F. Monrose & A. Rubin. Authentication via keystroke dynamics. 4th ACM Conference on Computer and Communcations Security (April, 1997).  Home/Search   Document Details and Download   Summary   Related Articles   Check

....new machine a user would like to use. An additional problem is the secure storage of secret keys. Another type of a biometric scheme that does not require special readers, enhances the entropy of user passwords by measuring users key stroke dynamics while they enter their passwords (cf. e.g. [17, 18] and references given therein) For commercial mass market applications the reliability of the authentication method is a key requirement. In particular the false negative rate has to be negligible [18] a false negative occurs when a legitimate user enters his (correct) user name password pair, ....

F. Monrose and A. Rubin. Authentication via keystroke dynamics. In 4th ACM Conference on Computer and Communications Security, April 1997.

....of users typing from the arrival times of packets. Experience shows that users typing follows stable patterns 1 . Many researchers have proposed to use the duration of key strokes and latencies between key strokes as a biometric for user authentication [GLPS80, UW85, LW88, LWU89, JG90, BSH90, MR97, RLCM98, MRW99] A more challenging question which has not yet been addressed in the literature is whether we can use timing information about key strokes to infer the key sequences being typed. If we can, can we estimate quantitatively how many bits of information are revealed by the timing ....

.... 20 20 20 20 20 i a J u l Return 20 N Prompt time time Figure 1: The traffic signature associated with running SU in a SSH session. The numbers in the figure are the size (in bytes) of the corresponding packet payloads. tity of the user [GLPS80, UW85, LW88, LWU89, JG90, BSH90, MR97, RLCM98, MRW99] In this section, we show that several simple and practical attacks exploiting these two weaknesses. In particular, an attacker can identify which transmitted packets correspond to keystrokes of sensitive data such as passwords in a SSH session. Using this information, the ....

Fabian Monrose and Avi Rubin. Authentication via keystroke dynamics. In Proceedings of the 4th ACM Conference on Computer and Communications Security, pages 48--56, April 1997.

....biometric characteristics. Biometric techniques can use physical or behavioral characteristics, or a combination of them. Physical characteristics are, for example, the retina, the fingerprint, and the palmprint. Behavioral characteristics include handwriting, voiceprint, and keystroke dynamics [37]. Biometric techniques require a first phase in which the characteristic is measured. This phase, also called enrollment , generally comprises of several measurements of the characteristic. On the basis of the different measurements, a template is computed and stored at the authentication server. ....

F. Monrose and A. Rubin. Authentication via keystroke dynamics. In Proc. of the ACM Conference on Computer and Communications Security, Zurich, Switzerland, 1997.

....misuse detection and anomaly detection. Misuse detection methods attempt to model attacks on a system as specific patterns, then systematically scan the system for occurrences of these patterns [Kumar and Spafford, 1996, Lunt, 1993, Garvey and Lunt, 1991, Porras and Kemmerer, 1992, Ilgun, 1992, Monrose and Rubin, 1997] This process involves a specific encoding of previous behaviors and actions that were deemed intrusive or malicious. Anomaly detection assumes that intrusions are highly correlated to abnormal behavior exhibited by either a user or an application. The basic idea is to baseline normal behavior ....

Monrose, F. and Rubin, A. (1997). Authentication via keystroke dynamics. In 4th ACM Conference on Computer and Communications Security.

....Agency (DARPA) Contract DAAH01 98 CR145. the views and conclusions contained in this document are those of the authors and should not be interpreted as representing the official policies, either expressed or implied, of the defense advanced research projects agency or the u.s. government. [4, 5, 6, 9, 12, 13]. This process involves a specific encoding of previous behaviors and actions that were deemed intrusive or malicious. Anomaly detection assumes that intrusions are highly correlated to abnormal behavior exhibited by either a user or network traffic. The main advantage of anomaly detection over ....

F. Monrose and A. Rubin. Authentication via keystroke dynamics. In 4th ACM Conference on Computer and Communications Security, April 1997.

No context found.

F. Monrose & A. Rubin. Authentication via keystroke dynamics. 4th ACM Conference on Computer and Communcations Security (April, 1997).

No context found.

F. Monrose and A. Rubin. Authentication via keystroke dynamics. In 4th ACM Conference on Computer and Communications Security, April 1997.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC