Evaluating Keystroke Dynamics Performance in e-Commerce

Xiaofei Wang; Andy Meneely; Daqing Hou

doi:10.5220/0013103700003899

Evaluating Keystroke Dynamics Performance in e-Commerce

Xiaofei Wang, Andy Meneely, Daqing Hou

2025

Abstract

The traditional username and password authentication mechanisms are vulnerable to various attacks, such as brute force, rainbow tables, and password theft. Multi-factor authentication is becoming the standard practice across the software industry, and keystroke dynamics can be a useful way to augment existing authentication mechanisms. This paper introduces a keystroke dynamics-based system implemented using the Django framework to collect and analyze keystroke data across three e-Commerce web services: air ticketing, online shopping, and car rental systems. Our system asked users to type their own information and also type several other users’ information, using common and service-specific input fields. We collected data from 62 participants where each contributes 10 records for each service as both genuine and imposter users. Through detailed feature extraction and machine learning-based analysis with three binary classifiers, we evaluate the efficacy of keystroke dynamics in distinguishing genuine from imposter users. Our results indicate that different input fields have differentiated effects on verifying users, and appropriate field selection strategies can improve the performance of classification methods.

Download

Paper Citation

in Harvard Style

Wang X., Meneely A. and Hou D. (2025). Evaluating Keystroke Dynamics Performance in e-Commerce. In Proceedings of the 11th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP; ISBN 978-989-758-735-1, SciTePress, pages 167-175. DOI: 10.5220/0013103700003899

in Bibtex Style

@conference{icissp25,
author={Xiaofei Wang and Andy Meneely and Daqing Hou},
title={Evaluating Keystroke Dynamics Performance in e-Commerce},
booktitle={Proceedings of the 11th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP},
year={2025},
pages={167-175},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0013103700003899},
isbn={978-989-758-735-1},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 11th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP
TI - Evaluating Keystroke Dynamics Performance in e-Commerce
SN - 978-989-758-735-1
AU - Wang X.
AU - Meneely A.
AU - Hou D.
PY - 2025
SP - 167
EP - 175
DO - 10.5220/0013103700003899
PB - SciTePress