Repetition and Template Generalisability for Instance-Based Keystroke Biometric Systems

Abstract

Keystroke timings can be used as a behavioural biometric, enabling passive and non-intrusive authentication. Fixed-text keystroke biometric systems involve the acquisition of keypress timings when typing a single phrase. They can be used in conjunction with a standard password authentication system to provide an increased level of security. Design decisions need to be made regarding the different technical aspects (e.g., feature sets, matching mechanism, etc.) of the system and there is a wealth of literature to guide this process. However, there is an absence of knowledge available when it comes to understanding how repetitions in user samples and characteristics of the password provided over an extended timeline can impact the system’s accuracy. In this paper, timings are collected from 65 participants, who are required to type the same passwords 4 times per week for 8 weeks, yielding a total of 81,920 timing datasets. A systematic analysis is then performed for each of the 8 weeks, following the same template creation and matching process, to gain an understanding of which week’s timings produce more generalised templates, providing a lower Equal Error Rate when matched against samples from all weeks.