirementssetearlier.Anotherimportantthingtomentionhereisthestandarddeviationoftheresults.ThestandarddeviationofourproposedhybridPSO-GA-Fuzzysystemisonly0.73%forFARand0.47%forFRRwhichisnegligible.Wehaverepeatedtheexperimentsforourscheme500timesandthecondenceintervalofourresultsis95%usingt-distribution.Thisshowsthattheresultsproducedbyoursystemarestatisticallysignicantandthevariationintheresultsisquitelow.5.2AlgorithminVericationModeIfthedetectionmoderaisesanalarm,thesystemmovestothevericationmode.Inthismode,weaskthesuspicioususertoenteraremembered8-characterPIN.DuringthePINentryprocess,weobservehis/herkeystrokepatternsandconcludewhetherornotthecurrentuserisanimposter.Inthismode,thesystemextractsthreefeatures–keyholdtime,digraph(irrespectiveofthepositionofkeys)anderrorrate–fromthekeylogofenteringthePIN.Notethathereweuseonlythreefeaturesbecausewehaveempiricallydeterminedthatthesefeaturesaresufcienttoachievecloseto0%error.Wehavealsoempiricallydeterminedifapotentialimposterpassesthetesttwiceinthreeattempts,wedeclarehim/heralegitimateuser.Wehavearrivedatthiscon-gurationbyrunningacontrolledexperiment.Weasked10ofourcolleaguestoentertheirPINs30timesfortraining.Aftertraining,weaskedallofthese10colleaguestoentertheirpasswords5times.Weobservedthateachofthemhasbeenabletoenterhis/herpasswordwithcorrectbehavioratleasttwooutoftherstthreeattempts.Later,weselectedthreeimpostersforeachofthose10colleaguesandinformedthemaboutthecorrectpasswordsoflegitimateusers.Weagainrequestedimposterstoenterthepassword5timesanditwasinterestingtonotethatnoneofthemwasabletoenterthepasswordwithmatchingbehaviorevenonce.ForPINverication,wehavedesignedasimple,efcientandaccurateclassierspecicallyforkeystrokedynamics.Ourclassierdynamicallyassignsanimpressioncoefcient(iC)toauseronthebasisofhis/herPINtypingkeystrokepattern.Wearguethatalegitimateuserislesslikelytocommitamistakewhileenteringhis/herPIN;therefore,committingamistakeduringthePINentryprocesscountsnegativelytowardsthepossibilitythatthecurrentuseristhelegitimateuser.Wecalculatethedifferencebetweenthekeyholdtimesofkeysofcurrentprolewiththekeyholdtimesofallthecorrespondingkeysofthestandardprolesofauserandthensumupallthesedifferencestondtheoveralldifferenceinthekeyholdtime.Similarly,wendanoveralldifferenceinthedigraphtime.Finally,wesumoverallkeyholdtimedifferenceanddigraphdifferencetodenetheimpressioncoefcientofPINenteringbehavior.IfausercommitsamistakeduringthePINentryprocess,wepenalizehim/herforeacherrorbyaddinglmillisecondstotheoveralldifferencevalue.12 Table4.Accuracyresultsafterdetectionmodeandvericationmodeforaxedprolesizeof250keystrokes After After After After After After Detection Verication Detection Verication Detection Verication Mode Mode Mode Mode Mode Mode Users FAR FRR FAR FRR Users FAR FRR FAR FRR Users FAR FRR FAR FRR u1 2.13 1.76 2.13 0 u2 1.61 0.82 1.61 0 u3 2.14 1.71 2.14 0 u4 1.19 1.56 1.19 0 u5 1.87 2.01 1.87 0 u6 2.01 2.33 2.01 0 u7 1.46 2.15 1.46 0 u8 2.14 1.61 2.14 0 u9 3.34 1.14 3.34 0 u10 1.73 1.28 1.73 0 u11 2.43 1.86 2.43 0 u12 1.71 1.92 1.71 0 u13 3.44 1.81 3.44 0 u14 1.29 1.38 1.29 0 u15 3.37 1.95 3.37 0 u16 2.31 2.11 2.31 0 u17 1.82 2.04 1.82 0 u18 1.01 1.72 1.01 0 u19 1.21 1.04 1.21 0 u20 2.04 1.33 2.04 0 u21 1.41 2.38 1.41 0 u22 2.12 2.24 2.12 0 u23 2.02 2.92 2.02 0 u24 3.11 1.14 3.11 0 u25 2.97 1.19 2.97 0 Avg 2.07 1.73 2.07 0 SD 0.73 0.47 0.73 0 oursystemiscompletelyuserfriendlyandneverrejectsalegitimateuser.ItalsohasaverylowFARcomparedwithothertechniques.Whatistheimpactofnumberofprolesontheaccuracyofoursystem?Scalabilityanalysisisimportanttodeterminetheminimumnumberofproles/keystrokesrequiredtoachieveacceptableaccuracy.Wetaketheuserswiththemostnumberofproles(u10,u14,andu15)forourscalabilityanalysisandtabulatetheresultsinTable5.Notethateachproleismadeupof250keys.TheresultsinTable5suggestagradual,almostlineardecreaseinFARandFRRasweincreasethenumberoftrainingprolesupto50.Thisshowsthatasthenumberoftrainingprolesincreases,theaccuracyofoursystemincreases.Whatistherelationshipbetweenthesizeofaproleandaccuracyofoursystem?Forthesameusers(u10,u14,andu15,)wenowtake50prolesofeachuserandstudytherelationshipbetweenFARandFRRandthesizeofaprole.TheseresultsarealsotabulatedinTable5.ItisobviousfromTable5thatFARandFRRvaluesdegradeforsmallsizeproles,however,foraproleof250keys,theerrorratesontheaverageare2%.Itcanalsobeseenthatincreasingthesizeofprolefrom250to350keysfurtherimprovesthedetectionaccuracybuttheimprovementisnotmuchsignicant;therefore,weuseaproleof250keys.Notethatincreasingthesizeofprolenotonlyincreasesthedetectionaccuracybutalsothetimerequiredtomakeaprole.Ouraimistogetreasonabledetectionaccuracywithassmallaprolesizeaspossible.(Prolesizeof250keyssatisesthecriteria.)Table5.Relationshipofnumberoftrainingprolesandsizeofaprolewitherrorrates Numberofproles(ProleSize=250) Sizeofprole(NumberofProles=50) 20 30 40 50 150 200 250 300 350 Users FAR FRR FAR FRR FAR FRR FAR FRR FAR FRR FAR FRR FAR FRR FAR FRR FAR FRR u10 2.32 1.99 2.01 1.51 1.93 1.35 1.74 1.29 11.2 7.28 4.98 3.45 1.74 1.29 1.45 1.11 1.10 1.01 u14 3.21 2.21 1.97 2.01 1.77 1.78 1.30 1.40 9.21 8.12 4.11 4.01 1.30 1.40 1.03 1.21 0.97 1.11 u15 5.89 3.13 5.11 2.72 4.01 2.11 3.39 1.98 17.8 11.5 9.62 6.22 3.39 1.98 2.87 1.23 1.91 0.99 Whatistheuseridenticationdelay?Table6showstheaveragenumberofSMSausertypesinasingleprole.Rememberoursystemtriestoclassifyauserafterevery250keystrokesusingthekeystrokesfeatures'set.ItcanbeseenfromTable6thatonthe14 Table8.Theprocessingoverheadsofclassiersonanold233MHz,32MBRAMcomputer Algorithm Train Test Algorithm Train Test Algorithm Train Test Algorithm Train Test (secs) (secs) (secs) (secs) (secs) (secs) (secs) (secs) PSO-GAFuzzy 28 0.52 NaiveBayes 0 0.52 BPNN 4.8 2.0 RBFN 0.41 0.42 Kstar 8 0.21 J48 0.23 0.22 Moreover,unlikedesktopcomputers,mobilephonesremainidlemuchofthetimeandtheretrainingcanbeperformedduringtheseinactivityperiods.7LimitationsandPotentialCountermeasuresWenowhighlighttheimportantlimitationsandcountermeasuresofoursystem.Identicationdelayperiod.Oursystemcandetectanimposterafterobservingamin-imumof250keystrokes.Theidenticationdelayishenceafunctionoftheimposterskeyboardusage.Wearguethatanimposter'skeyboardusagecanbelongtooneofthefollowingtwotypes:(1)he/shewantstogetaccesstothesensitiveinformation/documentsonthephone,and(2)he/shewantstostealthemobilephone.Intherstcase,theim-postermusttrytoquicklygetaccesstothesensitiveinformationand,asaresult,thetimetogenerateaproleof250keystrokes,asmentionedbefore,willreduceto10-15minutes.Iftheimposterisofthesecondtype,thenoursystemwilldetecthim/heroncehe/shetriestologinthroughourPINvericationprocedure.Accuracyissensitivetothenumberofproles.Anothershortcomingofourapproachisthatitrequiresacoldstartof30ormoreprolestoaccuratelylearnthebehaviorofauser.Inthistimeperiod,thesystemmightsufferfromrelativelyhighFARandFRRwhicharestillcomparablewiththeexistingtechniques(seeTables4and5).ButoursystemprovidessignicantlybetterFARandFRRaftercollectingjustoneweekoftrainingdata,whichwebelieveisquitereasonable.Portabilitytofullkeyboardsmartphones.WehavenottestedourprototypeonBlackBerrycategoryofphoneswhichhavefullnon-multiplexedkeyboard.Whilewebelievethattheresultsofoursystemwillscaletothesephones,wearecurrentlysolic-itingvolunteerswithfullkeyboardNokiaphonesfortestingandevaluation.Relativelylargetrainingtime.Oursystemstakes28secondsontheaverageonceweretrainitafterevery5proles.Duringthese28secondsaftereveryfewhours,there-sponsetimeofthemobilephonedegradeswhichmightresultinsomeannoyancetotheuser.WearguethatthiscostisworththebenetofverylowFARandFRRvaluesofoursystem.Moreover,assuggestedearlier,theretrainingmodulecanbecustomizedtoexecuteduringinactivityperiods.ResiliencetoreinstallingOS.AsavvyimpostermayreinstalltheOSonthephone,thuscircumventingoursystem.Thisisacommonlimitationforallhost-basedintrusiondetectionsystems.AsolutiontothisproblemisOSvirtualizationwhichiscomputa-tionallyinfeasibleoncontemporarymobilephones.16 13.http://www.biopassword.com.BioPasswordInc.14.Y.S.HwangandS.Y.Bang.AnEfcientMethodtoConstructaRadialBasisFunctionNeuralNetworkClassier.NeuralNetworks,10(8):1495–1503,1997.15.R.JoyceandG.Gupta.Identityauthenticationbasedonkeystrokelatencies.Communica-tionsoftheACM,33(2):168–176,1990.16.S.KaratzouniandN.Clarke.KeystrokeAnalysisforThumb-basedKeyboardsonMobileDevices.InternationalFederationforInformationProcessing-Publications-IFIP,232:253,2007.17.J.KennedyandR.Eberhart.Particleswarmoptimization.InNeuralNetworks,1995.Pro-ceedings.,IEEEInternationalConferenceon,volume4,1995.18.J.LeggettandG.Williams.Verifyingidentityviakeystrokecharacteristics.InternationalJournalofMan-MachineStudies,28(1):67–76,1988.19.J.Leggett,G.Williams,M.Usnick,andM.Longnecker.Dynamicidentityvericationviakeystrokecharacteristics.InternationalJournalofMan-MachineStudies,35(6):859–870,1991.20.P.Lilley.Hacked,Attacked&Abused:DigitalCrimeExposed.KoganPageLtd,2002.21.D.Mahar,R.Napier,M.Wagner,W.Laverty,RDHenderson,andM.Hiron.Optimiz-ingdigraph-latencybasedbiometrictypistvericationsystems:interandintratypistdiffer-encesindigraphlatencydistributions.Internationaljournalofhuman-computerstudies,43(4):579–592,1995.22.M.S.ObaidatandB.Sadoun.KeystrokeDynamicsbasedAuthenticationBiometrics.Sys-tems,manandcybernatics,27(2):261–269,1997.23.J.D.PaolaandR.Schowengerdt.Adetailedcomparisonofbackpropagationneuralnetworkandmaximum-likelihoodclassiersforurbanlanduseclassication.IEEETransactionsonGeoscienceandRemoteSensing,33(4):981–996,1995.24.J.R.Quinlan.Bagging,Boosting,andC4.5.InProceedingsoftheNCAI,pages725–730,1996.25.I.Rish.AnempiricalstudyofthenaiveBayesclassier.InProceedingsofIJCAI-01Work-shoponEmpiricalMethodsinArticialIntelligence,volume335,2001.26.D.Sims.Biometricrecognition:ourhands,eyes,andfacesgiveusaway.ComputerGraphicsandApplications,IEEE,14(5):14–15,1994.27.D.UmphressandG.Williams.IdentityVericationThroughKeyboardCharacteristics.In-ternationalJournalofMan-MachineStudies,23(3):263–273,1985.28.X.Wang,M.H.Heydari,andH.Lin.Anintrusion-tolerantpasswordauthenticationsystem.InComputerSecurityApplicationsConference,2003.Proceedings.19thAnnual,pages110–118,2003.29.I.H.Witten,UniversityofWaikato,andDept.ofComputerScience.WEKAPracticalMa-chineLearningToolsandTechniqueswithJavaImplementations.Dept.ofComputerSci-ence,UniversityofWaikato,1999.30.L.A.Zadeh.Fuzzysets.FuzzySets,FuzzyLogic,andFuzzySystems:SelectedPapers,1996.18