{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,31]],"date-time":"2025-12-31T07:46:34Z","timestamp":1767167194720,"version":"build-2238731810"},"reference-count":47,"publisher":"Association for Computing Machinery (ACM)","issue":"2","license":[{"start":{"date-parts":[[2013,9,1]],"date-time":"2013-09-01T00:00:00Z","timestamp":1377993600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100000181","name":"Air Force Office of Scientific Research","doi-asserted-by":"publisher","award":["FA9550-10-1-0289, FA9550-09-1-0479"],"award-info":[{"award-number":["FA9550-10-1-0289, FA9550-09-1-0479"]}],"id":[{"id":"10.13039\/100000181","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Trans. Inf. Syst. Secur."],"published-print":{"date-parts":[[2013,9]]},"abstract":"<jats:p>Research on keystroke-based authentication has traditionally assumed human impostors who generate forgeries by physically typing on the keyboard. With bots now well understood to have the capacity to originate precisely timed keystroke sequences, this model of attack is likely to underestimate the threat facing a keystroke-based system in practice. In this work, we investigate how a keystroke-based authentication system would perform if it were subjected to synthetic attacks designed to mimic the typical user. To implement the attacks, we perform a rigorous statistical analysis on keystroke biometrics data collected over a 2-year period from more than 3000 users, and then use the observed statistical traits to design and launch algorithmic attacks against three state-of-the-art password-based keystroke verification systems.<\/jats:p>\n                  <jats:p>Relative to the zero-effort attacks typically used to test the performance of keystroke biometric systems, we show that our algorithmic attack increases the mean Equal Error Rates (EERs) of three high performance keystroke verifiers by between 28.6% and 84.4%. We also find that the impact of the attack is more pronounced when the keystroke profiles subjected to the attack are based on shorter strings, and that some users see considerably greater performance degradation under the attack than others. This article calls for a shift from the traditional zero-effort approach of testing the performance of password-based keystroke verifiers, to a more rigorous algorithmic approach that captures the threat posed by today\u2019s bots.<\/jats:p>","DOI":"10.1145\/2516960","type":"journal-article","created":{"date-parts":[[2020,4,4]],"date-time":"2020-04-04T03:42:17Z","timestamp":1585971737000},"page":"1-30","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":47,"title":["Examining a Large Keystroke Biometrics Dataset for Statistical-Attack Openings"],"prefix":"10.1145","volume":"16","author":[{"given":"Abdul","family":"Serwadda","sequence":"first","affiliation":[{"name":"Louisiana Tech University"}]},{"given":"Vir V.","family":"Phoha","sequence":"additional","affiliation":[{"name":"Louisiana Tech University"}]}],"member":"320","published-online":{"date-parts":[[2013,9]]},"reference":[{"key":"e_1_2_1_1_1","unstructured":"Aivils S. 2005. Ubuntu manuals. http:\/\/manpages.ubuntu.com\/manpages\/gutsy\/man8\/xsendkeycode.8.html.  Aivils S. 2005. Ubuntu manuals. http:\/\/manpages.ubuntu.com\/manpages\/gutsy\/man8\/xsendkeycode.8.html."},{"key":"e_1_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.patrec.2011.02.014"},{"key":"e_1_2_1_4_1","volume-title":"Proceedings of the 10th International Workshop on the Foundations of Handwriting Recognition. 461--466","author":"Ballard L.","unstructured":"Ballard , L. , Lopresti , D. , and Monrose , F . 2006a. Evaluating the security of handwriting biometrics . In Proceedings of the 10th International Workshop on the Foundations of Handwriting Recognition. 461--466 . Ballard, L., Lopresti, D., and Monrose, F. 2006a. Evaluating the security of handwriting biometrics. In Proceedings of the 10th International Workshop on the Foundations of Handwriting Recognition. 461--466."},{"key":"e_1_2_1_5_1","volume-title":"Proceedings of the 15th Conference on USENIX Security Symposium.","volume":"15","author":"Ballard L.","unstructured":"Ballard , L. , Monrose , F. , and Lopresti , D . 2006b. Biometric authentication revisited: Understanding the impact of wolves in sheep\u2019s clothing . In Proceedings of the 15th Conference on USENIX Security Symposium. Vol. 15 , USENIX Association, Berkeley, CA. Ballard, L., Monrose, F., and Lopresti, D. 2006b. Biometric authentication revisited: Understanding the impact of wolves in sheep\u2019s clothing. In Proceedings of the 15th Conference on USENIX Security Symposium. Vol. 15, USENIX Association, Berkeley, CA."},{"key":"e_1_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSMCB.2007.903539"},{"key":"e_1_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/1455770.1455801"},{"key":"e_1_2_1_8_1","volume-title":"Proceedings of the 17th Annual USENIX Security Symposium. 61--74","author":"Ballard L.","unstructured":"Ballard , L. , Kamara , S. , and Reiter , M. K . 2008b. The practical subtleties of biometric key generation . In Proceedings of the 17th Annual USENIX Security Symposium. 61--74 . Ballard, L., Kamara, S., and Reiter, M. K. 2008b. The practical subtleties of biometric key generation. In Proceedings of the 17th Annual USENIX Security Symposium. 61--74."},{"key":"e_1_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/277851.277897"},{"key":"e_1_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/581271.581272"},{"key":"e_1_2_1_11_1","volume-title":"Principles of Statistics","author":"Bulmer M. G.","unstructured":"Bulmer , M. G. 1979. Principles of Statistics 2 nd Ed. Dover . Bulmer, M. G. 1979. Principles of Statistics 2nd Ed. Dover.","edition":"2"},{"key":"e_1_2_1_12_1","unstructured":"Doane P. D. and Seward E. L. 2007. Applied Statistics in Business and Economics 1st Ed. McGraw-Hill.  Doane P. D. and Seward E. L. 2007. Applied Statistics in Business and Economics 1st Ed. McGraw-Hill."},{"key":"e_1_2_1_13_1","volume-title":"Proceedings of the European Symposium on Artificial Neural Networks (ESANN\u201906)","author":"Fran\u00e7ois D.","unstructured":"Fran\u00e7ois , D. , Wertz , V. , and Verleysen , M . 2006. The permutation test for feature selection by mutual information . In Proceedings of the European Symposium on Artificial Neural Networks (ESANN\u201906) . 239--244. Fran\u00e7ois, D., Wertz, V., and Verleysen, M. 2006. The permutation test for feature selection by mutual information. In Proceedings of the European Symposium on Artificial Neural Networks (ESANN\u201906). 239--244."},{"key":"e_1_2_1_14_1","volume-title":"Nonparametric Statistical Inference","author":"Gibbons R. D.","unstructured":"Gibbons , R. D. 1985. Nonparametric Statistical Inference 2 nd Ed., M. Dekker . Gibbons, R. D. 1985. Nonparametric Statistical Inference 2nd Ed., M. Dekker.","edition":"2"},{"key":"e_1_2_1_15_1","volume-title":"Proceedings of NSDI\u201909","author":"Gummadi R.","unstructured":"Gummadi , R. , Balakrishnan , H. , Maniatis , P. , and Ratnasamy , S . 2009. Not-a-Bot (NAB): Improving service availability in the face of Botnet attacks . In Proceedings of NSDI\u201909 . Gummadi, R., Balakrishnan, H., Maniatis, P., and Ratnasamy, S. 2009. Not-a-Bot (NAB): Improving service availability in the face of Botnet attacks. In Proceedings of NSDI\u201909."},{"key":"e_1_2_1_16_1","volume-title":"Proceedings of the IEEE Computer Society and IEEE Biometrics Council Workshop on Biometrics (BIOM).","author":"Khandaker R.","unstructured":"Khandaker , R. , Balagani , K. , and Phoha , V . 2011. Making impostor pass rates meaningless: A case of snoop-forge-replay attack on continuous cyber-behavioural verification with keystrokes . In Proceedings of the IEEE Computer Society and IEEE Biometrics Council Workshop on Biometrics (BIOM). Khandaker, R., Balagani, K., and Phoha, V. 2011. Making impostor pass rates meaningless: A case of snoop-forge-replay attack on continuous cyber-behavioural verification with keystrokes. In Proceedings of the IEEE Computer Society and IEEE Biometrics Council Workshop on Biometrics (BIOM)."},{"key":"e_1_2_1_17_1","volume-title":"Proceedings of the 30th International Conference on Very Large Data Bases (VLDB\u201904)","volume":"30","author":"Kifer D.","unstructured":"Kifer , D. , Ben-David , S. , and Gehrke , J . 2004. Detecting change in data streams . In Proceedings of the 30th International Conference on Very Large Data Bases (VLDB\u201904) . Vol. 30 , 180--191. Kifer, D., Ben-David, S., and Gehrke, J. 2004. Detecting change in data streams. In Proceedings of the 30th International Conference on Very Large Data Bases (VLDB\u201904). Vol. 30, 180--191."},{"key":"e_1_2_1_18_1","volume-title":"Proceedings of the 4th Workshop on Security Experimentation and Test (CSET-11)","author":"Killourhy K.","unstructured":"Killourhy , K. and Maxion , R . 2011. Should security researchers experiment more and draw more inferences? In Proceedings of the 4th Workshop on Security Experimentation and Test (CSET-11) . Killourhy, K. and Maxion, R. 2011. Should security researchers experiment more and draw more inferences? In Proceedings of the 4th Workshop on Security Experimentation and Test (CSET-11)."},{"key":"e_1_2_1_19_1","volume-title":"Proceedings of the DSN. 125--134","author":"Killourhy K. S.","unstructured":"Killourhy , K. S. and Maxion , R. A . 2009. Comparing anomaly-detection algorithms for keystroke dynamics . In Proceedings of the DSN. 125--134 . Killourhy, K. S. and Maxion, R. A. 2009. Comparing anomaly-detection algorithms for keystroke dynamics. In Proceedings of the DSN. 125--134."},{"key":"e_1_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/643114.643117"},{"key":"e_1_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1016\/S0020-7373(88)80053-1"},{"key":"e_1_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1080\/01621459.1967.10482916"},{"key":"e_1_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1109\/TR.2005.847279"},{"key":"e_1_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1080\/01621459.1951.10500769"},{"key":"e_1_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1155\/S117391260400015X"},{"key":"e_1_2_1_26_1","volume-title":"Proceedings of NDSS\u201913","author":"Meng T. C.","unstructured":"Meng , T. C. , Gupta , P. , and Gao , D . 2013. I can be you: Questioning the use of keystroke dynamics as a biometric . In Proceedings of NDSS\u201913 . Meng, T. C., Gupta, P., and Gao, D. 2013. I can be you: Questioning the use of keystroke dynamics as a biometric. In Proceedings of NDSS\u201913."},{"key":"e_1_2_1_27_1","volume-title":"Proceedings of the 11th USENIX Security Symposium. USENIX Association","author":"Monrose F.","unstructured":"Monrose , F. , Reiter , M. K. , Li , Q. , Lopresti , D. P. , and Shih , C . 2002. Toward speech-generated cryptographic keys on resource-constrained devices . In Proceedings of the 11th USENIX Security Symposium. USENIX Association , Berkeley, CA, 283--296. Monrose, F., Reiter, M. K., Li, Q., Lopresti, D. P., and Shih, C. 2002. Toward speech-generated cryptographic keys on resource-constrained devices. In Proceedings of the 11th USENIX Security Symposium. USENIX Association, Berkeley, CA, 283--296."},{"key":"e_1_2_1_28_1","doi-asserted-by":"crossref","unstructured":"Monrose F. Reiter M. K. and Wetzel S. 1999. Password hardening based on keystroke dynamics. Int. J. Inf. Sec. ACM Press 73--82.  Monrose F. Reiter M. K. and Wetzel S. 1999. Password hardening based on keystroke dynamics. Int. J. Inf. Sec. ACM Press 73--82.","DOI":"10.1145\/319709.319720"},{"key":"e_1_2_1_29_1","volume-title":"\u201ctrusted","author":"Parno B.","unstructured":"Parno , B. 2008. Bootstrapping trust in a \u201ctrusted \u201d platform. In HotSec. USENIX Association . Parno, B. 2008. Bootstrapping trust in a \u201ctrusted\u201d platform. In HotSec. USENIX Association."},{"key":"e_1_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2004.89"},{"key":"e_1_2_1_31_1","volume-title":"R: A Language and Environment for Statistical Computing","author":"Development Core Team","year":"2008","unstructured":"R Development Core Team . 2008 . R: A Language and Environment for Statistical Computing . R Foundation for Statistical Computing, Vienna, Austria . ISBN 3-900051-07-0. R Development Core Team. 2008. R: A Language and Environment for Statistical Computing. R Foundation for Statistical Computing, Vienna, Austria. ISBN 3-900051-07-0."},{"key":"e_1_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2013.2244091"},{"key":"e_1_2_1_33_1","unstructured":"Ruska J. 2009. Most common passwords lists from 3 Databases. http:\/\/blog.jimmyr.com\/Password analysis of databases that were hacked 28 2009.php.  Ruska J. 2009. Most common passwords lists from 3 Databases. http:\/\/blog.jimmyr.com\/Password analysis of databases that were hacked 28 2009.php."},{"key":"e_1_2_1_34_1","doi-asserted-by":"crossref","unstructured":"Scutari M. and Brogini A. 2011. Bayesian network structure learning with permutation tests. In Statistics for Complex Problems: The Multivariate Permutation Approach and Related Topics Communications in Statistics - Theory & Methods.  Scutari M. and Brogini A. 2011. Bayesian network structure learning with permutation tests. In Statistics for Complex Problems: The Multivariate Permutation Approach and Related Topics Communications in Statistics - Theory & Methods.","DOI":"10.1080\/03610926.2011.593284"},{"key":"e_1_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1145\/2037252.2037263"},{"key":"e_1_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSMCB.2005.846648"},{"key":"e_1_2_1_38_1","volume-title":"Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition (CVPR\u201907)","author":"Sim T.","unstructured":"Sim , T. and Janakiraman , R . 2007. Are digraphs good for free-text keystroke dynamics? In Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition (CVPR\u201907) . 1--6. Sim, T. and Janakiraman, R. 2007. Are digraphs good for free-text keystroke dynamics? In Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition (CVPR\u201907). 1--6."},{"key":"e_1_2_1_39_1","volume-title":"Proceedings of the 10th Conference on USENIX Security Symposium.","volume":"10","author":"Song D. X.","unstructured":"Song , D. X. , Wagner , D. , and Tian , X . 2001. Timing analysis of keystrokes and timing attacks on ssh . In Proceedings of the 10th Conference on USENIX Security Symposium. Vol. 10 . Song, D. X., Wagner, D., and Tian, X. 2001. Timing analysis of keystrokes and timing attacks on ssh. In Proceedings of the 10th Conference on USENIX Security Symposium. Vol. 10."},{"key":"e_1_2_1_40_1","doi-asserted-by":"crossref","unstructured":"Stefan D. Shu X. and Yao D. D. 2011. Robustness of Keystroke-Dynamics based biometrics against synthetic forgeries. Comput. Secur.  Stefan D. Shu X. and Yao D. D. 2011. Robustness of Keystroke-Dynamics based biometrics against synthetic forgeries. Comput. Secur .","DOI":"10.4108\/icst.collaboratecom.2010.16"},{"key":"e_1_2_1_41_1","unstructured":"Stephens M. A. 1972. EDF statistics for goodness-of-fit: Part 1. Tech. rep. Office of Naval Research.  Stephens M. A. 1972. EDF statistics for goodness-of-fit: Part 1. Tech. rep. Office of Naval Research."},{"key":"e_1_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-00587-9_12"},{"key":"e_1_2_1_43_1","volume-title":"Proceedings of the 5th IEEE International Conference on Biometrics: Theory Applications and Systems (BTAS).","author":"Wang Z.","unstructured":"Wang , Z. , Serwadda , A. , Balagani , K. , and Phoha , V . 2012. Transforming animals in a cyber-behavioral biometric menagerie with frog-boiling attacks . In Proceedings of the 5th IEEE International Conference on Biometrics: Theory Applications and Systems (BTAS). Wang, Z., Serwadda, A., Balagani, K., and Phoha, V. 2012. Transforming animals in a cyber-behavioral biometric menagerie with frog-boiling attacks. In Proceedings of the 5th IEEE International Conference on Biometrics: Theory Applications and Systems (BTAS)."},{"key":"e_1_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1145\/1866307.1866327"},{"key":"e_1_2_1_45_1","volume-title":"Introductory Statistics","author":"Weiss N. A.","unstructured":"Weiss , N. A. 1999. Introductory Statistics 5 th Ed., Addison Wesley . Weiss, N. A. 1999. Introductory Statistics 5th Ed., Addison Wesley.","edition":"5"},{"key":"e_1_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1186\/cc1820"},{"key":"e_1_2_1_47_1","first-page":"1","article-title":"Probability plotting methods for the analysis of data","volume":"55","author":"Wilk M.","year":"1968","unstructured":"Wilk , M. and Gnanadesikan , R. 1968 . Probability plotting methods for the analysis of data . Biometrica Trust 55 , 1, 1 -- 17 . Wilk, M. and Gnanadesikan, R. 1968. Probability plotting methods for the analysis of data. Biometrica Trust 55, 1, 1--17.","journal-title":"Biometrica Trust"},{"key":"e_1_2_1_48_1","volume-title":"Data Mining: Practical Machine Learning Tools and Techniques","author":"Witten I. H.","year":"2005","unstructured":"Witten , I. H. and Frank , E . 2005 . Data Mining: Practical Machine Learning Tools and Techniques 2 nd Ed., Morgan-Kaufmann , San Francisco . Witten, I. H. and Frank, E. 2005. Data Mining: Practical Machine Learning Tools and Techniques 2nd Ed., Morgan-Kaufmann, San Francisco.","edition":"2"},{"key":"e_1_2_1_49_1","volume-title":"Proceedings of the International Joint Conference on Neural Networks.","volume":"3","author":"Yu E.","unstructured":"Yu , E. and Cho , S . 2003. Ga-svm wrapper approach for feature subset selection in keystroke dynamics identity verification . In Proceedings of the International Joint Conference on Neural Networks. Vol. 3 , 2253--2257. Yu, E. and Cho, S. 2003. Ga-svm wrapper approach for feature subset selection in keystroke dynamics identity verification. In Proceedings of the International Joint Conference on Neural Networks. Vol. 3, 2253--2257."}],"container-title":["ACM Transactions on Information and System Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2516960","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2516960","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T03:28:40Z","timestamp":1750217320000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2516960"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2013,9]]},"references-count":47,"aliases":["10.1145\/2516951.2516960"],"journal-issue":{"issue":"2","published-print":{"date-parts":[[2013,9]]}},"alternative-id":["10.1145\/2516960"],"URL":"https:\/\/doi.org\/10.1145\/2516960","relation":{},"ISSN":["1094-9224","1557-7406"],"issn-type":[{"value":"1094-9224","type":"print"},{"value":"1557-7406","type":"electronic"}],"subject":[],"published":{"date-parts":[[2013,9]]},"assertion":[{"value":"2012-09-01","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2013-06-01","order":1,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2013-09-01","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}