Journal of Engineering and Technology Research Vol.1 (5), pp.072-080, August, 2009 Available online at http:// www.academicjournals.org/JETR © 2009 Academic Journals Full Length Research Feature subset selection in keystroke dynamics using ant colony optimization Marcus Karnan 1 *, M. Akila 2 and A. Kalamani 1 1 Tamilnadu College of Engineering, Coimbatore, India. 2 Vivekanandha College of Engineering for Women, Tiruchengode, India.   e,  The need to secure sensitive data and computer systems from intruders, while allowing ease of access for authenticated users is one of the main problems in computer security. Traditionally, passwords have been the usual method for controlling access to computer systems but this approach has many inherent flaws. Keystroke Dynamics is a relatively new method of biometric identification and provides a comparatively inexpensive and low profile method of hardening the normal login and password process. This paper presents the feature subset selection in Keystroke Dynamics for identity verification, and it reports the results of experimenting Ant Colony Optimization technique on keystroke duration, latency and digraph for feature subset selection. Here, the Ant Colony Optimization is used to reduce the redundant feature values and minimize the search space. Optimum feature subset is obtained using keystroke duration values when compared with the other two feature values. Key words: Feature extraction, feature subset selection, mean and standard deviation, ant colony optimization algorithm, keystroke dynamics. INTRODUCTION Access to computer systems is usually controlled by user accounts with usernames and passwords. Such scheme has little security (Hu et al., 2008; Pavaday and Soyjaudah, 2007) if the information falls to wrong hands. Key cards or biometric systems, (Adrian et al., 2006; Gláucya et al., 2007; Anil et al., 2003; Duane et al., 2007), for example fingerprints (Lin and Anil, 1998) is being used nowadays to improve the security. Biometric methods measure biological and physiological characte- ristics to uniquely identify individuals. The main drawback of most biometric methods is that they are expensive to implement, because most of them require specialized hardware to strengthen security. On the other hand keystroke dynamics (Fabian and Aviel, 2000; Jarmo, 2003) consist of many advantages like (i) It can be used without an additional hardware (ii) Hardening the existing security and (iii) Remote access. Keystroke analysis (Christopher et al. (2008) is of two kinds; Static and Dynamic. Static keystroke analysis essentially means that the analysis is performed on typing samples produced using the same predetermined *Corresponding author. E-mail: karnanme@yahoo.com. text for all the individuals under observation. Dynamic keystroke analysis implies a continuous or periodic moni- toring of issued keystrokes and is intended to be per- formed during a log-in session, after the authentication phase has passed. One area where the use of a static approach to key- stroke dynamics may be particularly interesting is in re- stricting source level access to the master server hosting a Kerberos (Gabriel et al., 2007) key database. Any user accessing the server is prompted to type a few words or a pass phrase in conjunction with his/her username and password. Access is granted if his/her typing pattern matches within a reasonable threshold of the claimed identity. This safeguard is effective as there is usually no remote access allowed to the server, and the only entry point is via console login. Alternatively, dynamic or conti- nuous monitoring of the interaction of users while accessing highly restricted documents or executing tasks in environments where the user must be alert at all times (for example air traffic control), is a ideal scenario for the application of a keystroke authentication system. Key- stroke dynamics may be used to detect uncharacteristic typing rhythm (brought on by drowsiness, fatigue etc.) in the user and notify third parties. Keystroke dynamics include several different measurements (Pin et al., 2007;