Password secured sites : stepping forward with keystroke dynamics

Abstract

Computer Authentication is a critical component of most computer systems, especially those used in e-Commerce activities over the internet. Global access to information makes security, namely the authentication process, a critical design issue in these systems. In what concerns to authentication, what is required is a reliable, hardware independent and efficient security system. In this paper, we propose an extension to a keystroke dynamics based security system. We provide evidence that completely software based systems can be as effective as expensive and cumbersome hardware based systems. Our system is a behavioral based system that captures the normal typing patterns of a user and uses that information, in addition to standard login/password security to provide a system that is user-friendly and very effective at detecting imposters. The results provide a means of dealing with enhanced security that is growing in demand in web-based applications based on Commerce.