RAID ‐ 2009 K Keystroke ‐ based User t k b d U Identification on Smart Phones Saira Zahid 1 , Muhammad Shahzad 1 , Syed Ali Khayam 1,2 , , , y y , Muddassar Farooq 1 1 Next Generation Intelligent Networks Research Center 2 School of Electrical Engineering & Computer Sciences g g g p National University of Computer & Emerging Sciences National University of Sciences & Technology Islamabad, Pakistan Islamabad, Pakistan http://www.nexginrc.org http://wisnet.seecs.edu.pk
How did the paper get accepted??? How did the paper get accepted??? • Extensive use of the words – Smart Phones – Model Model 2 of 28
Motivation behind User Identification on Smart Phones • Mobile computing devices combine three extremely potent concepts p p • computing • mobility y • miniaturization 3 of 28
Motivation (Contd ) Motivation (Contd.) SUMMARY FIGURE SUMMARY FIGURE • May 2009 M 2009 PROJECTED GLOBAL SALES FOR BCC Research group report : SMARPHONES, 2006 ‐ 2013 ($ MILLIONS) “Global Market for Smart Phones and PDAs” (USD 4850) 160 – 2008: Smart Phones market 140 120 120 generated $58 7 billion generated $58.7 billion 100 – 2013: expected to increase to 80 $153.3 billion 60 40 20 0 2006 2007 2008 2013 4 of 28
Objectives of the user identification system 1. Correct classification 2 2. Quick User identification Quick User identification 3. Continuous monitoring 4. Resource efficient and light weight solutions solutions 5 of 28
Existing Methods Existing Methods 6 of 28
The solution??? The solution??? � � • Keystroke Dynamics K k D i 45 45 40 40 40 40 35 35 30 30 R (%) R (%) 25 25 20 20 20 20 FA FR 15 15 10 10 5 5 0 0 0 0 Unacceptable method. Say goodbye to keystroke dynamics 7 of 28
The Classification Challenge The Classification Challenge 8 of 28
The Classification Challenge The Classification Challenge • A problem of A problem of Bio ‐ inspired classification classification 9 of 28
A Tri ‐ Mode System for User Identification Tri ‐ Mode Tri Mode System Learning Detection Verification M d Mode M d Mode M d Mode 10 of 28
11 of 28
Learning Mode Learning Mode • An optimizer fine tunes rule base and database of a Fuzzy Classifier y – Genetic Algorithm (GA) • Darwinian Evolution • Darwinian Evolution – Particle Swarm Optimization (PSO) • Feedback • Feedback – Hybrid of PSO and GA: • Feedback controlled Darwinian Evolution • Feedback controlled Darwinian Evolution 12 of 28
Detection Mode Detection Mode • Fuzzy classifier trained and ready • Continuous user monitoring Continuous user monitoring – We don’t know what will the user write • Classification is done after e er 250 ke • Classification is done after every 250 key presses – If the user is legitimate user, the system keeps on monitoring further – If it raises as alarm, the system goes to verification mode 13 of 28
Verification Mode Verification Mode • Activated when Detection Mode raises • Activated when Detection Mode raises an alarm • PIN based authentication – match the typing behavior yp g • we already know what is coming next – Very accurate Very accurate 14 of 28
Verification Mode (The Maths) Verification Mode (The Maths) 15 of 28
Dataset Dataset • A Key Logging application for Symbian • A Key Logging application for Symbian based Nokia phones • 25 users, 7 days – From diverse backgrounds g – Includes students researchers professors people students, researchers, professors, people from corporate world, senior citizens businessmen engineers etc citizens, businessmen, engineers etc 16 of 28
Visual Representation of features p 17 of 28
Non ‐ Adjacent d Horizontal Digraph Adjacent Adjacent Vertical Digraph Vertical Digraph Horizontal Digraph Non ‐ Adjacent Vertical Digraph
Visual Representation of features p 19 of 28
Experiments and Results p • Nature of Classification – PSO ‐ GA ‐ Fuzzy scheme: Two class classification – Verification mode: Anomaly detection scheme • For training we take 1 user as legitimate and 4 random users as imposters • Testing done on remaining 20 users and the legitimate user • The user used as imposter in training is never presented for testing 20 of 28
Accuracy Analysis y y 45 45 40 40 35 35 30 30 FAR (%) FRR (%) 25 25 20 20 15 15 15 15 10 10 5 5 0 0 0 0 An improvement of 92.9% in FAR and 93.5% in FRR 21 of 28
Error Rate vs. Number of keys y 20 14 u10 u14 u15 u10 u14 u15 18 18 12 16 10 14 12 12 8 FAR (%) FRR (%) 10 6 8 6 6 4 4 2 2 0 0 0 0 150 200 250 300 350 150 200 250 300 350 Number of Keypresses Number of Keypresses 22 of 28
Training and Testing times g g 30 2.5 25 2 e (secs) e (secs) 20 1.5 1 5 aining Time esting Time 15 1 10 Tra Te 0.5 5 0 0 23 of 28
Limitations • Identification delay of 250 keystrokes • Identification delay of 250 keystrokes • Accuracy sensitive to size of training data • Not for QWERTY keyboard and Touch Screen smart phones Screen smart phones • Large training time • Non ‐ Resilient to OS reinstallation 24 of 28
Overview of the Contribution 1 Identification of the problem domain as a bio inspired 1. Identification of the problem domain as a bio ‐ inspired classification problem 2. A Keystroke ‐ based User Identification System for Smart Phones with 93% improvement 3. Low runtime complexity ‐‐ > Real world deployable 4. Dataset: will be released very soon 25 of 28
Acknowledgement g • Information Communication Technology • Information Communication Technology Research and Development Fund (ICTR D F (ICTRnD Fund), Ministry of IT, Pakistan d) Mi i t f IT P ki t www.ictrdf.org.pk 26 of 28
Screen shot of a desktop based d derivative product i ti d t 27 of 28
Recommend
More recommend
