Post on 09-Aug-2020
RAID ‐ 2009
K t k b d UKeystroke‐based User Identification on Smart Phones
Saira Zahid1, Muhammad Shahzad1, Syed Ali Khayam1,2,, , y y ,
Muddassar Farooq1
1 Next Generation Intelligent Networks Research Center 2 School of Electrical Engineering & Computer Sciencesg
National University of Computer & Emerging Sciences
Islamabad, Pakistan
http://www.nexginrc.org
g g p
National University of Sciences & Technology
Islamabad, Pakistan
http://wisnet.seecs.edu.pk
How did the paper get accepted???How did the paper get accepted???
• Extensive use of the words
–Smart Phones
–ModelModel
2 of 28
Motivation behind User Identification on Smart Phones
• Mobile computing devices combine three extremely potent concepts
• computing
p p
• mobility • miniaturizationy
3 of 28
Motivation (Contd )
SUMMARY FIGUREM 2009
Motivation (Contd.)
SUMMARY FIGUREPROJECTED GLOBAL SALES FOR SMARPHONES, 2006‐2013
($ MILLIONS)
• May 2009
BCC Research group report : “Global Market for Smart
120140160Phones and PDAs” (USD 4850)
– 2008: Smart Phones market generated $58 7 billion
6080100120generated $58.7 billion
– 2013: expected to increase to $153.3 billion
02040
4 of 28
2006 2007 2008 2013
Objectives of the user identification system
1. Correct classification
2 Quick User identification2. Quick User identification
3. Continuous monitoring
4. Resource efficient and light weight solutionssolutions
5 of 28
Existing MethodsExisting Methods
6of 28
The solution???
K k D i
The solution???
• Keystroke Dynamics
4045
4045
2025303540
R (%
)
2025303540
R (%
)
05101520
FA
05101520
FR
0 0
7 of 28Unacceptable method. Say goodbye to keystroke dynamics
The Classification ChallengeThe Classification Challenge
8of 28
The Classification ChallengeThe Classification Challenge
• A problem ofA problem of Bio‐inspired classificationclassification
9 of 28
A Tri‐Mode System for User Identification
Tri‐ModeTri Mode System
Learning M d
Detection M d
Verification M dMode Mode Mode
10 of 28
11 of 28
Learning ModeLearning Mode
• An optimizer fine tunes rule base and database of a Fuzzy Classifiery–Genetic Algorithm (GA)
• Darwinian Evolution• Darwinian Evolution
–Particle Swarm Optimization (PSO)• Feedback• Feedback
– Hybrid of PSO and GA:• Feedback controlled Darwinian Evolution
12 of 28
• Feedback controlled Darwinian Evolution
Detection ModeDetection Mode
• Fuzzy classifier trained and ready
• Continuous user monitoringContinuous user monitoring – We don’t know what will the user write
• Classification is done after e er 250 ke• Classification is done after every 250 key presses– If the user is legitimate user, the system keeps on monitoring further
13 of 28
– If it raises as alarm, the system goes to verification mode
Verification Mode
• Activated when Detection Mode raises
Verification Mode
• Activated when Detection Mode raises an alarm
• PIN based authentication–match the typing behavior yp g
• we already know what is coming next
–Very accurateVery accurate
14 of 28
Verification Mode (The Maths)Verification Mode (The Maths)
15 of 28
Dataset
• A Key Logging application for Symbian
Dataset
• A Key Logging application for Symbianbased Nokia phones
• 25 users, 7 days– From diverse backgroundsg
– Includes students researchers professors peoplestudents, researchers, professors, people from corporate world, senior citizens businessmen engineers etc
16 of 28
citizens, businessmen, engineers etc
Visual Representation of featuresp
17 of 28
d
Adjacent
Non‐Adjacent Horizontal Digraph
Adjacent Vertical Digraph
Horizontal DigraphVertical Digraph
Non‐Adjacent Vertical Digraph
Visual Representation of featuresp
19 of 28
Experiments and Results
• Nature of Classification
p
– PSO‐GA‐Fuzzy scheme: Two class classification
– Verification mode: Anomaly detection scheme
• For training we take 1 user as legitimate and 4 random users as imposters
• Testing done on remaining 20 users and the legitimate user
• The user used as imposter in training is never presented for testing
20 of 28
Accuracy Analysisy y
354045
354045
15202530
FAR (%
)
15202530
FRR (%
)051015
051015
0 0
21 of 28An improvement of 92.9% in FAR and 93.5% in FRR
Error Rate vs. Number of keys
1820
u10 u14 u1514
u10 u14 u15
y
12141618
10
12
68
1012
6
8
FRR (%
)
FAR (%
)
0246
0
2
4
0
150 200 250 300 350
Number of Keypresses
0
150 200 250 300 350
Number of Keypresses
22 of 28
Training and Testing times
30 2.5
g g
20
25
e (secs)
1 5
2
e (secs)
10
15
aining
Tim
e
1
1.5
esting
Tim
e0
5Tra
0
0.5Te
23 of 28
Limitations
• Identification delay of 250 keystrokes• Identification delay of 250 keystrokes
• Accuracy sensitive to size of training data
• Not for QWERTY keyboard and Touch Screen smart phonesScreen smart phones
• Large training time
• Non‐Resilient to OS reinstallation
24 of 28
Overview of the Contribution
1 Identification of the problem domain as a bio inspired1. Identification of the problem domain as a bio‐inspired classification problem
2. A Keystroke‐based User Identification System for Smart Phones with 93% improvement
3. Low runtime complexity ‐‐> Real world deployable
4. Dataset: will be released very soon
25 of 28
Acknowledgementg
• Information Communication Technology• Information Communication Technology Research and Development Fund (ICTR D F d) Mi i t f IT P ki t(ICTRnD Fund), Ministry of IT, Pakistanwww.ictrdf.org.pk
26 of 28
Screen shot of a desktop based d i ti d tderivative product
27 of 28