Making impostor pass rates meaningless: A case of snoop-forge-replay attack on continuous cyber-behavioral verification with keystrokes

Khandaker A. Rahman, Kiran S. Balagani, Vir V. Phoha

Research output: Chapter in Book/Report/Conference proceedingConference contribution

18 Scopus citations

Abstract

Previous efforts in continuous cyber-behavioral verification have considered only zero-effort impostor attacks. Taking continuous verification with keystroke dynamics as a case in point, we demonstrate that forgery attempts created using snooped information (stolen keystroke timing information in our case) have alarmingly high success rates. In our experiments, with as little as 50 to 200 snooped keystrokes (roughly, less than two lines of text typed in a typical email), we were able to create forgeries that had as high as 87.75 percent success rates against verifier configurations that showed less than 11 percent "zero-effort" impostor pass rates. We performed experiments using keystroke data from 50 users who typed approximately 1300 to 2900 keystrokes of free text during three different periods. Our experiments consisted of two parts. In the first part, we conducted zero-effort verification experiments with two verifiers ("R" and "S") and obtained EERs between 10 and 15 percent under various verifier configurations. In the second part, we replayed 10,000 forged impostor attempts per user and demonstrated how the zero-effort impostor pass rates became meaningless when impostor attempts were created using stolen keystroke timing information.

Original languageEnglish (US)
Title of host publication2011 IEEE Computer Society Conference on Computer Vision and Pattern Recognition Workshops, CVPRW 2011
DOIs
StatePublished - Oct 31 2011
Event2011 IEEE Computer Society Conference on Computer Vision and Pattern Recognition Workshops, CVPRW 2011 - Colorado Springs, CO, United States
Duration: Jun 20 2011Jun 25 2011

Publication series

NameIEEE Computer Society Conference on Computer Vision and Pattern Recognition Workshops
ISSN (Print)2160-7508
ISSN (Electronic)2160-7516

Other

Other2011 IEEE Computer Society Conference on Computer Vision and Pattern Recognition Workshops, CVPRW 2011
CountryUnited States
CityColorado Springs, CO
Period6/20/116/25/11

ASJC Scopus subject areas

  • Computer Vision and Pattern Recognition
  • Electrical and Electronic Engineering

Fingerprint Dive into the research topics of 'Making impostor pass rates meaningless: A case of snoop-forge-replay attack on continuous cyber-behavioral verification with keystrokes'. Together they form a unique fingerprint.

  • Cite this

    Rahman, K. A., Balagani, K. S., & Phoha, V. V. (2011). Making impostor pass rates meaningless: A case of snoop-forge-replay attack on continuous cyber-behavioral verification with keystrokes. In 2011 IEEE Computer Society Conference on Computer Vision and Pattern Recognition Workshops, CVPRW 2011 [5981729] (IEEE Computer Society Conference on Computer Vision and Pattern Recognition Workshops). https://doi.org/10.1109/CVPRW.2011.5981729