Publicação
Improving web authentication with keystroke dynamics
| Resumo: | Authentication is frequently referred as the most critical part of a computer system security. Users commonly identify themselves using a combination of username and password, but sometimes this is not enough. Concerning web-based services, attacks like phishing or social engineering can easily result in identity theft. In addition, the widespread use of single sign-on services can seriously increase the consequences of such attacks. In these circumstances strong authentication is mandatory. Strong authentication is often implemented using additional authentication steps or specialized hardware modules, which is not suitable for web-based systems. However, biometrics can used to overcome these limitations. More specifically, behavioural biometrics based on keyboard typing patterns can provide an extra security layer on top of conventional authentication methods, with no additional cost and no impact to the user experience. This work aims to evaluate the feasibility of the implementation of strong authentication on the web using keystroke dynamics. This is carried out through the creation of a web-application prototype, collection of a keystroke dynamics dataset and analysis of various matching algorithms and performance metrics on the collected data. |
|---|---|
| Autores principais: | Oliveira, Tiago Costa |
| Assunto: | Security Authentication Web Biometrics Keystroke dynamics |
| Ano: | 2014 |
| País: | Portugal |
| Tipo de documento: | dissertação de mestrado |
| Tipo de acesso: | acesso aberto |
| Instituição associada: | Universidade do Minho |
| Idioma: | inglês |
| Origem: | RepositóriUM - Universidade do Minho |
| Resumo: | Authentication is frequently referred as the most critical part of a computer system security. Users commonly identify themselves using a combination of username and password, but sometimes this is not enough. Concerning web-based services, attacks like phishing or social engineering can easily result in identity theft. In addition, the widespread use of single sign-on services can seriously increase the consequences of such attacks. In these circumstances strong authentication is mandatory. Strong authentication is often implemented using additional authentication steps or specialized hardware modules, which is not suitable for web-based systems. However, biometrics can used to overcome these limitations. More specifically, behavioural biometrics based on keyboard typing patterns can provide an extra security layer on top of conventional authentication methods, with no additional cost and no impact to the user experience. This work aims to evaluate the feasibility of the implementation of strong authentication on the web using keystroke dynamics. This is carried out through the creation of a web-application prototype, collection of a keystroke dynamics dataset and analysis of various matching algorithms and performance metrics on the collected data. |
|---|