論文使用權限 Thesis access permission:校內一年後公開,校外永不公開 campus withheld
開放時間 Available:
校內 Campus: 已公開 available
校外 Off-campus:永不公開 not available
博碩士論文 etd-0128108-135223 詳細資訊
Title page for etd-0128108-135223
論文名稱 Title |
敲鍵行為之個人身份認證設計與實作 Design and Implementation of User Authentication Based on Keystroke Dynamic |
||
系所名稱 Department |
|||
畢業學年期 Year, semester |
語文別 Language |
||
學位類別 Degree |
頁數 Number of pages |
84 |
|
研究生 Author |
|||
指導教授 Advisor |
|||
召集委員 Convenor |
|||
口試委員 Advisory Committee |
|||
口試日期 Date of Exam |
2008-01-08 |
繳交日期 Date of Submission |
2008-01-28 |
關鍵字 Keywords |
身份認證、生物特徵、敲鍵行為 User Authentication, Biometrics Feature, Keystroke Dynamic |
||
統計 Statistics |
本論文已被瀏覽 5689 次,被下載 11 次 The thesis/dissertation has been browsed 5689 times, has been downloaded 11 times. |
中文摘要 |
傳統登入系統中,系統利用帳號(Username)與密碼(Password)認證是否為合法使用者,此認證方式固然簡單方便,但密碼可能被不法人士所竊取或複製,相對較不安全。若能增加一層保護機制來認證使用者身份,其可使用生物特徵(Biometric)方式,如同敲鍵、指紋、DNA、視網膜等人類與生俱有之特徵,可有效防止侵入者登入系統。本論文提出使用敲鍵特徵(Keystroke)認證方式做為研究方向。使用敲鍵認證時,只需要電腦最基本配備鍵盤,運用敲鍵時間做為判斷依據,具有成本低且安全性高之優點,適合判斷公文是否正確簽核之補助參考指標。本論文使用統計方式進行研究與實作,選擇帳號密碼長度大於等於9,學習樣本數為20次且配合樣本更新機制,可達到錯誤接受率(FAR)為0.85%、錯誤拒絕率(FRR)為1.51%以及平均錯誤率(AFR)為1.18%之高安全性指標之結果。 |
Abstract |
In the traditional login systems, we use the username and the password to identify the legalities of users. It is a simple and convenient way to identify, but passwords could be stolen or copied by someone who tries to invade the system illegally. Adding one protective mechanism to identify users, the way of biometrics are brought out, such as keystroke dynamics, fingerprints, DNA, retinas and so on that are unique characteristics of each individuals, it could be more effective in preventing trespassing. This thesis uses keystroke biometrics as research aspects of user authentication. The advantages of this system are low-cost and high security to identify users using keyboard to calculate the time of keystrokes. In this thesis, we use statistical way to examine the researches and experiments. Chosen length of the username and password are greater than or equal to 9 characters, and learning sample sizes are 20 and adapting the sample adaptation mechanism, the results show that we achieved by False Acceptance Rate of 0.85%, False Rejection Rate of 1.51% and Average False Rate of 1.18%; all reach the high levels of safeties. |
目次 Table of Contents |
目錄 1 緒論 1 1.1 研究背景 1 1.2 研究動機 2 1.3 論文架構 4 2 相關研究 5 2.1 生物認證技術 5 2.2 敲鍵特徵 8 2.3 學習方法 10 2.4 效能評估方法 11 2.5 驗證方法研究 12 2.6 BioPassword 15 3 認證方法與說明 17 3.1 認證原理與參數設定 17 3.2 計算最佳學習樣本數 19 3.3 不使用平均值與標準差 25 3.4 驗證方法與流程 29 3.5 更新學習樣本資料 35 3.6 多次登入機會 39 3.7 認證方法之優點 40 3.8 字串的選擇方式 43 4 實驗結果 46 4.1 系統架構與流程 46 4.2 程式實作介面 48 4.3 結果分析與說明 50 4.3.1 依年齡、姓別與資訊背景分析 52 4.3.2 依字串長度分析 54 4.3.3 依特殊字串分析 55 4.4 文獻比較 58 4.5 問卷調查 58 5 結論與未來展望 60 參考文獻 62 附錄 65 A 測試人員資料 65 B 其它統計資料 67 |
參考文獻 References |
[1] 賀力行、林淑萍、蔡明春. Statistics Concepts, Methods and Application. 前程企業, 2003. [2] L. C. F. Araujo, L. H. R. Sucupira Jr., M. G. Lizarraga, L. L. Ling, and J. B. T. Uabu-Tti. User authentication through typing biometrics features. IEEE Transactions on Signal Processing, 53(2):851–855, Feb 2005. [3] Nick Bartlow and Bojan Cukic. Evaluating the reliability of credential hardening through keystroke dynamics. 17th International Symposium on Software Reliability Engineering (ISSRE 2006), 7-10 November 2006, Raleigh, North Carolina, USA, pages 117–126, 2006. [4] F. Bergadano, D. Gunetti, and C. Picardi. User authentication through keystroke dynamics. ACM Transactions on Information and System Security (ACM TISSEC), 5(4):367–397, 2002. [5] BioPassword. Authentication solutions through keystroke dynamics. available at http://www.biopassword.com, Sep 2006. [6] S. Bleha, C. Slivinsky, and B. Hussien. Computer-access security systems using keystroke dynamics. IEEE Transactions on Pattern Analysis and Machine Intelligence, 12(12), Dec 1990. [7] Sergio Tenreiro de Magalhaes, Kenneth Revett, and Henrique M. D. Santos. Password secured sites-stepping forward with keystroke dynamics. Proceedings of the International Conference on Next Italian Services Practices, pages 293–298, Aug 2005. [8] W. G. de Ru and J. H. P. Eloff. Enhanced password authentication through fuzzy logic. IEEE Expert, 17(6):38–45, Nov 1997. [9] Stephen J. Elliott, Jerry L. Peters, and Teresa J. Rishel. An introduction to biometrics technology. available at http://scholar.lib.vt.edu/ejournals/JITE/v41n4/elliott.html, 41(4), 2004. [10] The Tolly Group. Biopassword. available at http://www.tolly.com/ts/2007/BioPassword/EnterpriseEdition/TollyTS207233BioPasswordAccuracy2007.pdf, 2007. [11] D. Gunetti and C. Picardi. Keystroke analysis of free text. ACM Transactions on Information and System Security (ACM TISSEC), 8(3):312–347, Aug 2005. [12] D. Gunetti, C. Picardi, and G. Ruffo. Dealing with different languages and old profiles in keystroke analysis of free text. Ninth Conference of the Italian Association for Artificial Intelligence, Milan, Italy, pages 21–23, Sep 2005. [13] Wong F. W. M. H., Supian A. S. M., and Ismail A. F. Enhanced user authentication through typing biometrics with artificial neural networks and k-nearest neighbor algorithm. Conference Record of the Thirty-Fifth Asilomar Conference on Signals, Systems and Computers, 2:911–915, 2001. [14] S. Hocquet, J. Ramel, and H. Cardot. Fusion of methods for keystroke dynamic authentication. Fourth IEEE Workshop on Automatic Identification Advanced Technologies, pages 224–229, Oct 2005. [15] D. Hosseinzadeh, S. Krishnan, and A. Khademi. Keystroke identification based on gaussian mixture models. IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP), May 2006. [16] Jarmo Ilonen. Keystroke dynamics. available at http://www.it.lut.fi/kurssit/03-04/010970000/seminars/Ilonen.pdf. [17] Salvador Mandujano and Rogelio Soto. Deterring password sharing: User authentication via fuzzy c-means clustering applied to keystroke biometric data. Proceedings of the ENC International Conference on Computer Science (ENC ’04), pages 181–187, Sep 2004. [18] S. K. Modi and S. J. Elliott. Keystroke dynamics verification using a spontaneously generated password. Proceedings of the 40th Annual International Carnahan Conference on Security Technology (ICCST), pages 116–121, 2006. [19] Douglas C Montgomery and George C Runger. Applied Statistics and Probability for Engineers (3rd ed.). WILEY, 2002. [20] M. Obaidat and S. Sadoun. Verification of computer users using keystroke dynamics. IEEE Transactions on Systems, Man and Cybernetics, part B: Cybernetics, 27(2):261–269, 1997. [21] A. Peacock, X. Ke, and M. Wilkerson. Typing patterns: A key to user identification. IEEE Security & Privacy, 2(5):40–47, Sep 2004. [22] J. A. Robinson, V. W. Liang, J. A. M. Chambers, and Christine L. MacKenzie. Computer user verification using login string keystroke dynamics. IEEE Transactions on Systems, Man, and Cybernetics, 28(2):236–241, 1998. [23] Bernard Rosner. Fundamentals of Biostatistics (5th ed.). Boston: Duxbury, 2000. [24] A. Abbas S. Haidar and A. K. Zaidi. A multi-technique approach for user identification through keystroke dynamics. IEEE International Conference on Systems, Man, and Cybernetics, 2:1336–1341, 2000. [25] Yong Sheng, V. V. Phoha, and S. M. Rovnyak. A parallel decision treebased method for user authentication based on keystroke patterns. IEEE Transactions on Systems, Man, and Cybernetics, Part B, 35(4):826–833, 2005. [26] D. Song, P. Venable, and A. Perrig. User recognition by keystroke latency pattern analysis. Apr 1997. [27] Chen W. and Chang W. Applying hidden markov models to keystroke pattern analysis for password verification. Proceedings of IEEE International Conference on Information Reuse and Integration, pages 467–474, 2004. [28] Weaver and Alfred C. Biometric authentication. Computer, 39(2):96–97, Feb 2006. |
電子全文 Fulltext |
本電子全文僅授權使用者為學術研究之目的,進行個人非營利性質之檢索、閱讀、列印。請遵守中華民國著作權法之相關規定,切勿任意重製、散佈、改作、轉貼、播送,以免觸法。 您的 IP(校外) 位址是 3.133.159.224 論文開放下載的時間是 校外不公開 Your IP address is 3.133.159.224 This thesis will be available to you on Indicate off-campus access is not available. |
紙本論文 Printed copies |
紙本論文的公開資訊在102學年度以後相對較為完整。如果需要查詢101學年度以前的紙本論文公開資訊,請聯繫圖資處紙本論文服務櫃台。如有不便之處敬請見諒。 開放時間 available 已公開 available |
QR Code |
國立中山大學 圖書與資訊處 │ 諮詢服務:2452 論文審查小組 │ 服務信箱 │ 系統開發維運:圖資處知識創新組
Office of Library and Information Services, National Sun Yat-sen University │ Contact Us : 2452 Thesis Format Review Team , Mail │ Development and operations : Knowledge Innovation Division, LIS