A Novel Keystroke Dataset for Preventing Advanced Persistent Threats

Xiaofei Wang; Rashik Shadman; Daqing Hou; Faraz Hussain; Stephanie Schuckers

doi:10.5220/0012558000003654

A Novel Keystroke Dataset for Preventing Advanced Persistent Threats

Xiaofei Wang, Rashik Shadman, Daqing Hou, Faraz Hussain, Stephanie Schuckers

2024

Abstract

Computer system security is indispensable in today’s world due to the large amount of sensitive data stored in such systems. Moreover, user authentication is integral to ensuring computer system security. In this paper, we investigate the potential of a novel keystroke dynamics-based authentication approach for preventing Advanced Persistent Threats (APT) and detecting APT actors. APT is an extended and planned cyber-attack in which the intruder logs into a system many times over a long period of time to gain administrative access and to steal sensitive data or disrupt the system. Since keystroke dynamics can be made to work whenever an APT actor is typing on the keyboard, we hypothesize that it naturally be a good match for APT detection. Furthermore, keystroke dynamics promises to be non-intrusive and cost-effective as no additional hardware is required other than the keyboard. In this work, we created a novel dataset consisting of keystroke timings of Unix/Linux IT system administration commands. We evaluated the authentication performance of our novel dataset on three algorithms, i.e., the Scaled Manhattan distance, and the so-called new distance metric (Zhong et al., 2012) with/without fusion. We compared our result with that of the state-of-the-art CMU dataset. The best 95% confidence interval of EER for our Linux Command dataset was (0.038, 0.044) which was very close to that of the CMU dataset (0.027, 0.031) despite the small size of our dataset.

Download

Paper Citation

in Harvard Style

Wang X., Shadman R., Hou D., Hussain F. and Schuckers S. (2024). A Novel Keystroke Dataset for Preventing Advanced Persistent Threats. In Proceedings of the 13th International Conference on Pattern Recognition Applications and Methods - Volume 1: ICPRAM; ISBN 978-989-758-684-2, SciTePress, pages 894-901. DOI: 10.5220/0012558000003654

in Bibtex Style

@conference{icpram24,
author={Xiaofei Wang and Rashik Shadman and Daqing Hou and Faraz Hussain and Stephanie Schuckers},
title={A Novel Keystroke Dataset for Preventing Advanced Persistent Threats},
booktitle={Proceedings of the 13th International Conference on Pattern Recognition Applications and Methods - Volume 1: ICPRAM},
year={2024},
pages={894-901},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0012558000003654},
isbn={978-989-758-684-2},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 13th International Conference on Pattern Recognition Applications and Methods - Volume 1: ICPRAM
TI - A Novel Keystroke Dataset for Preventing Advanced Persistent Threats
SN - 978-989-758-684-2
AU - Wang X.
AU - Shadman R.
AU - Hou D.
AU - Hussain F.
AU - Schuckers S.
PY - 2024
SP - 894
EP - 901
DO - 10.5220/0012558000003654
PB - SciTePress