Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Keystroke Dynamics: Concepts, Techniques, and Applications

Rashik Shadman, Ahmed Anu Wahab, Michael Manno, Matthew Lukaszewski, Daqing Hou, Faraz Hussain

TL;DR

This survey addresses keystroke dynamics as a behavioral biometric for authentication, verification, and identification, highlighting its cost-effectiveness and ease of deployment without additional hardware. It synthesizes recent progress across three methodological families—statistical, machine learning, and deep learning—alongside expansive keystroke datasets (e.g., CMU, GreyC, Aalto, AR) and mobile/touchscreen benchmarks. Key contributions include benchmarking state-of-the-art algorithms such as TypeNet, TypeFormer, and DoubleStrokeNet, and detailing feature engineering strategies, performance metrics, and cross-device considerations. The paper also maps broad applications beyond authentication (education, emotion, demographics, disease, fatigue) and outlines open challenges and future directions, emphasizing benchmarks, adaptive systems, data privacy, and multi-modal fusion for robust, real-world deployment.

Abstract

Reliably identifying and verifying subjects remains integral to computer system security. Various novel authentication techniques, such as biometric authentication systems, have been developed in recent years. This paper provides a detailed review of keystroke-based authentication systems and their applications. Keystroke dynamics is a behavioral biometric that is emerging as an important tool for cybersecurity as it promises to be non-intrusive and cost-effective. In addition, no additional hardware is required, making it convenient to deploy. This survey covers novel keystroke datasets, state-of-the-art keystroke authentication algorithms, keystroke authentication on touch screen and mobile devices, and various prominent applications of such techniques beyond authentication. The paper covers all the significant aspects of keystroke dynamics and can be considered a reference for future researchers in this domain. The paper includes a discussion of the latest keystroke datasets, providing researchers with an up-to-date resource for analysis and experimentation. In addition, this survey covers the state-of-the-art algorithms adopted within this domain, offering insights into the cutting-edge techniques utilized for keystroke analysis. Moreover, this paper explains the diverse applications of keystroke dynamics, particularly focusing on security, verification, and identification uses. Furthermore, this paper presents a summary of future research opportunities, highlighting potential areas for exploration and development within the realm of keystroke dynamics. This forward-looking perspective aims to inspire further inquiry and innovation, guiding the trajectory of future studies in this dynamic field.

Keystroke Dynamics: Concepts, Techniques, and Applications

TL;DR

This survey addresses keystroke dynamics as a behavioral biometric for authentication, verification, and identification, highlighting its cost-effectiveness and ease of deployment without additional hardware. It synthesizes recent progress across three methodological families—statistical, machine learning, and deep learning—alongside expansive keystroke datasets (e.g., CMU, GreyC, Aalto, AR) and mobile/touchscreen benchmarks. Key contributions include benchmarking state-of-the-art algorithms such as TypeNet, TypeFormer, and DoubleStrokeNet, and detailing feature engineering strategies, performance metrics, and cross-device considerations. The paper also maps broad applications beyond authentication (education, emotion, demographics, disease, fatigue) and outlines open challenges and future directions, emphasizing benchmarks, adaptive systems, data privacy, and multi-modal fusion for robust, real-world deployment.

Abstract

Reliably identifying and verifying subjects remains integral to computer system security. Various novel authentication techniques, such as biometric authentication systems, have been developed in recent years. This paper provides a detailed review of keystroke-based authentication systems and their applications. Keystroke dynamics is a behavioral biometric that is emerging as an important tool for cybersecurity as it promises to be non-intrusive and cost-effective. In addition, no additional hardware is required, making it convenient to deploy. This survey covers novel keystroke datasets, state-of-the-art keystroke authentication algorithms, keystroke authentication on touch screen and mobile devices, and various prominent applications of such techniques beyond authentication. The paper covers all the significant aspects of keystroke dynamics and can be considered a reference for future researchers in this domain. The paper includes a discussion of the latest keystroke datasets, providing researchers with an up-to-date resource for analysis and experimentation. In addition, this survey covers the state-of-the-art algorithms adopted within this domain, offering insights into the cutting-edge techniques utilized for keystroke analysis. Moreover, this paper explains the diverse applications of keystroke dynamics, particularly focusing on security, verification, and identification uses. Furthermore, this paper presents a summary of future research opportunities, highlighting potential areas for exploration and development within the realm of keystroke dynamics. This forward-looking perspective aims to inspire further inquiry and innovation, guiding the trajectory of future studies in this dynamic field.
Paper Structure (73 sections, 7 equations, 5 figures, 4 tables)

This paper contains 73 sections, 7 equations, 5 figures, 4 tables.

Table of Contents

  1. INTRODUCTION
  2. Justification for a New Survey
  3. Methodology
  4. Keystroke Biometrics
  5. Security and Authentication
  6. Person Identification and Forensic Investigation
  7. User Authentication for Online Assessments and Examinations
  8. Keystroke Dynamics Performance Metrics
  9. False Accept Rate and False Reject Rate
  10. Equal Error Rate
  11. ROC and AUC
  12. ANIA and ANGA
  13. Authentication Time
  14. Rank-N
  15. Keystroke Datasets
  16. ...and 58 more sections

Figures (5)

  • Figure 1: Timing Features of Keystrokes. Latency and hold time: these timing features are used to create a template of a user and at the time of testing these features are compared to verify the user. Between two consecutive keystrokes, there can be 6 timing features: hold time of two keys, time between key press of first key and key press of second key = KP2 - KP1, time between key press of first key and key release of second key = KR2 - KP1, time between key release of first key and key press of second key = KP2 - KR1, time between key release of first key and key release of second key = KR2 - KR1.
  • Figure 2: An overview of the structure of this survey.
  • Figure 3: (a) Equal Error Rate (EER) as the instance of False Accept Rate (FAR) and False Reject Rate (FRR) intersecting, and the effect of loose and strict threshold (when the threshold is loose, the FAR is high and FRR is low; when the threshold is strict, the FAR is low and FRR is high). The EER balances between loose and strict thresholds. (b) The Receiver Operating Characteristic (ROC) curve and the Area Under the Curve (AUC) show the performance of different classifiers. A classifier touching the point (0.0, 1.0) is desired and considered a perfect classifier. This is difficult in practical systems; a classifier closer to the coordinate (0.0, 1.0) is preferred. The ROC curve below the diagonal line is considered worse, while the ROC curve above the diagonal line is considered better.
  • Figure 4: Instance-based scoring procedure for sample text 'mississippi'. The graphs in the test sample are compared with those of the profile sample and similarity scores are calculated. The average of the scores is returned as the final score.
  • Figure 5: Graphical representation of how the ITAD metric is computed from the PDF and CDF. In (a), the sample is below the median and the ITAD metric is determined by the left tail area of the PDF. If the left tail area is x, then the x point of the CDF (on the left) indicates the ITAD metric score. In (b), the sample is above the median and the ITAD metric is determined by the right tail area of the PDF. If the right tail area is y, then the (1-y) point of the CDF (on the right) indicates the ITAD metric score.