Entry Serwadda:2013:ELK from tissec.bib

Last update: Sun Oct 15 02:58:48 MDT 2017                Valid HTML 3.2!

Index sections

Top | Symbols | Numbers | Math | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z

BibTeX entry

@Article{Serwadda:2013:ELK,
  author =       "Abdul Serwadda and Vir V. Phoha",
  title =        "Examining a Large Keystroke Biometrics Dataset for
                 Statistical-Attack Openings",
  journal =      j-TISSEC,
  volume =       "16",
  number =       "2",
  pages =        "8:1--8:??",
  month =        sep,
  year =         "2013",
  CODEN =        "ATISBQ",
  DOI =          "https://doi.org/10.1145/2516960",
  ISSN =         "1094-9224 (print), 1557-7406 (electronic)",
  ISSN-L =       "1094-9224",
  bibdate =      "Mon Sep 23 17:04:07 MDT 2013",
  bibsource =    "http://portal.acm.org/;
                 http://www.math.utah.edu/pub/tex/bib/cryptography2010.bib;
                 http://www.math.utah.edu/pub/tex/bib/tissec.bib",
  abstract =     "Research on keystroke-based authentication has
                 traditionally assumed human impostors who generate
                 forgeries by physically typing on the keyboard. With
                 bots now well understood to have the capacity to
                 originate precisely timed keystroke sequences, this
                 model of attack is likely to underestimate the threat
                 facing a keystroke-based system in practice. In this
                 work, we investigate how a keystroke-based
                 authentication system would perform if it were
                 subjected to synthetic attacks designed to mimic the
                 typical user. To implement the attacks, we perform a
                 rigorous statistical analysis on keystroke biometrics
                 data collected over a 2-year period from more than 3000
                 users, and then use the observed statistical traits to
                 design and launch algorithmic attacks against three
                 state-of-the-art password-based keystroke verification
                 systems. Relative to the zero-effort attacks typically
                 used to test the performance of keystroke biometric
                 systems, we show that our algorithmic attack increases
                 the mean Equal Error Rates (EERs) of three high
                 performance keystroke verifiers by between 28.6\% and
                 84.4\%. We also find that the impact of the attack is
                 more pronounced when the keystroke profiles subjected
                 to the attack are based on shorter strings, and that
                 some users see considerably greater performance
                 degradation under the attack than others. This article
                 calls for a shift from the traditional zero-effort
                 approach of testing the performance of password-based
                 keystroke verifiers, to a more rigorous algorithmic
                 approach that captures the threat posed by today's
                 bots.",
  acknowledgement = ack-nhfb,
  articleno =    "8",
  fjournal =     "ACM Transactions on Information and System Security",
  journal-URL =  "http://portal.acm.org/browse_dl.cfm?idx=J789",
}

Related entries