Starting off with mobile emulator [68], Symbian selleck chemicals llc operating system [55], and most recently Android platform [30]. The association of development platform with keystroke dynamics research works in the literature can be summarized as OS (44%), web (17%), mobile (5%), and unknown (34%).3.4. Authentication Protocol3.4.1. Verification versus Identification Keystroke dynamics authentication can be categorized as verification and identification. Verification refers to the process of proofing a validity of claimed identity. In other words, ��is this person really who he or she declares to be.�� This is a one-to-one comparison procedure that required minimal overhead and is the most common scenario in our society’s security access control environment.

On the contrary, identification denotes ��is this person in our database, if yes, to whom this presented identity belongs to.�� Identification is generally more time consuming, slower in responsiveness, and require higher processing capacity. Nevertheless, identification mode has its own unique usage such as forensic investigation and intrusion detection.Majority of keystroke dynamics research works have been investigated in the form of verification mode (89%) compared to identification (5%). Note that the remaining unknown (6%) authentication mode can be assumed to be verification, due to the fact that most researchers will mention in specific if their experiments involved identification mode.3.4.2. Static versus Dynamic Keystroke dynamics coexist within two different modes of authentication.

Static authentication mode attempts to verify user at the initial instance of user interaction with the system. These include the attempt of using keystroke dynamics biometrics to supplement password for security login [66, 69], physical access control [27], automated teller machine [70], and password sharing prevention [71]. Dynamic authentication mode deals with a different demand in computer security. The goal is to ensure that the authorized identity is still whom they claimed to be after initial login procedure. It is also referred to as continuous [1, 72] or reauthentication [73, 74] in the literature. The main advantage over static authentication is the ability to continuously ensure the validity of a legal user throughout the interaction period. It is also usually capable of working in silent mode, which will not cause any or minimal inconvenience to the user.

Possible application may include online examination [15, 75] and account activity monitoring [76]. Dynamic authentication was also recommended by [59] to be used for password recovery and intrusion detection purposes. Although dynamic authentication has gained momentum Drug_discovery in recent years, the number of researches is still evidently small (10%) compared to static authentication (83%). Among the probable reasons may be the complexity of experiment setup and less application as compared to static authentication.4.