RAID ‐ 2009

K t k b d UKeystroke‐based User Identification on Smart Phones

Saira Zahid1, Muhammad Shahzad1, Syed Ali Khayam1,2,, , y y ,

Muddassar Farooq1

1 Next Generation Intelligent Networks Research Center 2 School of Electrical Engineering & Computer Sciencesg

National University of Computer & Emerging Sciences

Islamabad, Pakistan

http://www.nexginrc.org

g g p

National University of Sciences & Technology

Islamabad, Pakistan

http://wisnet.seecs.edu.pk

How did the paper get accepted???How did the paper get accepted???

• Extensive use of the words 

–Smart Phones

–ModelModel

2 of 28

Motivation behind User Identification on Smart Phones 

• Mobile computing devices combine three extremely potent concepts 

• computing

p p

• mobility • miniaturizationy

3 of 28

Motivation (Contd )

SUMMARY FIGUREM 2009

Motivation (Contd.)

SUMMARY FIGUREPROJECTED GLOBAL SALES FOR SMARPHONES, 2006‐2013

($ MILLIONS)

• May 2009

BCC Research group report : “Global Market for Smart 

120140160Phones and PDAs” (USD 4850)

– 2008: Smart Phones market generated $58 7 billion

6080100120generated $58.7 billion

– 2013: expected to increase to $153.3 billion

02040

4 of 28

2006 2007 2008 2013

Objectives of the user identification system

1. Correct classification

2 Quick User identification2. Quick User identification

3. Continuous monitoring

4. Resource efficient and light weight solutionssolutions

5 of 28

Existing MethodsExisting Methods

6of 28

The solution???

K k D i

The solution???

• Keystroke Dynamics

4045

4045

2025303540

R (%

)

2025303540

R (%

)

05101520

FA

05101520

FR

0 0

7 of 28Unacceptable method. Say goodbye to keystroke dynamics

The Classification ChallengeThe Classification Challenge

8of 28

The Classification ChallengeThe Classification Challenge

• A problem ofA problem of Bio‐inspired classificationclassification

9 of 28

A Tri‐Mode System for User Identification

Tri‐ModeTri Mode System

Learning M d

Detection M d

Verification M dMode Mode Mode

10 of 28

11 of 28

Learning ModeLearning Mode

• An optimizer fine tunes rule base and database of a Fuzzy Classifiery–Genetic Algorithm (GA)

• Darwinian Evolution• Darwinian Evolution

–Particle Swarm Optimization (PSO)• Feedback• Feedback

– Hybrid of PSO and GA:• Feedback controlled Darwinian Evolution

12 of 28

• Feedback controlled Darwinian Evolution

Detection ModeDetection Mode

• Fuzzy classifier trained and ready

• Continuous user monitoringContinuous user monitoring – We don’t know what will the user write

• Classification is done after e er 250 ke• Classification is done after every 250 key presses– If the user is legitimate user, the system keeps on monitoring further

13 of 28

– If it raises as alarm,  the system goes to verification mode

Verification Mode

• Activated when Detection Mode raises

Verification Mode

• Activated when Detection Mode raises an alarm

• PIN based authentication–match the typing behavior yp g

• we already know what is coming next 

–Very accurateVery accurate

14 of 28

Verification Mode (The Maths)Verification Mode (The Maths)

15 of 28

Dataset

• A Key Logging application for Symbian

Dataset

• A Key Logging application for Symbianbased Nokia phones

• 25 users, 7 days– From diverse backgroundsg

– Includes students researchers professors peoplestudents, researchers, professors, people from corporate world, senior citizens businessmen engineers etc

16 of 28

citizens, businessmen, engineers etc

Visual Representation of featuresp

17 of 28

d

Adjacent 

Non‐Adjacent Horizontal Digraph

Adjacent Vertical Digraph

Horizontal DigraphVertical Digraph

Non‐Adjacent Vertical Digraph

Visual Representation of featuresp

19 of 28

Experiments and Results

• Nature of Classification

p

– PSO‐GA‐Fuzzy scheme: Two class classification

– Verification mode: Anomaly detection scheme

• For training we take 1 user as legitimate and 4 random users as imposters

• Testing done on remaining 20 users and the legitimate user

• The user used as imposter in training is never presented for testing

20 of 28

Accuracy Analysisy y

354045

354045

15202530

FAR (%

)

15202530

FRR (%

)051015

051015

0 0

21 of 28An improvement of 92.9% in FAR and 93.5% in FRR

Error Rate vs. Number of keys

1820

u10 u14 u1514

u10 u14 u15

y

12141618

10

12

68

1012

6

8

FRR (%

)

FAR (%

)

0246

0

2

4

0

150 200 250 300 350

Number of Keypresses

0

150 200 250 300 350

Number of Keypresses

22 of 28

Training and Testing times

30 2.5

g g

20

25

e (secs)

1 5

2

e (secs)

10

15

aining

 Tim

e

1

1.5

esting

 Tim

e0

5Tra

0

0.5Te

23 of 28

Limitations

• Identification delay of 250 keystrokes• Identification delay of 250 keystrokes

• Accuracy sensitive to size of training data

• Not for QWERTY keyboard and Touch Screen smart phonesScreen smart phones

• Large training time

• Non‐Resilient to OS reinstallation

24 of 28

Overview of the Contribution

1 Identification of the problem domain as a bio inspired1. Identification of the problem domain as a bio‐inspired classification problem

2. A Keystroke‐based User Identification System for Smart Phones with 93% improvement

3. Low runtime complexity ‐‐> Real world deployable

4. Dataset: will be released very soon

25 of 28

Acknowledgementg

• Information Communication Technology• Information Communication Technology Research and Development Fund (ICTR D F d) Mi i t f IT P ki t(ICTRnD Fund), Ministry of IT, Pakistanwww.ictrdf.org.pk

26 of 28

Screen shot of a desktop based d i ti d tderivative product

27 of 28