Keystroke Dynamics for Continuous Access Control Enforcement

The weak connection between human users and their digital identities is often the target vulnerability explored by attacks to information systems. Currently, authentication mechanisms are the only barrier to prevent those attacks. Traditional password-based authentication is efficient (especially from the user point of view), but not effective -- the lack of continuous verification is a severe access control vulnerability. To overcome this issue, continuous identity monitoring is needed, operating in similar fashion to that of Intrusion Detection Systems (IDSs). However, traditional host-based IDSs are system-centric -- they monitor system events but fail on flagging malicious activity from intruders with access to the legitimate user´s credentials. Therefore, extending the IDS concept to the user authentication level appears as a promising security control. The need to distinguish human users (user-centric anomaly-based detection) leads to the use of biometric features. In this paper we present a secure, reliable, inexpensive and non-intrusive technique for complementing traditional static authentication mechanisms with continuous identity verification, based on keystroke dynamics biometrics.