International Business Machines Corporation
COMPUTER SECURITY FORENSICS BASED ON TEMPORAL TYPING CHANGES OF AUTHENTICATION CREDENTIALS

Abstract:

Aspects of the present invention disclose a method, computer program product, and system for employing keystroke dynamics authentication. The method includes one or more processors recording, for a plurality of users, a respective keystroke session of multiple typing samples (typed consecutively) of a credential associated with a respective user of the plurality. The method further includes extracting a set of features that characterize typing changes between the multiple typing samples. The method further includes detecting repeated typing of a certain one of the credentials that is associated with a certain user of the plurality. The method further includes extracting, from the repeated typing of the certain credential, a set of features that characterize typing changes between repetitions. The method further includes comparing the feature set extracted from the repeated typing against feature sets extracted from a set of the keystroke sessions, estimating which user is the first user.