Keystroke Biometric Data for Identity Verification: Performance Analysis of Machine Learning Algorithms

Year 2023, , 143 - 150, 18.10.2023

Erhan Yılmaz , Özgü Can

https://doi.org/10.53070/bbd.1345519

Abstract

Cyber-attacks are on the rise in today's environment, where traditional security measures are ineffective. As a result, the adoption of cutting-edge tools such as artificial intelligence technology is critical in the fight against cyber threats. User behaviors, such as keyboard dynamics, provide potential data that can be used for protection against cyber-attacks. Keystroke dynamics is one of the fastest and most cost-effective methods that can be used to detect user behaviors, as it can be captured using standard user keyboards. The analysis of this data and protection against cyber-attacks is made possible through machine learning algorithms. Based on keyboard dynamics, this study analyzes the performance of k-Nearest Neighbor (k-NN), Support Vector Machines (SVM), Random Forest (RF), and Neural Network (NN) methods for user behavior analysis and anomaly detection. The findings shed light on the significance of artificial intelligence in cyber security by examining the accomplishments of several machine learning algorithms. The study's findings may serve as a foundation for future research and novel solutions in the realm of cyber security.

Keywords

Keystroke analysis, anomaly detection, user behavior analytics, machine learning

Kimlik Doğrulama için Tuş Vuruşu Biyometrik Verileri: Makine Öğrenmesi Algoritmalarının Performans Analizi

Abstract

Geleneksel güvenlik önlemlerinin etkisiz kaldığı günümüzde siber saldırılar giderek artmaktadır. Sonuç olarak, yapay zeka teknolojisi gibi son teknoloji araçların benimsenmesi, siber tehditlere karşı mücadelede kritik önem taşımaktadır. Klavye dinamikleri gibi kullanıcı davranışları, siber saldırılara karşı koruma için kullanılabilecek potansiyel veriler sağlamaktadır. Tuş vuruş dinamikleri, standart kullanıcı klavyeleri kullanılarak yakalanabildiğinden, kullanıcı davranışlarını tespit etmek için kullanılabilecek en hızlı ve en uygun maliyetli yöntemlerden biridir. Bu verinin analizi ve siber saldırılara karşı kullanılması makine öğrenimi algoritmaları ile mümkün olmaktadır. Bu çalışmada, klavye dinamikleri temel alınarak, kullanıcı davranışı analizi ve anomali tespiti için k-En Yakın Komşu (k-NN), Destek Vektör Makineleri (SVM), Rastgele Orman (RF) ve Sinir Ağı (NN) yöntemlerinin performansı analiz edilmektedir. Bulgular, çeşitli makine öğrenimi algoritmalarının başarılarını inceleyerek yapay zekanın siber güvenlikteki önemine ışık tutmaktadır. Çalışmanın bulguları, siber güvenlik alanında gelecekteki araştırmalar ve yeni çözümler için bir temel oluşturabilir.

Keywords

Tuş vuruşu analizi, kullanıcı davranışı analizi, anomali tespiti, makine öğrenimi

References

• Anderson, R., & Moore, T. (2006). The economics of information security. science, 314(5799), 610-613.
• Gordon, L. A., Loeb, M. P., & Sohail, T. (2003). A framework for using insurance for cyber-risk management. Communications of the ACM, 46(3), 81-85.
• Li, Y., & Liu, Q. (2021). A comprehensive review study of cyber-attacks and cyber security; Emerging trends and recent developments. Energy Reports, 7, 8176-8186.
• Buczak, A. L., & Guven, E. (2015). A survey of data mining and machine learning methods for cyber security intrusion detection. IEEE Communications surveys & tutorials, 18(2), 1153-1176.
• Sarker, I. H., Kayes, A. S. M., Badsha, S., Alqahtani, H., Watters, P., & Ng, A. (2020). Cybersecurity data science: an overview from machine learning perspective. Journal of Big data, 7, 1-29.
• Revett, K. (2009). A bioinformatics based approach to user authentication via keystroke dynamics. International Journal of Control, Automation and Systems, 7, 7-15.
• Banerjee, S. P., & Woodard, D. L. (2012). Biometric authentication and identification using keystroke dynamics: A survey. Journal of Pattern recognition research, 7(1), 116-139.
• Joyce, R., & Gupta, G. (1990). Identity authentication based on keystroke latencies. Communications of the ACM, 33(2), 168-176.
• Gunetti, D., & Picardi, C. (2005). Keystroke analysis of free text. ACM Transactions on Information and System Security (TISSEC), 8(3), 312-347.
• Bergadano, F., Gunetti, D., & Picardi, C. (2002). User authentication through keystroke dynamics. ACM Transactions on Information and System Security (TISSEC), 5(4), 367-397.
• Chandola, V., Banerjee, A., & Kumar, V. (2009). Anomaly detection: A survey. ACM computing surveys (CSUR), 41(3), 1-58.
• Ahmed, A. A. E., & Traore, I. (2005, June). Anomaly intrusion detection based on biometrics. In Proceedings from the sixth annual IEEE SMC information assurance workshop (pp. 452-453). IEEE.
• Porwik, P., Doroz, R., & Wesolowski, T. E. (2021). Dynamic keystroke pattern analysis and classifiers with competence for user recognition. Applied Soft Computing, 99, 106902.
• Ivannikova, E., David, G., & Hämäläinen, T. (2017, July). Anomaly detection approach to keystroke dynamics based user authentication. In 2017 IEEE Symposium on Computers and Communications (ISCC) (pp. 885-889). IEEE.
• Muliono, Y., Ham, H., & Darmawan, D. (2018). Keystroke dynamic classification using machine learning for password authorization. Procedia Computer Science, 135, 564-569.
• Aversano, L., Bernardi, M. L., Cimitile, M., & Pecori, R. (2021). Continuous authentication using deep neural networks ensemble on keystroke dynamics. PeerJ Computer Science, 7, e525.
• Akşit, N., Aydın, M. A., & Zaim, A. H. (2022). Siber Güvenlikte Klavye Davranış Analizi. İstanbul Ticaret Üniversitesi Teknoloji ve Uygulamalı Bilimler Dergisi, 5(1), 109-122.
• Kar, S., Bamotra, A., Duvvuri, B., & Mohanan, R. (2023). KeyDetect--Detection of anomalies and user based on Keystroke Dynamics. arXiv preprint arXiv:2304.03958.
• Killourhy, K. S., & Maxion, R. A. (2009, June). Comparing anomaly-detection algorithms for keystroke dynamics. In 2009 IEEE/IFIP International Conference on Dependable Systems & Networks (pp. 125-134). IEEE.
• Cover, T., & Hart, P. (1967). Nearest neighbor pattern classification. IEEE transactions on information theory, 13(1), 21-27.
• Cortes, C., & Vapnik, V. (1995). Support-vector networks. Machine learning, 20, 273-297.
• Breiman, L. (2001). Random forests. Machine learning, 45, 5-32.
• LeCun, Y., Bengio, Y., & Hinton, G. (2015). Deep learning. nature, 521(7553), 436-444.
• Monrose, F., & Rubin, A. D. (2000). Keystroke dynamics as a biometric for authentication. Future Generation computer systems, 16(4), 351-359.
• Saini, B. S., Kaur, N., & Bhatia, K. S. (2017, January). Keystroke dynamics based user authentication using numeric keypad. In 2017 7th International Conference on Cloud Computing, Data Science & Engineering-Confluence (pp. 25-29). IEEE.
• Darabseh, A., & Namin, A. S. (2015, October). On accuracy of classification-based keystroke dynamics for continuous user authentication. In 2015 International Conference on Cyberworlds (CW) (pp. 321-324). IEEE. Fawcett, T. (2006). An introduction to ROC analysis. Pattern recognition letters, 27(8), 861-874.