Continuous Authentication Using Creative Writing

Traditional keyboards remain the input device of choice for typing-heavy environments. When attached to sensitive data, security is a major concern. To continuously authenticate users in these environments, use of keystroke dynamics can be a preferred choice. An integral part of user enrollment in a keystroke based continuous authentication system is the writing instruction (prompt) given to the users, to use as a basis for their improvised writing. There are many prompts possible, and they directly impact the performance of authentication systems. Hence, prompts should be designed carefully, and with purpose. In this paper, we bridge the gap between cognitive psychology and computer science and attempt to influence the mental state of the users to acquire a better authentication performance. We compare two kinds of writing prompts, creative and factual, for generating reference samples. In addition, we perform two robustness tests: robustness to dissimilar writing style (e.g., creative reference and factual test) and robustness to surface (e.g., hard surface reference and soft surface test). We collect data from thirty participants in four weekly sessions. We experiment with three features: key interval, key press, and key hold latencies. We use Relative (R) measure to generate the match score between the reference and test samples. Results show that creative writing consistently performs better than the factual one. Both writing prompts perform well with dissimilar style in testing, i.e., continuous authentication is found robust to writing style. Also, we find that the surface (hard or soft) used in testing need not match that used for the reference, thus continuous authentication is also surface robust.