I.J.

Information Engineering and Electronic Business, 2012, 2, 29-35

Published Online April 2012 in MECS (http://www.mecs-press.org/)
DOI: 10.5815/ijieeb.2012.02.05

Enhanced Password Based Security System

Based on User Behavior using Neural Networks
Preet Inder Singh
Department of CSE/IT, Lovely Professional University (Punjab), Phagwara
Email: preetindermail@gmail.com

Gour Sundar Mitra Thakur

Department of CSE/IT, Lovely Professional University (Punjab), Phagwara
Email: cse.gsmt@gmail.com

Abstract — There are multiple numbers of security authorized users [1]. This is done for the purpose of
systems are available to protect your performing trusted communications between parties for
computer/resources. Among them, password based computing applications.
systems are the most commonly used system due to The well-known ID/password (static
its simplicity, applicability and cost effectiveness authentication) is far the most used authentication
But these types of systems have higher sensitivity to method. It is widely used despite its obvious lack of
cyber-attack. Most of the advanced methods for security. This fact is due to the ease of implementation
authentication based on password security encrypt of this solution, and to the instantaneous recognition of
the contents of password before storing or that system by the users that facilitates its deployment
transmitting in the physical domain. But all and acceptance. Increasing the password strength is a
conventional encryption methods are having its own solution to avoid dictionary attacks or to make brute
limitations, generally either in terms of complexity force attacks infeasible [2]. It is generally accepted that
or in terms of efficiency. the length of the password determines the security it
In this paper an enhanced password based provides, however, it is not exactly true: the strength of
security system has been proposed based on user the password is rather related to its entropy. For
typing behavior, which will attempt to identify example, User that chooses a password of 7 characters
authenticity of any user failing to login in first few is said to provide between 16 and 28 bits of entropy.
attempts by analyzing the basic user
behaviors/activities and finally training them The conventional security system can be shown in
through neural network and classifying them as figure - 1 given below.
genuine or intruder.

Index Terms —Artificial neural networks, Keystroke

Dynamics, intrusion detection, Security & User
Authentication.

1. Introduction

It is often seen that to gain some personal benefit

or attention or to harm someone some people always
try to break cyber securities. The first step in
preventing unauthorized access is to assure user Figure1: Conventional Security System
authentication. User authentication is the process of
verifying claimed identity. The authentication is Due to the deficiencies in traditional password-
accomplished by matching some short-form based access methods/Security systems, the new
indicator of identity, such as a shared secret that has security system comes into existence which provides
been pre-arranged during enrollment or registration for higher level of security is the Keystroke biometrics,

Copyright © 2012 MECS I.J. Information Engineering and Electronic Business, 2012, 2, 29-35
30 Enhanced Password Based Security System Based on User Behavior using Neural Networks

which seeks to identify individuals by their typing behavioral types [4]. Biometric technologies are
characteristics [3]. defined as automated methods of verifying or
Conventionally, user authentication is categorized recognizing the identity of a living person based on
into three classes [4]: physiological or behavioral characteristics [5].
 Knowledge - based, Physiological characteristics refer to what the person is,
or, in other words, they measure physical parameters of a
 Object or Token - based, certain part of the body. Some examples are Fingerprints,
 Biometric - based. Hand Geometry, Vein Checking, Iris Scanning, Retinal
Scanning, Facial Recognition, recognition, Signature
The knowledge-based authentication is based on
Recognition, Mouse Dynamics and keystroke
something one knows and is characterized by secrecy.
dynamics, are good examples of this group.
The examples of knowledge-based authenticators are
Keystroke dynamics is considered as a strong
commonly known passwords and PIN codes. The
behavioral Biometric based Authentication system [6]. It
object-based authentication relies on something one
is a process of analyzing the way a user types at a
has and is characterized by possession.
terminal by monitoring the keyboard in order to identify
Behavioral characteristics are related to what a
the users based on habitual typing rhythm patterns.
person does, or how the person uses the body.
Moreover, unlike other biometric systems, which may
Voiceprint, traditional keys to the doors can be
be expensive to implement, keystroke dynamics is almost
assigned to the object-based category. Usually the
free as the only hardware required is the keyboard.
token-based approach is combined with the knowledge-
A person’s identity is checked in the
based approach. An example of this combination is a
verification case. If the user behavior is matched
bankcard with PIN code. In knowledge-based and
with the existing parameters then the login is
object-based approaches, passwords and tokens can be
successful otherwise the login is unsuccessful. If a
forgotten, lost or stolen. There are also usability
person tries number of times then after three
limitations associated with them. For instance,
unsuccessful attempts the system is automatically
managing multiple passwords / PINs, and memorizing
locked [7].
and recalling strong passwords are not easy tasks.
Biometric-based person recognition overcomes the The ultimate level of security can be achieved
above mentioned difficulties of knowledge-based and with the help of keystroke dynamic only if when
object based approaches. The following figure - 2 combine all the parameters/features like key code, two
shows the different classification of user authentication keystroke latencies, three keystroke latencies and key
methods. duration. This approach can be used to improve the
usual login-password authentication when the
password is no more a secret [9].
The remainder of this paper is organized as
follows: Section 2 gives an enhanced method of
password based security system. Section 3 describes
the experimental results. Section 4 presents the
advantages of the proposed system. Conclusion is
given in the final section.

2. Proposed security system

In this proposed model the different behaviors in

entering passwords are recoded as per the above
mention criteria. A sample dataset will be prepared by
recoding some attempts by authentic as well as non-
authentic user in any simple password based user
authentication system because for known regularly-
typed strings (e.g., username and password), such
Figure2: Classification of User Authentication features are quite consistent. Then those data are to be
approaches trained using Feed Forward Neural Network to classify
authentic and non-authentic user. After that the trained
Biometrics technologies are gaining popularity due network will be used to identify authentic or non-
to the reason that when used in conjunction with authentic user based on his runtime behavior in time of
traditional methods of authentication they provide an entering password.
extra level of security. Biometrics involves something
a person is or does. These types of characteristics can
be approximately divided into physiological and

Copyright © 2012 MECS I.J. Information Engineering and Electronic Business, 2012, 2, 29-35
 Enhanced Password Based Security System Based on User Behavior using Neural Networks 31

2.1 Password based behavioral characteristics the output. The nodes of the input layer are passive,
meaning they do not modify the data. They receive a
In the behavior keystroke dynamics, behavior single value on their input, and duplicate the value to
of the user password is checked by the system at the their multiple outputs. In comparison, the nodes of the
real time i.e while entering the password. It includes hidden and output layer are active. The values entering
the multiple parameters to check the behavior of the a hidden node are multiplied by weights; a set of
user like total time to enter password, average time predetermined number is stored in the program. The
in all the attempts, latency between two characters, weighted inputs are then added to produce a single
latency between three characters, deviation from the number (output).
original/last attempt password, number of times
Shift/Caps used to enter the uppercase letter, time
between the two passwords attempts, if in first time
behavior of user/person does not match with the
existing behavior/rhythm etc. It is noted that the
behavior of the users are different from one another
while entering the password in real time.

2.2 Neural network

Artificial Neural Network is an information

processing paradigm that is inspired by the way
biological nervous systems, such as the brain, process
information. The key element of this paradigm is the
novel structure of the information processing system. It
is composed of a large number of highly
interconnected processing elements (neurons) working
in unison to solve specific problems [7].
MLP neural network and RBF networks have
become the most widely used network architectures in Figure3: Feed forward Architecture with two outputs
pattern classification problems. The general difference
between the two neural networks is that MLP is a more 2.5 Transfer function: Sigmoid function
distributed approach compared to RBF, which only
responds to a limited section input space [8]. Sigmoid function, mathematically described by
the equation S(x) = 1/(1+e-λx), having several
advantages like, (1) Soft limiter, i.e. having sensitivity
2.3 Neural network’s features suitable for security w.r.t variation in input. (2) Mathematical model of
systems biological neuron, firing phenomenon the characteristic
is appearing like sigma function. It derivative is easily
Neural network has the tremendous property of available which is required in learning process, S′(x) =
learning from the environment which is suitable for s (x) [1 - s (x)] [7].
security systems. Learning can be fall into two
categories i.e Supervised learning and Unsupervised 2.6 Authentication process
learning. Neural network can use a set of observations
to solve the task in an optimal sense. It is the branch of At the real-time user enter his/her ID and Password to
artificial intelligence (AI). enter into their account and to access the resources as
shown in figure 5. Login information may have various
2.4 Training and testing with feed-forward neural types of information like strings, characters
network (Block/Small letters) or any alpha numeric data. This
information is then matched with the saved login
A multilayer perceptron in Weka is a feed behavior of the user. If this information is matched
forward artificial neural network model that maps sets with the saved login behavior then the login is
of input data onto a set of appropriate output. Feed successful otherwise the login is unsuccessful. This
Forward architecture is used in this paper as shown in includes the various logical parameters like Number of
figure - 3. This neural network is formed in three layers, trails, Length of password, Time taken to insert the
called the input layer, hidden layer, and output layer. password, Time taken to reenter the password if in first
Each layer consists of one or more nodes, represented attempt password is wrong, Deviations from the first
in this diagram by the small circles. The lines between attempt password, If the password is in the capital
the nodes indicate the flow of information from one letter; whether Shift is used or not, If the password is in
node to the next. In this particular type of neural the capital letter; whether Caps Lock is used or not.
network, the information flows only from the input to

Copyright © 2012 MECS I.J. Information Engineering and Electronic Business, 2012, 2, 29-35
32 Enhanced Password Based Security System Based on User Behavior using Neural Networks

These parameters are forming a hierarchical the password hence an auto- information mechanism
structure to enhance the speed of computation and about intrusion available to right user.
saving the unnecessary involvement of other inner
layer modules associated with this security system.
These layers logically define the types of activity with 3. Experimental results
knowing the contents of password & behavior of
entering the password. Neural network based 3.1 Tools of data collection
authentication is the innermost layer, which is taking
care of contents available with the password as shown Data is collected in real time using Visual Basic
in Figure - 4. 6.0 as a front end and Microsoft Access 2003. This
includes the various logical parameters as received
from the intruders intending to breach our security set-
up.

Figure 4: Number of Layers is used to protect the

resources from unauthorized users. Figure 5: Sample Login Window

2.7 Hierarchical structure of security

In this method a multilayer, multi-parametric

security system has developed. In most of the public
oriented services there are service providers along with
service users. Each party wanted to allocated a security
means to protect their resource. Hence for each case a
separate password provision can be allocated. To
provide the intruder detection several parameters can
taken as measuring consideration likes,

i. Number of trails.
ii. Length of password.
iii. Time taken to insert the password.
iv. Time taken to reenter the password if in first
attempt password is wrong.
v. Deviations from the first attempt password.
vi. If the password is in the capital letter,
whether Shift is used or not.
vii. If the password is in the capital letter,
whether Caps Lock is used or not.
These parameters can surely help to define the
activity as normal or intrusion users. When intrusion
declared, to protect the resource, security environment
not allow entering the password further. The other Figure 6: Sample of Data Stored regarding Passwords
benefit of this facility is, when the right person will try
to access the resource, system will not permit to enter

Copyright © 2012 MECS I.J. Information Engineering and Electronic Business, 2012, 2, 29-35
 Enhanced Password Based Security System Based on User Behavior using Neural Networks 33

The various parameters are shown above in Table1:Defining the Network Parameters
Microsoft Access figure-6 are
Parameter Values
1. Login ID (id.)
Number of Training Data 120
2. Password (pass.)
3. Password Length (passlen). Number of Testing Data 20
4. Total time to enter the password (totaltime).
5. Status means login is done or not (status.) Number of Hidden Layers 2
6. Average time to enter the whole password
Learning Rate 0.3
(avgtime).
7. Time difference between the two passwords if Momentum 0.2
in the first attempt login is not done/successful
(tdiff). Validation Threshold 20
8. Deviation from the current/actual password
Total no of Epochs 500
(st).
9. Length difference from the current/old attempt Error Per Epoch 0.0000375
password (ldiff).
10. Whether a user is genuine or not (geniun). Accuracy 100 %

The above table -1 shows maximum accuracy

obtained during training of multilayer perceptron with
10 cross validation. For the cross validation purpose
we divide 70% data for training, 15% data for
validation and 15% data for testing of networks.
The following are the snapshots of data training
(figure -8) & data testing (figure -9) with the help of
Weka simulator.

Figure 7: Recognize the Behavior of user in first

attempt

In the figure 7, in column shift, it

recognizes/saves the typing behavior (Shift and/or Caps
Lock used to enter the Block letters in Password) of the
user when the first time authorized user login to his/her
account and matches it with when the user attempts to
login again to his/her account. If the typing behavior is
matched with the authorized user as well as other
logical parameters as discussed above are also matched
then login is successful otherwise the login is
unsuccessful.

3.2 Training using neural networks

With the help of Weka Simulator (Version 3.7)

using the above logical parameters as received from the
intruder intending to breach our security system, we
train the neural network with Multilayer Perceptron to
find whether the user is genuine or not based upon user
behavior at real-time and found that the accuracy is
100% as shown in table-1.

Figure 8: Data training in Weka simulator

Copyright © 2012 MECS I.J. Information Engineering and Electronic Business, 2012, 2, 29-35
34 Enhanced Password Based Security System Based on User Behavior using Neural Networks

In the above figure 8, Weka build a model which 10. It is impossible to break the password with
has taken 1.84 seconds, total number of instances are brute force attack because it is depending
taken ‘120’ out of which ‘36’ users are genuine and upon the user behavior and other logical
‘84’ users are not-genuine as shown in Confusion parameters like total time, average time etc.
Matrix.

5. Conclusion

This new method based on user behavior using

neural network is simple in designing which provides
high level of security & at the same time is also cost
effective because it does not need any extra hardware.
Keyboard Dynamics, being one of the cheapest forms
of biometric, has great scope. It is easy to implement
on the password based system or systems. This system
also discriminate the users on the basis of their typing
behavior as a genuine user and non-genuine user. This
method have the number of application numerous
irrespective of their nature. With this method two ways
security is used which provides more security to
password based systems & gives new direction of
development to password based security system.

References
[1] D. Shanmugapriya and G. Padmavathi, "A Survey
of Biometric keystroke Dynamics: Approaches,
Figure 9: Data testing in Weka simulator Security and Challenges", (IJCSIS) International
Journal of Computer Science and Information Security,
In the above figure 9, Weka build a model which Vol. 5, No. 1, 2009.
has taken 0.66 seconds, total number of instances are
taken ‘20’ out of which ‘9’ users are genuine and ‘11’ [2]R. Giot, M. El-Abed, C. Rosenberger, "Keystroke
users are not-genuine as shown in Confusion Matrix. Dynamics Authentication for Collaborative Systems"
2009.
4. Advantages of the proposed system
[3] A. Peacock, X. Ke and M. Wilkerson, “Typing
In summary the security system given in this paper patterns: A key to user Identification”, IEEE Security
having advantages like: - and Privacy 2(5) (2004).

1. Simple & similar design like conventional [4] L. O’Gorman, “Comparing Passwords, Tokens, and
system. Biometrics for User Authentication”, Proceedings of
2. Easy to implement. the IEEE, Vol. 91, No. 12, Dec, pp. 2019-2040, 2003.
3. No extra hardware required.
4. Free from service provider faith ness [5] A. K. Jain, A. Ross and S. Prabhakar, “An
circumference. Introduction to Biometric Recognition”, IEEE
5. It provides intrusion detection facility. Transactions on Circuits and Systems for Video
6. Hierarchical protection gives optimum use of Technology, Special Issue on Image- and Video-Based
security model with high processing speed. Biometrics, Vol. 14, No. 1, January 2004.
7. It provides multi-user facility from same
security environment. [6] A. Awad, E. Ahmed, and I. Traore, “Anomaly
8. Can be used /implemented in wide range of Intrusion Detection based on Biometrics”, Proceedings
applications i.e. for standalone computers, of the IEEE, 2005.
Network systems and/or online systems etc.
9. Account can be protected by allocating the [7] M. K. Singh, "Password Based a Generalize Robust
maximum number of attempts/trials to the Security System design using Neural Network", IJCSI
user by locking the account, when login to International Journal of Computer Science Issues, Vol.
account is un-successful. Hence, provides 4, No. 2, 2009
better security.

Copyright © 2012 MECS I.J. Information Engineering and Electronic Business, 2012, 2, 29-35
 Enhanced Password Based Security System Based on User Behavior using Neural Networks 35

[8] N. Harun, W. L. Woo and S. S. Dlay,

"Performance of Keystroke Biometrics Authentication
System Using Artificial Neural Network (ANN) and
Distance Classifier Method", International Conference
on Computer and Communication Engineering
(ICCCE 2010), 11-13 May 2010, Kuala Lumpur,
Malaysia.

[9] Araujo, L.C.F., Sucupira, L.H.R., Lizarraga, M.G.,

Ling, L.L., Yabu-Uti, J.B.T., “User authentication
through typing biometrics features”, IEEE Trans. on
Signal Processing, 53 (2), 851–855, (2005).

Preet Inder Singh: M.Sc computer Science from

D.A.V College, Amritsar in 2010. Currently pursuing
M.Tech (CSE/IT) from Lovely Professional University,
Phagwara, interested in Network Security, Multi-media
and Artificial Intelligent Systems.

Gour Sundar Mitra Thakur: B.Tech(C.S.E),

M.Tech (C.S) Currently Pursuing Ph.D from National
Institute of Technology, Durgapur in Mathematics.
Areas of Interests are Fuzzy Logic and Fuzzy
Mathematics, Soft Computing, Intelligent Systems and
Neural Networks.

Copyright © 2012 MECS I.J. Information Engineering and Electronic Business, 2012, 2, 29-35