Applying hidden Markov models to keystroke pattern analysis for password verification

Due to increasing incidents of security breaches in the cyber space, a rigorous user authentication process has become crucial. A very feasible biometric approach to verify the authenticity of a user is to examine his/her typing patterns. There is a significant difference in the keystroke patterns exhibited from person to person, even when asked to type the same words. Typing patterns can be shown in the intervals between keys, holding time, overlap keys, etc. Individuals typing pattern develops naturally and uniquely just as each person write differently. We propose an analytical process based on a hidden Markov model (HMM) to learn the special patterns from individuals, and then to identify them. During training, the timing information of each keystroke is recorded at its holding and releasing events, and the pattern is then extracted from the relationship of the events within a word. The experiment to be conducted is to authenticate users when entering words. The idea is to implement a process to examine the typing pattern as a user enters his/her password, in order to augment the conventional password system. We find the discrete first-order HMM to be very suitable for our purpose. Due to the nondeterministic nature of the keystroke events, modeling with a stochastic process such as the HMM which has probabilistic state transitions can not only recognize the patterns in the keys already typed, but also predict the following sequence. The issue is similar to the recognition of hand-written characters or spoken words. The experimental results are nearly perfect among twenty test subjects all randomly chosen in a controlled environment of a standard computer laboratory.