欺骗按键延迟与生成键击动力学模型

2015 IEEE 7th International Conference on Biometrics Theory, Applications and Systems (BTAS) Pub Date : 2015-12-17 DOI:10.1109/BTAS.2015.7358795

John V. Monaco, M. Ali, C. Tappert

{"title":"欺骗按键延迟与生成键击动力学模型","authors":"John V. Monaco, M. Ali, C. Tappert","doi":"10.1109/BTAS.2015.7358795","DOIUrl":null,"url":null,"abstract":"This work provides strong empirical evidence for a two-state generative model of typing behavior in which the user can be in either a passive or active state. Given key-press latencies with missing key names, the model is then used to spoof the key-press latencies of a user by exploiting the scaling behavior between inter-key distance and key-press latency. Key-press latencies with missing key names can be remotely obtained over a network by observing traffic from an interactive application, such as SSH in interactive mode. The proposed generative model uses this partial information to perform a key-press-only sample-level attack on a victim's keystroke dynamics template. Results show that some users are more susceptible to this type of attack than others. For about 10% of users, the spoofed samples obtain classifier output scores of at least 50% of those obtained by authentic samples. With at least 50 observed keystrokes, the chance of success over a zero-effort attack doubles on average.","PeriodicalId":404972,"journal":{"name":"2015 IEEE 7th International Conference on Biometrics Theory, Applications and Systems (BTAS)","volume":"13 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-12-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"22","resultStr":"{\"title\":\"Spoofing key-press latencies with a generative keystroke dynamics model\",\"authors\":\"John V. Monaco, M. Ali, C. Tappert\",\"doi\":\"10.1109/BTAS.2015.7358795\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"This work provides strong empirical evidence for a two-state generative model of typing behavior in which the user can be in either a passive or active state. Given key-press latencies with missing key names, the model is then used to spoof the key-press latencies of a user by exploiting the scaling behavior between inter-key distance and key-press latency. Key-press latencies with missing key names can be remotely obtained over a network by observing traffic from an interactive application, such as SSH in interactive mode. The proposed generative model uses this partial information to perform a key-press-only sample-level attack on a victim's keystroke dynamics template. Results show that some users are more susceptible to this type of attack than others. For about 10% of users, the spoofed samples obtain classifier output scores of at least 50% of those obtained by authentic samples. With at least 50 observed keystrokes, the chance of success over a zero-effort attack doubles on average.\",\"PeriodicalId\":404972,\"journal\":{\"name\":\"2015 IEEE 7th International Conference on Biometrics Theory, Applications and Systems (BTAS)\",\"volume\":\"13 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2015-12-17\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"22\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2015 IEEE 7th International Conference on Biometrics Theory, Applications and Systems (BTAS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/BTAS.2015.7358795\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 IEEE 7th International Conference on Biometrics Theory, Applications and Systems (BTAS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/BTAS.2015.7358795","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 22

摘要

这项工作为打字行为的两状态生成模型提供了强有力的经验证据，其中用户可以处于被动或主动状态。给定缺少键名的按键延迟，然后使用该模型利用键间距离和按键延迟之间的缩放行为来欺骗用户的按键延迟。通过观察来自交互式应用程序(如交互式模式下的SSH)的流量，可以通过网络远程获得缺少密钥名称的按键延迟。提出的生成模型使用该部分信息对受害者的击键动力学模板执行仅按键的样本级攻击。结果表明，一些用户比其他用户更容易受到这种类型的攻击。对于大约10%的用户，欺骗样本获得的分类器输出分数至少是真实样本的50%。如果观察到至少50次击键，平均而言，零努力攻击的成功几率会增加一倍。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Spoofing key-press latencies with a generative keystroke dynamics model

This work provides strong empirical evidence for a two-state generative model of typing behavior in which the user can be in either a passive or active state. Given key-press latencies with missing key names, the model is then used to spoof the key-press latencies of a user by exploiting the scaling behavior between inter-key distance and key-press latency. Key-press latencies with missing key names can be remotely obtained over a network by observing traffic from an interactive application, such as SSH in interactive mode. The proposed generative model uses this partial information to perform a key-press-only sample-level attack on a victim's keystroke dynamics template. Results show that some users are more susceptible to this type of attack than others. For about 10% of users, the spoofed samples obtain classifier output scores of at least 50% of those obtained by authentic samples. With at least 50 observed keystrokes, the chance of success over a zero-effort attack doubles on average.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2015 IEEE 7th International Conference on Biometrics Theory, Applications and Systems (BTAS)

自引率

0.00%

发文量