Abstract
Mobile handsets have found an important place in modern society, with hundreds of millions currently in use. The majority of these devices use inherently weak authentication mechanisms, based upon passwords and PINs. This paper presents a feasibility study into a biometric-based technique, known as keystroke analysis – which authenticates the user based upon their typing characteristic. In particular, this paper identifies two typical handset interactions, entering telephone numbers and typing text messages, and seeks to authenticate the user during their normal handset interaction. It was found that neural network classifiers were able to perform classification with average equal error rates of 12.8%. Based upon these results, the paper concludes by proposing a flexible and robust framework to permit the continuous and transparent authentication of the user, thereby maximising security and minimising user inconvenience, to service the needs of the insecure and evermore functional mobile handset.
Similar content being viewed by others
References
Ashbourn J. (2000): Biometric. Advanced Identity Verification. The Complete Guide. Springer, Berlin Heidelberg New York
Best, J.: Steal to order phone theft crackdown. Silicon.Com. www.silicon.com/networks/mobile/0,39024665,39117404,00. html (2003)
Bishop M. (1995): Neural Networks for Pattern Classification. Oxford University Press, Oxford
Cho S., Han C., Han D., Kin H. (2000): Web based keystroke dynamics identity verification using neural networks. J. Organ. Comput. Electron. Commerce 10, 295–307
Clarke N., Furnell S., Rodwell P., Reynolds P. (2002): Acceptance of subscriber authentication for mobile telephony devices. Secur. 21(3): 220–228
Clarke, N.L., Furnell, S.M., Lines, B., Reynolds, P.L.: Subscriber authentication for mobile phones using keystroke dynamics. In: Proceedings of the Third International Network Conference (INC 2002), Plymouth, UK, pp. 347–355 (2002)
Demuth, H., Beale, M.: Technical support documents – neural network toolbox. MathWorks Inc MatLab (version. 6.1) (2001)
GSM World.com: World Cellular www.gsmworld. com/news/statistics/index.shtml (2004)
Hagan, M., Demuth, H., Beale, M.: Neural Network Design. PWS Publishing (1996)
Haykin, S.: Neural Networks: A Comprehensive Foundation, 2nd edn. Prentice-Hall Engle wood Cliffs (1999)
Hogg R., Ledolter J. (1989): Engineering Statistics. Macmillan, New York
Kohonen T. (1997): Self Organising Maps. Springer, Berlin Heidelberg New York
Lemote, J., Clarke N., Furnell, S.: Artificial impostor profiling for keystroke analysis on a mobile handset. In: Proceedings of the International Networking Conference (INC) 2005, Samos, Greece, 5–7th July 2005 (2004)
Leyden, J.: Mobile phone theft is far worse than we thought. The Register. February 2002. www.theregister.co.uk/content/ archive/24138.html (2002)
Monrose R., Rubin A. (1999): Keystroke dynamics as a biometric for authentication. Future Gener. Comput. Syst. 16(4): 351–359
Napier R., Laverty W., Mahar D., Henderson R., Hiron M., Wagner M. (1995): Keyboard user verification: toward an accurate, efficient and ecologically valid algorithm. Int. J. Hum. – Comput. Stud. 43, 213–222
Obaidat M., Sadoun B. (1997): Verification of computer uses using keystroke dynamics. IEEE Trans. Syst. Man Cybern. – Part B: Cybern. 27(2): 261–269
Obaidat M., Macchairolo D. (1994): A multilayer neural network system for computer access security. IEEE Trans. Syst. Man Cybern. 24(5): 806–813
Smith, R.: Authentication – from Passwords to Public Keys. Addison-Wesley Reading (2002)
Triola, M.: Elementary Statistics, 7th edn. Addison-Wesley Reading (1998)
Umphress D., Williams G. (1985): Identity verification through keyboard characteristics. Int. J. Man-Mach. Stud. 23, 263–273
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Clarke, N.L., Furnell, S.M. Authenticating mobile phone users using keystroke analysis. Int. J. Inf. Secur. 6, 1–14 (2007). https://doi.org/10.1007/s10207-006-0006-6
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10207-006-0006-6