Identity authentication based on keystroke dynamics for mobile device users

Abstract

• A valid user modeling method which combines stable centroids and centroid fluctuation ranges. • A data cleaning algorithm in order to remove abnormal data. • A fixed centroid clustering algorithm by using the stable cluster centroids as the initial centroids. • An authentication method based on fluctuation ranges of centroid positions. User authentication of mobile devices is an important means to protect data security and user privacy. Low overhead, high accuracy and continuous authentication are challenging problems in user authentication. Aiming at the disadvantages of current authentication methods based on keystroke dynamics such as low accuracy and one-time authentication, this paper proposes a new authentication method named UIKI (User Identity authentication method based on clusters of Keystroke time Intervals). UIKI consists of the valid user modeling phase and the runtime user authentication phase. In the valid user modeling phase, UIKI uses a clustering algorithm to find the stable centroids and the fluctuation range of a valid user's centroid positions. In the runtime user authentication phase, UIKI clusters the data to be authenticated with the stable centroids as the initial centroids, and compares the results of clustering with the stable centroids and the centroid fluctuation range of the valid user to determine whether the input data are from the valid user. Experimental results prove that UIKI has the average FAR (False Accept Rate) of 0.082 and the average FRR (False Reject Rate) of 0.052, which can effectively authenticate a user's identity. UIKI has the advantages of high accuracy, low overhead and continuous authentication, which is suitable for the user authentication of mobile devices.