{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,28]],"date-time":"2025-10-28T17:58:11Z","timestamp":1761674291623,"version":"3.37.3"},"reference-count":11,"publisher":"Springer Science and Business Media LLC","issue":"1","license":[{"start":{"date-parts":[[2020,2,21]],"date-time":"2020-02-21T00:00:00Z","timestamp":1582243200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2020,2,21]],"date-time":"2020-02-21T00:00:00Z","timestamp":1582243200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"funder":[{"DOI":"10.13039\/100010665","name":"H2020 Marie Sklodowska-Curie Actions","doi-asserted-by":"publisher","award":["675087"],"award-info":[{"award-number":["675087"]}],"id":[{"id":"10.13039\/100010665","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100010665","name":"H2020 Marie Sklodowska-Curie Actions","doi-asserted-by":"publisher","award":["675087"],"award-info":[{"award-number":["675087"]}],"id":[{"id":"10.13039\/100010665","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100010665","name":"H2020 Marie Sklodowska-Curie Actions","doi-asserted-by":"publisher","award":["675087"],"award-info":[{"award-number":["675087"]}],"id":[{"id":"10.13039\/100010665","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100010665","name":"H2020 Marie Sklodowska-Curie Actions","doi-asserted-by":"publisher","award":["675087"],"award-info":[{"award-number":["675087"]}],"id":[{"id":"10.13039\/100010665","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["EURASIP J. on Info. Security"],"published-print":{"date-parts":[[2020,12]]},"abstract":"<jats:title>Abstract<\/jats:title><jats:p>A feature of search engines is prediction and suggestion to complete or extend input query phrases, i.e. search suggestion functions (SSF). Given the immediate temporal nature of this functionality, alongside the character submitted to trigger each suggestion, adequate data is provided to derive keystroke features. The potential of such biometric features to be used in identification and tracking poses risks to user privacy.For our initial experiment, we evaluate SSF traffic with different browsers and search engines on a Linux PC and an Android mobile phone. The keystroke network traffic is captured and decrypted using mitmproxy to verify if expected keystroke information is contained, which we call quality assurance (QA). In our second experiment, we present first results for identification of five subjects searching for up to three different phrases on both PC and phone using naive Bayesian and nearest neighbour classifiers. The third experiment investigates potential for identification and verification by an external observer based purely on the encrypted traffic, thus without QA, using the Euclidean distance. Here, ten subjects search for two phrases across several sessions on a Linux virtual machine, and statistical features are derived for classification. All three test cases show positive tendencies towards the feasibility of distinguishing users within a small group. The results yield lowest equal error rates of 5.11% for the single PC and 11.37% for the mobile device with QA and 23.61% for various PCs without QA. These first tendencies motivate further research in feature analysis of encrypted network traffic and prevention approaches to ensure protection and privacy.<\/jats:p>","DOI":"10.1186\/s13635-020-0100-8","type":"journal-article","created":{"date-parts":[[2020,2,21]],"date-time":"2020-02-21T15:02:44Z","timestamp":1582297364000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":8,"title":["Keystroke biometrics in the encrypted domain: a first study on search suggestion functions of web search engines"],"prefix":"10.1186","volume":"2020","author":[{"given":"Nicholas","family":"Whiskerd","sequence":"first","affiliation":[]},{"given":"Nicklas","family":"K\u00f6rtge","sequence":"additional","affiliation":[]},{"given":"Kris","family":"J\u00fcrgens","sequence":"additional","affiliation":[]},{"given":"Kevin","family":"Lamsh\u00f6ft","sequence":"additional","affiliation":[]},{"given":"Salatiel","family":"Ezennaya-Gomez","sequence":"additional","affiliation":[]},{"given":"Claus","family":"Vielhauer","sequence":"additional","affiliation":[]},{"given":"Jana","family":"Dittmann","sequence":"additional","affiliation":[]},{"given":"Mario","family":"Hildebrandt","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2020,2,21]]},"reference":[{"key":"100_CR1","unstructured":"European Parliament and Council, Regulation (EU) 2016\/679 of the European Parliament and of the Council of 27 April 2016 (General Data Protection Regulation),Official Journal of the European Union, L 119, 1-88 (2016)."},{"key":"100_CR2","doi-asserted-by":"publisher","DOI":"10.7551\/mitpress\/3405.001.0001","volume-title":"Ham Radio\u2019s Technical Culture, 1st edn","author":"K. Haring","year":"2006","unstructured":"K. Haring, Ham Radio\u2019s Technical Culture, 1st edn (MIT Press, Massachusetts, 2006)."},{"key":"100_CR3","volume-title":"Authentication by keystroke timing: some preliminary results, Rand Rep. R-2526-NSF","author":"R. S. Gaines","year":"1980","unstructured":"R. S. Gaines, W. Lisowski, S. J. Press, N. Shapirog, Authentication by keystroke timing: some preliminary results, Rand Rep. R-2526-NSF (RAND Corporation, California, 1980)."},{"key":"100_CR4","doi-asserted-by":"publisher","unstructured":"F. Monrose, A. Rubin, in Proceedings of the 4th ACM Conference on Computer and Communications Security, 4CCS97, Zurich, Switzerland, April 1-4, 1997. Authentication via keystroke dynamics, (1997), pp. 48\u201356. https:\/\/doi.org\/10.1145\/266420.266434.","DOI":"10.1145\/266420.266434"},{"key":"100_CR5","doi-asserted-by":"publisher","first-page":"19","DOI":"10.1007\/s13173-013-0117-7","volume":"19","author":"P. H. Pisani","year":"2013","unstructured":"P. H. Pisani, A. C. Lorena, A systematic review on keystroke dynamics. J. Braz. Comput. Soc.19:, 19\u2013573 (2013). https:\/\/doi.org\/10.1007\/s13173-013-0117-7.","journal-title":"J. Braz. Comput. Soc."},{"key":"100_CR6","doi-asserted-by":"publisher","unstructured":"D. Buschek, A. D. Luca, F. Alt, in Proceedings of the 33rd Annual ACM Conference on Human Factors in Computing Systems, CHI\u201915, Seoul, South Korea, April 18-23, 2015. Improving accuracy, applicability and usability of keystroke biometrics on mobile touchscreen devices, (2015). https:\/\/doi.org\/10.1145\/2702123.2702252.","DOI":"10.1145\/2702123.2702252"},{"issue":"1","key":"100_CR7","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1186\/1687-417X-2011-3","volume":"2011","author":"C. Rathgeb","year":"2011","unstructured":"C. Rathgeb, A. Uhl, A survey on biometric cryptosystems and cancelable biometrics. EURASIP J. Informa. Secur.2011(1), 3 (2011). https:\/\/doi.org\/10.1186\/1687-417X-2011-3.","journal-title":"EURASIP J. Informa. Secur."},{"key":"100_CR8","doi-asserted-by":"publisher","unstructured":"R. Koch, G. D. Rodosek, in Proceedings of the 6th International Conference on Network and Service Management, CNSM 2010, Niagara Falls, Canada, October 25-29, 2010. User identification in encrypted network communications, (2010), pp. 246\u2013249. https:\/\/doi.org\/10.1109\/CNSM.2010.5691292.","DOI":"10.1109\/CNSM.2010.5691292"},{"key":"100_CR9","unstructured":"A. Cortesi, M. Hils, T. Kriechbaumer, contributors, mitmproxy: a free and open source interactive HTTPS proxy [Version 4.0] (2019). https:\/\/mitmproxy.org\/. Accessed 6 December 2019."},{"issue":"6","key":"100_CR10","doi-asserted-by":"publisher","first-page":"816","DOI":"10.1109\/TSMCC.2008.2001696","volume":"38","author":"D. Hosseinzadeh","year":"2008","unstructured":"D. Hosseinzadeh, S. Krishnan, Gaussian mixture modeling of keystroke patterns for biometric applications. IEEE Trans. Syst. Man Cybern. C (Appl. Rev.)38(6), 816\u2013826 (2008). https:\/\/doi.org\/10.1109\/TSMCC.2008.2001696.","journal-title":"IEEE Trans. Syst. Man Cybern. C (Appl. Rev.)"},{"key":"100_CR11","first-page":"2825","volume":"12","author":"F. Pedregosa","year":"2011","unstructured":"F. Pedregosa, G. Varoquaux, A. Gramfort, V. Michel, B. Thirion, O. Grisel, M. Blondel, P. Prettenhofer, R. Weiss, V. Dubourg, J. Vanderplas, A. Passos, D. Cournapeau, M. Brucher, M. Perrot, E. Duchesnay, Scikit-learn: machine learning in python. J. Mach. Learn. Res.12:, 2825\u20132830 (2011).","journal-title":"J. Mach. Learn. Res."}],"container-title":["EURASIP Journal on Information Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1186\/s13635-020-0100-8.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1186\/s13635-020-0100-8\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1186\/s13635-020-0100-8.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,2,21]],"date-time":"2021-02-21T00:27:11Z","timestamp":1613867231000},"score":1,"resource":{"primary":{"URL":"https:\/\/jis-eurasipjournals.springeropen.com\/articles\/10.1186\/s13635-020-0100-8"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,2,21]]},"references-count":11,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2020,12]]}},"alternative-id":["100"],"URL":"https:\/\/doi.org\/10.1186\/s13635-020-0100-8","relation":{},"ISSN":["2510-523X"],"issn-type":[{"type":"electronic","value":"2510-523X"}],"subject":[],"published":{"date-parts":[[2020,2,21]]},"assertion":[{"value":"23 August 2019","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"14 January 2020","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"21 February 2020","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"Two of the guest editors for this submission, Richard Guest and Christian Kraetzer, are members of the European Training Network AMBER, as are authors NW, SEG, JD and CV. Furthermore, Christian Kraetzer is also a member of the AMSL workgroup at OVGU, which is represented by all authors.","order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Competing interests"}}],"article-number":"2"}}