loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Ahmed Anu Wahab 1 ; Daqing Hou 1 ; Stephanie Schuckers 1 and Abbie Barbir 2

Affiliations: 1 Electrical and Computer Engineering, Clarkson University, Potsdam NY, U.S.A. ; 2 Mobile Security Group, CVS Health, U.S.A.

Keyword(s): Behavioral Biometric, Keystroke Dynamics, Free-text, Fixed-text, Forgot Password/Username, Account Recovery.

Abstract: Account recovery is ubiquitous across web applications but circumvents the username/password-based login step. Therefore, it deserves the same level of security as the user authentication process. A common simplistic procedure for account recovery requires that a user enters the same email used during registration, to which a password recovery link or a new username could be sent. Therefore, an impostor with access to a user’s registration email and other credentials can trigger an account recovery session to take over the user’s account. To prevent such attacks, beyond validating the email and other credentials entered by the user, our proposed recovery method utilizes keystroke dynamics to further secure the account recovery mechanism. Keystroke dynamics is a type of behavioral biometrics that uses the analysis of typing rhythm for user authentication. Using a new dataset with over 500,000 keystrokes collected from 44 students and university staff when they fill out an account reco very web form of multiple fields, we have evaluated the performance of five scoring algorithms on individual fields as well as feature-level fusion and weighted-score fusion. We achieve the best EER of 5.47% when keystroke dynamics from individual fields are used, 0% for a feature-level fusion of five fields, and 0% for a weighted-score fusion of seven fields. Our work represents a new kind of keystroke dynamics that we would like to call it ‘medium fixed-text’ as it sits between the conventional (short) fixed text and (long) free text research. (More)

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 54.225.24.249

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Wahab, A.; Hou, D.; Schuckers, S. and Barbir, A. (2021). Utilizing Keystroke Dynamics as Additional Security Measure to Protect Account Recovery Mechanism. In Proceedings of the 7th International Conference on Information Systems Security and Privacy - ICISSP; ISBN 978-989-758-491-6; ISSN 2184-4356, SciTePress, pages 33-42. DOI: 10.5220/0010191200330042

@conference{icissp21,
author={Ahmed Anu Wahab. and Daqing Hou. and Stephanie Schuckers. and Abbie Barbir.},
title={Utilizing Keystroke Dynamics as Additional Security Measure to Protect Account Recovery Mechanism},
booktitle={Proceedings of the 7th International Conference on Information Systems Security and Privacy - ICISSP},
year={2021},
pages={33-42},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0010191200330042},
isbn={978-989-758-491-6},
issn={2184-4356},
}

TY - CONF

JO - Proceedings of the 7th International Conference on Information Systems Security and Privacy - ICISSP
TI - Utilizing Keystroke Dynamics as Additional Security Measure to Protect Account Recovery Mechanism
SN - 978-989-758-491-6
IS - 2184-4356
AU - Wahab, A.
AU - Hou, D.
AU - Schuckers, S.
AU - Barbir, A.
PY - 2021
SP - 33
EP - 42
DO - 10.5220/0010191200330042
PB - SciTePress