A Study And Analysis of Keystroke Dynamics And Its Enhancement For Proficient User Authentication. Dwijen Rudrapal, Smita Das Dept. of Computer Sc. & Engineering National Institute of Technology, Agartala Jirania, Tripura (W). India dwijen_m@rediffmail.com Ashim Saha, Lalita Kumari, N.Debbarma Dept. of Computer Sc. & Engineering National Institute of Technology, Agartala Jirania, Tripura (W). India smitadas.nita@gmail.com Abstract—in this paper we proposed one new measure of keystroke patterns over and above of the existing features for making user authentication through keystroke more efficient. With comparison to other access control systems based on biometric features, keystroke analysis has not yet meets acceptable level of accuracy. The reason is probably the intrinsic variability of typing dynamics, versus other very stable biometric characteristics, such as face or fingerprint. Our experiment and statistical analysis described in the current literature and show through experimental data that, the proposed unique measure of keystrokes can be combined with existing authentication mechanism to improve the authentication and security of delicate applications to a very high extent. It can be useful to ascertain the intruders and reject them from the system, provided that we are able to deal with the typing rhythm of the intruders. Our methodology can rely on what is typed by people because of their normal job. We also argue that our proposed new measure of keystroke with combination of other keystroke patterns can be used as a complementary way of user authentication and as an aid to intrusion detection to improve security. Keyword: keystroke analysis; degree of disorder; biometrics authentication; digraph; trigraph; I. INTRODUCTION The omnipresent computer systems in our civilization now a day have become the strong resource of an exponentially increasing collection of information. A significant portion of this information is often worthy, sensitive and should only be accessed by authorized individuals. To provide sufficient confidentiality and integrity in data and information, different identification techniques are used to authenticate users; typically, and historically, through username and password schemes. One user is given one username and one password. Traditionally the username has been used as the user identification credential [1]. Privileges in the system (such as access to files and services) are defined for each username (or user group). The username usually remains open to everyone. To authenticate a user the password is kept secret. The trust relationship between a user and a system is based on the selecting the appropriate username, assuming that the password is secret. Keystroke dynamics [2] has often been suggested as a method to harden traditional authentication system. Keystroke dynamics does not need extra hardware and features can be extracted in back side of the application. So, this has been shown to be a feasible biometric system. Through this paper we reviewed previous work done on keystroke dynamics, examine the existence of global typing patterns and identify one more feature analysis method that would make keystroke authentication system stronger. II. CURRENT AUTHENTICATION SCENARIO Current authentication solutions have been conventionally categorized into the three factors of something the user has (usb token, mobile phone), something the user knows (password, social security number), and something the user is (biometrics). The most widely implemented of these three has been password authentication systems. Password systems benefit from low implementation costs and effectiveness in terms of accuracy (a password is either correct or wrong). However, there are a number of effective methods available for attacking passwords and thus passwords are plagued by several inadequacies. None of the three factors are unblemished and this has led to the adoption of two-factor authentication (multi factor authentication) systems where security is a top priority. Some of the country like USA has already recognized the weakness of single- factor authentication and recommends that banks should adopt some form of multi-factor authentication. Of the three factors, biometrics offers the most promise in authentication, yet has been slow in its adoption. That is only because of costs associated and the lack of standardization. III. MOTIVATION Passwords are plagued by several inadequacies. Authentication based on conventional password policies flash several issues like on security and user convenience. Attacker or hacker can guess password and gain unauthorized access and claim as a true user. Besides these an attacker can use multiple techniques to gain multiple passwords like • Encrypting a password is a feature used to prevent network password sniffing, where malicious users take use of tools to look at packet content in hope of finding passwords in clear text sent between host and authenticator. • Even encrypted passwords are exploited by attackers using password cracking techniques, such as 482 978-1-4673-1850-1/12/$31.00 © 2012 IEEE 2012 4th International Conference on Electronics Computer Technology (ICECT 2012)