Evaluation Scheme to Analyze Keystroke Dynamics Methods

TL;DR

This paper proposes an evaluation scheme for keystroke dynamics as a biometric authentication method on smartphones, comparing three approaches and discussing their security and usability implications.

Contribution

It introduces a structured evaluation scheme for keystroke dynamics and applies it to compare different approaches, highlighting strengths and vulnerabilities.

Findings

Keystroke dynamics can serve as an additional authentication method.

The evaluation scheme helps compare different keystroke-based approaches.

Stronger adversaries can bypass keystroke dynamics security.

Abstract

Password authentication is a weak point for security as passwords are easily stolen and a user may ignore the security by using a simple password. Therefore, services increasingly demand a second factor. While this may enhance security, it comes with a lower level of usability and another factor to be forgotten. A smartphone is an important device in daily life. With the growing number of sensors and features in a smartphone, keystroke dynamics may provide an easy-to-use method. In this paper, we introduce requirements for biometric authentication and keystroke dynamics. This results in an evaluation scheme, which is applied to three selected approaches. Based on the comparison, keystroke dynamics and the evaluation scheme are discussed. The obtained results indicate that keystroke dynamics can be used as another authentication method but can be bypassed by stronger adversaries. For further research, a common data set would improve the comparability.