Abstract
Through the application of a password-based authentication technique, users are granted permission to access a secure system when the username and password matches with that logged in database of the system. Furthermore, anyone who provides the correct username and password of a valid user will be able to log in to the secure network. In current circumstances, impostors can hack the system to obtain a user’s password, while it has also been easy to find out a person’s private password. Thus, the existing structure is exceptionally flawed. One way to strengthen the password-based authentication technique, is by keystroke dynamics. In the proposed keystroke dynamics based authentication system, despite the password match, the similarity between the typing pattern of the typed password and password samples in the training database are verified. The timing features of the user’s keystroke dynamics are collected to calculate the threshold values. In this paper, a novel algorithm is proposed to authenticate the legal users based on the empirical threshold values. The first step involves the extraction of timing features from the typed password samples. The password training database for each user is constructed using the extracted features. Moreover, the empirical threshold limits are calculated from the timing features in the database. The second step involves user authentication by applying these threshold values. The experimental analyses are carried out in MATLAB simulation, and the results indicate a significant reduction in false rejection rate and false acceptance rate. The proposed methodology yields very low equal error rate of 0.5% and the authentication accuracy of 99.5%, which are considered suitable and efficient for real-time implementation. The proposed method can be a useful resource for identifying illegal invasion and is valuable in securing the system as a correlative or substitute form of client validation.
Highlights
Due to the extended application of computers in financial, mechanical, military and individual exercises, a stringent framework to safeguard the storage of essential data has never been more imperative (Hemanidhi & Chimmanee, 2017; Hussien, Muda, & Yasin, 2018)
This paper studied the application of a novel keystroke dynamics based authentication (KDA) method based on empirical threshold values that was developed to authenticate a legal client who accesses a secure web page or application
Various analyses were carried out in different environmental conditions, and the results suggested that the proposed KDA method with the aid of empirical thresholding algorithm and database update rule has established a better security level compared to other existing techniques
Summary
Due to the extended application of computers in financial, mechanical, military and individual exercises, a stringent framework to safeguard the storage of essential data has never been more imperative (Hemanidhi & Chimmanee, 2017; Hussien, Muda, & Yasin, 2018). Unauthorized access to log into secure systems can lead to significant financial misfortune, it is mandatory to construct high quality security measures in these computer networks (Mihajlov, Jerman-Blažič, & Ciunova Shuleska, 2016; Mohsin, Bakar, Hamdan, & Abdul, 2018). Authentication is defined as the method of validating a legal user to access the secure network. The validation can be accomplished by cross-checking the distinct characteristics of a person. Based on the user’s distinct characteristics, the authentication methods can be classified as token-based, knowledge-based and biometrics-based.
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: Journal of Information and Communication Technology
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
