Introduction Methodology Experimental results Conclusions Spoofing key-press latencies with a generative keystroke dynamics model John V. Monaco Md Liakat Ali Charles C. Tappert Pace University, NY September 11, 2015 John V. Monaco Md Liakat Ali Charles C. Tappert Spoofing key-press latencies with a generative keystroke dynamics
Introduction Methodology Experimental results Conclusions Outline Introduction 1 Methodology 2 Experimental results 3 Conclusions 4 John V. Monaco Md Liakat Ali Charles C. Tappert Spoofing key-press latencies with a generative keystroke dynamics
Introduction Methodology Experimental results Conclusions Scenario. John V. Monaco Md Liakat Ali Charles C. Tappert Spoofing key-press latencies with a generative keystroke dynamics
Introduction Methodology Experimental results Conclusions Typing behavior. John V. Monaco Md Liakat Ali Charles C. Tappert Spoofing key-press latencies with a generative keystroke dynamics
Introduction Methodology Experimental results Conclusions Predicted key-press latency distributions. Buffer delays Motor delays John V. Monaco Md Liakat Ali Charles C. Tappert Spoofing key-press latencies with a generative keystroke dynamics
Introduction Methodology Experimental results Conclusions Two-state hidden Markov model. 8 parameter model almost perfectly reproduces the empirical distribution of key-press latencies for every user John V. Monaco Md Liakat Ali Charles C. Tappert Spoofing key-press latencies with a generative keystroke dynamics
Introduction Methodology Experimental results Conclusions Empirical and model CDF. Empirical CDF (solid blue) and model CDF (dashed black) for 2 users John V. Monaco Md Liakat Ali Charles C. Tappert Spoofing key-press latencies with a generative keystroke dynamics
Introduction Methodology Experimental results Conclusions Goodness of fit test. A s Surrogate Sample Surrogate Model Surrogate Sample Surrogate Model A Empirical Sample Empirical Model Surrogate Sample Surrogate Model P ( | A s −⟨ A s ⟩ | > | A −⟨ A s ⟩ | ) John V. Monaco Md Liakat Ali Charles C. Tappert Spoofing key-press latencies with a generative keystroke dynamics
Introduction Methodology Experimental results Conclusions Goodness of fit test results. John V. Monaco Md Liakat Ali Charles C. Tappert Spoofing key-press latencies with a generative keystroke dynamics
Introduction Methodology Experimental results Conclusions Keyboard coordinates. John V. Monaco Md Liakat Ali Charles C. Tappert Spoofing key-press latencies with a generative keystroke dynamics
Introduction Methodology Experimental results Conclusions Scaling between latency and distance. Log key-press latency vs. inter-key distance for fast and slow typists John V. Monaco Md Liakat Ali Charles C. Tappert Spoofing key-press latencies with a generative keystroke dynamics
Introduction Methodology Experimental results Conclusions Latency-distance slope vs. typing speed. John V. Monaco Md Liakat Ali Charles C. Tappert Spoofing key-press latencies with a generative keystroke dynamics
Introduction Methodology Experimental results Conclusions Spoofing procedure. Observe key-press latencies with missing key names Determine which latencies correspond to an active typing state using a 2-state HMM Use the latency inter-key distance scaling behavior to generate latencies for a predefined text John V. Monaco Md Liakat Ali Charles C. Tappert Spoofing key-press latencies with a generative keystroke dynamics
Introduction Methodology Experimental results Conclusions Recover the victim’s typing behavior. Solve a system of equations to recover the expected key-press latencies for each unique inter-key distance in the predefined text C µ µ δ i − µ δ j = δ i − δ j C σ σ δ i − σ δ j = δ i − δ j µ s = µ 1 = ∑ w δ µ δ 1 = ∑ w δ (( µ δ − µ 1 ) 2 + σ 2 σ 2 s = σ 2 δ ) John V. Monaco Md Liakat Ali Charles C. Tappert Spoofing key-press latencies with a generative keystroke dynamics
Introduction Methodology Experimental results Conclusions Empirical data. 129 users, 4 samples each 751 ± 94 keystrokes per sample Key-press latency τ i = t i − t i − 1 (1) John V. Monaco Md Liakat Ali Charles C. Tappert Spoofing key-press latencies with a generative keystroke dynamics
Introduction Methodology Experimental results Conclusions Experiment protocol. Use the dichotomy classifier with key-press latency features Obtain zero-effort results in the usual way (authenticating every combination of users) Obtain spoofed results by observing the latencies with missing key names and generating a sample for the predefined text Stratified 4-fold cross validation John V. Monaco Md Liakat Ali Charles C. Tappert Spoofing key-press latencies with a generative keystroke dynamics
Introduction Methodology Experimental results Conclusions ROC curves for zero-effort and spoofed attacks. Zero-effort: 7.5% EER Spoofed: 12.9% EER John V. Monaco Md Liakat Ali Charles C. Tappert Spoofing key-press latencies with a generative keystroke dynamics
Introduction Methodology Experimental results Conclusions Relative increase in error over zero-effort. John V. Monaco Md Liakat Ali Charles C. Tappert Spoofing key-press latencies with a generative keystroke dynamics
Introduction Methodology Experimental results Conclusions Summary. With at least 50 observed keystrokes, the chance of success over a zero-effort attack doubles on average Worth exploring further? Yes Next steps? Model key-release times John V. Monaco Md Liakat Ali Charles C. Tappert Spoofing key-press latencies with a generative keystroke dynamics
Introduction Methodology Experimental results Conclusions Thank you. Thank you John V. Monaco Md Liakat Ali Charles C. Tappert Spoofing key-press latencies with a generative keystroke dynamics
Recommend
More recommend
