Skip to Main Content
The keystroke patterns produced during typing have been shown to be unique biometric signatures. Therefore, these patterns can be used as digital signatures to verify the identity of computer users remotely over the Internet or locally at a specific workstation. In particular, keystroke recognition can enhance the username and password security model by monitoring the way that these strings are typed. To this end, this paper proposes a novel up--up keystroke latency (UUKL) feature and compares its performance with existing features using a Gaussian mixture model (GMM)-based verification system that utilizes an adaptive and user-specific threshold based on the leave-one-out method (LOOM). The results show that the UUKL feature significantly outperforms the commonly used key hold-down time (KD) and down--down keystroke latency (DDKL) features. Overall, the inclusion of the UUKL feature led to an equal error rate (EER) of 4.4% based on a database of 41 users, which is a 2.1% improvement as compared to the existing features. Comprehensive results are also presented for a two-stage authentication system that has shown significant benefits. Lastly, due to many inconsistencies in previous works, a formal keystroke protocol is recommended that consolidates a number of parameters concerning how to improve performance, reliability, and accuracy of keystroke-recognition systems.