Application of a Dynamic Identity Authentication Model Based on an Improved Keystroke Rhythm Algorithm

Keystroke rhythm identification, which extracts biometric characteristics through keyboards without additional expensive devices, is a kind of biometric identification technology. The paper proposes a dynamic identity authentication model based on the improved keystroke rhythm algorithm in Rick Joyce model and implement this model in a mobile phone system. The experimental results show that comparing with the original model, the false alarm rate (FAR) of the improved model decreases a lot in the mobile phone system, and its growth of imposter pass rate (IPR) is slower than the Rick Joyce model's. The improved model is more suitable for small memory systems, and it has better performance in security and dynamic adaptation. This improved model has good application value.


Introduction
Along with the technical development of computers and networks, unauthorized users or hackers do more and more invasions on the information system through the network.Therefore, protection of computer security has become a matter of urgency.User's identity authentication is an important means to carry out system security.The traditional login method only depends on a single password content, which has the drawback of password leak and security problems, so biometric identification technology is proposed to enhance system security by taking use of human biological characteristics.
Biological characteristics, the only difference from other people, can automatically identify and verify the physical characteristics or behavior patterns.The biometric identification technologies currently contain hand recognition, fingerprint identification, facial recognition, voice recognition, iris recognition and signature recognition, etc [1].Although these methods can accomplish the identification, the processes of feature extractions need expensive hardware devices which limit the application range to a large extent.Keystroke rhythm identification is a kind of biometric identification, and it has the advantages of biometric identification, in addition, the greatest advantage in terms of keystroke rhythm is low cost.It costs almost no hardware and can be applied in majority of systems which only require keyboards to accomplish the identification.Moreover, once it is applied, it can play a significant role on improving the security of keyboard input, so keystroke rhythm has a wide range of application.
20th century 80's, biometric identification using personal keystroke features was first proposed.This method can effectively prevent the illegal invasions.Keystroke rhythm identification extracts characteristics through keyboards without additional devices.So many scholars have paid much attention on this issue and have made some methods of pattern recognition applied to the identity authentication based on keystroke characteristics [2].Rick Joyce and Gopal Gupta have also done some specific research on keystroke characteristics.In this paper, we will further improve the Rick Joyce algorithm to design a dynamic identification model based on keystroke rhythm which is suitable for small memory systems, then we realize it in a mobile phone system and do analysis of experimental data.

Keystroke Rhythm Algorithm of Rick Joyce Model and an Improved Model
Some studies have shown that users' keystroke rhythm characteristics like fingerprints can reflect persons' biological characteristics by the keystroke duration time and keystroke latency time [3,4].For example, the definition of the n-th keystroke duration time means the time between the n-th button is pressed and released, the n-th keystroke latency time stands for the time between the n-th button is pressed and the (n+1)-th button is pressed.
The following are two models of identity authentication based on keystroke latency time.

Rick Joyce Identity Authentication Model [5] and its Algorithm
Using keystroke rhythm as a means to study identity authentication at first is Rick Joyce and GopaIGupta.They design an identity authentication model based on keystroke rhythm -the keystroke latency time.In this system, a user is asked to type eight times of his username, password, firstname, lastname.Then the system processes the information extracted to establish a four-dimensional vector: Each component of this four-dimensional vector is the average on eight vectors, and they use M as this user's behavioral characteristic profile.In the process of identity authentication, it is required to check the information typed by tested user (assuming he/she has been aware of the content typed), thus the input information is processed to form a test vector : and the system just verify user's identity by comparing M with .T The user's keystroke rhythm can be expressed as a n-dimensional vector, in which n is the total number of input intervals, and the last number of the vector means the latency time between the last button is pressed and the enter button is pressed.Then M and can be recorded as

T  T T 
M and is expressed as Then let the first user enter eight times of information again to form eight training sequences as the reference vectors, and they can be used to calculate the value of  , then the mean and standard deviation can be gained.Consider the false alarm rate (FAR) and imposter pass rate (IPR), the verification threshold for this system is the mean plus one-andone-half standard deviation, namely: an authentic user stored in system.

A Dynamic Model Based on the Improved Algorithm
The shortcomings of the algorithm above lie in: first of all, once the characteristic profile is formed, it is difficult to modify.Secondly, the Rick Joyce algorithm ignores the consideration of signature curve shape [5], and it just compares M with by T which they do not refer to the detailed information of signature curve shape.Therefore, in terms of the shortcomings above, we make a corresponding improvement.
Because the calculation amount of the algorithm above is large, we propose a dynamic model based on the improved algorithm with a small amount of calculation.
The user is required to type his password in our system, and then the system processes the information typed to establish a one-dimensional vector: is the mean vector of eight times of keystroke latency time typed.Because of the possibility of long waiting time, the time between the last button is pressed and enter button is pressed can be ignored in this algorithm.
In general, both the keystroke rhythm of user and the tested user can be expressed as n-dimensional vectors, in which n is the total number of input intervals, namely: The difference between M and is expressed as Suppose that an imposter enters a password and the certain parts of his/her keystroke latency time are longer (or shorter) but the others are normal, because Rick Joyce model considers the latency time as a whole, it may be verified as authentic user.It is required to enhance the security for some privacy systems [7].The improved model in this paper take shape of the signature curve into account, and it contains each interval's threshold value, so the security performance is stronger.Then a threshold vector is pre-established in our model:

System Implement
The improved dynamic identity authentication model is suitable for systems with small calculation amount, so in our study, a mobile phone system will be applied.
Here, we compare the difference vector 2 M T  with the threshold vector .If , namely: As the limited space and computing capability in the mobile phone system, it needs an algorithm of small calculation amount and the less storage space.For one thing, the improved algorithm does not require too much calculation, the calculation amount about comparison and modification of rhythm characteristics are small.For another thing, mobile phones are used by individuals, and it should not be required to identify more individuals and store more keystroke rhythm profiles for them, so the storage space requirements will be reduced.In addition, the amount of buttons on the mobile phone keyboard is small and the users' keystroke actions are relatively concentrated, so that it will help to form steady keystroke characteristics to enhance the security performance.( , ) ( , ) It means that each component of difference vector i  is less than the corresponding component of threshold vector .At this time, the identity of the tested user is authentic.If , the tested user is verified as an imposter.Consider the non-regularity of user's operations, the matching percentage of corresponding components comparison can be adjusted a little.However, in this paper we adopt the matching percentage of comparison is 100% when the tested user will be considered as authentic user.i        Besides, the system will merge the test vector into the user keystroke rhythm vector M to modify the user characteristic profile when the tested user is considered as authentic user [6].For example, when the (k+1)-th result is legal, we can integrate this test vector with former user characteristic profile in system: We have established a model of identity authentication using the characteristic profile of keystroke rhythm in a mobile phone system [8].First of all, the tested users type their passwords, and then the system extracts information to form their keystrokes rhythm characteristics which are compared with the existed user characteristic profile in the mobile phone system.Only when users type the same content and their keystrokes rhythm characteristics are within the threshold value of model, they can successfully login.The system process is as follows (Figure 1): is the k-th characteristic profile of user.In this way the matching model for keystroke rhythm is variable along with the input of legal user.Accordingly, it is able to modify the keystroke rhythm and benefit the perfor-

Data Analysis and Results
The keystroke rhythms typed by users are our experimental data resources which are transformed from the mobile phone system to the computer through serial ports.The identification system requires users to login a password which contains five numbers [9].Therefore, the vectors processed in system are four-dimensional vectors.We just choose three representive group of data in the Table 1 below.In these groups, the users need to type the password for twelve times.Then we do analysis based on these data.Two groups of keystroke rhythm features can be gained by processing the data above, then we compare them with the rhythm features already stored in our system.The latency time curves of signature typed are shown in Figures 2-5.
Figures 2-5 show that only when the keystroke rhythm vector is nearly the same with the user characteristic profile, the tested user is considered as authentic user.However, the keystroke rhythm vector of imposters is far different from the user characteristic profile which means the difference is beyond the threshold value pre-established in system.Furthermore, the result demonstrates the improved model is able to accomplish the identity authentication based on keystroke rhythm in the mobile phone system.
In Table 2, M is the characteristic profile vector of user in system, and we choose four representive data to illustrate the performance of the improved model.Through the table we can clearly see that by the increase of threshold value, it has a good security performance in this system.Though we do not show the whole data, those listed above certainly have representive meanings in our study to a large extent.And the Rick Joyce model is also implemented in our system to make comparison with the improved model.The performance comparisons are showed in Figure 6.       Figure 6 shows that though the IPR is not high in the Rick Joyce model (R-model) when the threshold value using one-and-one-half standard deviation [5], the FAR is not as ideal as IPR, nearly 14%, so it is not suitable for daily operations in the small memory system due to the troubles which will take to the phone users.In the improved new model, the growth rate of IPR is less than the R-model's, and it is only 1.5% in the improved model when the threshold value using triple standard deviation, which means the threshold work well.In terms of FAR, though the value is higher than the R-model's under the same threshold, the FAR is only about 5% in new model, and it is much lower than the R-model's FAR.With the increase of threshold, the FAR decreases a lot and the IPR increases slowly in the new model.Consider roundly the application in a small memory system, the new model is better to meet the actual operation needs, and this algorithm is dynamic, so along with the increase of authentication times, the identity authentication system can be improved automatically [10].In the actual system design, through changing the multiple of the standard deviation so as to influence the threshold value, we can easily adjust the performance in security and dynamic adaptation.

Conclusions
In this paper, a dynamic model based on the improved keystroke rhythm algorithm has been proposed and a mobile phone authentication system has been implemented.In this mobile phone system, the users could login the system only by typing a password which contains five known numbers.The system verifies the identity by using the dynamic model based on the improved algorithm.The experimental results show that it is able to accomplish the identification.Then, we compare the improved model with the original model in this system.It has illustrated that the FAR is 14% in the original model and 5% in the improved one, in which the FAR decreases by 9%, and the IPR increases slowly in the new model comparing with the original model.Therefore, the improved model has a high capability of authentication in the mobile phone system.Moreover, the performance in security and dynamic adaptation can be easily adjusted by changing the threshold value in the actual system design.And the improved model can be applied to meet different requirements and protect individual privacy.This model has good application value.
Although the dynamic identity authentication model based on the improved algorithm has been demonstrated in the small memory system, more experiments will be required to investigate how the keystroke rhythm model could be applied to other aspects.For the further study, other parameters, such as the length of password vector, the number of reference vectors, should be considered to enhance our ability of devising new and better models against unauthorized users or hackers.
is considered as an imposter.If the tested user meets the inequality 1 M T    , he/she is verified as

Figure 1 .
Figure 1.System process of identity authentication based on keystroke rhythm.

Figure 2 .
Figure 2. Keystroke rhythm features stored in system.

Figure 3 .
Figure 3. Twelve login attempts of authentic user.