Towards liveness detection in keystroke dynamics: Revealing synthetic forgeries

Abstract

While the accuracy of keystroke dynamics verification systems has traditionally been evaluated using a zero-effort attack model, the current trend is to recognize that such an approach is too optimistic. Attacks using statistical models and synthetic forgeries have been shown to achieve significant rates of success, motivating the study of methods for improving the imitation of legitimate user’s keystroke timings as well as the detection of such counterfeits. For these purposes, we introduce two methods using higher-order contexts and empirical distributions to generate artificial samples of keystroke timings, together with a liveness detection system for keystroke dynamics that leverages them as adversaries. To aid with this objective, we present a family of distances based on the smoothed empirical cumulative distributions of keystroke timings. One of the proposed spoofing methods outperforms other spoofing methods previously evaluated in the literature by a large margin, doubling and sometimes tripling their false acceptance rates, to around 15%, when data of the targeted user is available. If only general population data is available to an attacker, the liveness detection system achieves false acceptance and false rejection rates between 1% and 2%, consistently, over three publicly available datasets previously used in other keystroke dynamics studies. • The ability of synthetic forgeries of keystroke dynamics samples to fool verification systems can be improved by leveraging higher-order contexts and empirical distributions of keystroke timings. • Highly effective countermeasures against synthetic forgeries crafted with general population data can be implemented in keystroke dynamics verification systems. • These countermeasures remain partially effective even when an attacker has gained access to all the user samples. • Distances based on the smoothed empirical cumulative distributions of keystroke timings are an effective means of distinguishing synthetic forgeries from samples of the legitimate human user.