A Keystroke-based Continuous User Authentication in Virtual Desktop Infrastructure

Abstract

Demand for remote work has surged as the COVID-19 epidemic has spread around the world. As one of the main implementations of desktop virtualization, Virtual Desktop Infrastructure (VDI) is popular and widely used in corporate remote work. A VDI user can connect to and use a virtual machine in a remote data center by logging in with a username and password using any device anywhere with Internet access. VDI has mobile convenience but is at risk of password leakage and insider threat. Traditional authentication methods, such as password and PIN, cannot withstand these threats. This work presents a keystroke-based continuous user authentication based on the Bidirectional Long Short-Term Memory (Bi-LSTM) network and embedding mechanism in deep learning to defend against such risks. It verifies the current user's identity based on the user's typing behavior continuously and non-invasively. We implement it on SPICE VDI and evaluate its performance and deployment feasibility on a public keystroke dataset - the Clarkson II dataset, which collected in uncontrolled and natural settings. The results show that it achieves state-of-art performance. It detects intruders with 8.28% of EER when only using 30 keystrokes and 0.85% of EER when using 990 keystrokes.