CN201674507U - Personal identification system based on keystroke dynamics of users - Google Patents

Personal identification system based on keystroke dynamics of users Download PDF

Info

Publication number
CN201674507U
CN201674507U CN2009202462870U CN200920246287U CN201674507U CN 201674507 U CN201674507 U CN 201674507U CN 2009202462870 U CN2009202462870 U CN 2009202462870U CN 200920246287 U CN200920246287 U CN 200920246287U CN 201674507 U CN201674507 U CN 201674507U
Authority
CN
China
Prior art keywords
module
identification
user
data
personal identification
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Lifetime
Application number
CN2009202462870U
Other languages
Chinese (zh)
Inventor
赵建
傅念东
石继东
侯俊伟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
BEIJING MICRODONE NETWORK TECHNOLOGY Co Ltd
Original Assignee
BEIJING MICRODONE NETWORK TECHNOLOGY Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by BEIJING MICRODONE NETWORK TECHNOLOGY Co Ltd filed Critical BEIJING MICRODONE NETWORK TECHNOLOGY Co Ltd
Priority to CN2009202462870U priority Critical patent/CN201674507U/en
Application granted granted Critical
Publication of CN201674507U publication Critical patent/CN201674507U/en
Anticipated expiration legal-status Critical
Expired - Lifetime legal-status Critical Current

Links

Images

Landscapes

  • Storage Device Security (AREA)

Abstract

The utility model discloses a personal identification system based on keystroke dynamics of users, which comprises a filter layer driving module, a driving safety protecting module, a data safety transport module, a safe control piece module, a personal identification agent module, a personal identification module and a personal identification database module, wherein the filter layer driving module is used to collect user keystroke dynamics information, the driving safety protecting module is used to guarantee the collecting safety of the user keystroke dynamics information, the data safety transport module and the safety control piece module are used to guarantee the transport safety of the user keystroke dynamics information, the personal identification agent module charges to collect and preprocess the user keystroke dynamics information, and safely transport the user keystroke dynamics information to the personal identification module. The personal identification module charges to process the user keystroke dynamics information, and obtain the personal identification data of users. The personal identification database module charges to safely store user personal identification data. The personal identification system increases the system safety, protects the safety of a user login system, prevents user from logining through using the same account number, and prevents other people from lightly logining after a\user commands are stolen.

Description

A kind of identification system based on characteristics of user keystroke
Technical field
The utility model belongs to field of computer information security, and a kind of identification system based on characteristics of user keystroke is provided.
Background technology
In current identity identification technical field, two class technology comparative maturities: one is based on the token technology of smart card, USBKey or dynamic password (OTP), and a kind of is biological identification technology.
Token technology is to combine with traditional username-password mode by specific software or hardware, constitute the dual factors identification system, can improve the fail safe of identification, though develop into present application comparative maturity, exist the cost height, dispose difficulty, the user is difficult for problems such as use, need low cost at some, the application of medium safety requirements exists the difficulty of popularization.
Biological identification technology is that high-tech means is close combines by computer and optics, acoustics, biology sensor and biostatistics principle etc., utilize the intrinsic physiological property of human body, (as fingerprint, face picture, iris etc.) and behavioural characteristic (as signature, sound, gait etc.) are carried out the evaluation of personal identification.All there are some defectives in biological identification technology, changed by the influence of external environment condition and causes the identification difficulty, or produce counterfeit because of the development of technology.
Summary of the invention
The utility model purpose is to provide a kind of identification system based on characteristics of user keystroke, comprise filter course driver module, driving security protection module, data security transport module, safe control module, identification proxy module, identification module and identification database module, each functions of modules is as follows:
The filter course driver module, in order to gather user's keystroke characteristic information when the user keystroke, the filter course driver module is gathered characteristics of user keystroke information and is comprised the button time of staying of user keystroke incident, the blanking time and the keystroke dynamics size of adjacent key.
The driving security protection module in order to guarantee job stability, hardware compatibility, system compatibility and the self-security of filter course driver module, guarantees fail safe, the reliability and availability of characteristics of user keystroke information gathering simultaneously;
The data security transport module is in order to guarantee that characteristics of user keystroke information is by the transmission security of filter course driver module to safe control module;
Safe control module is transferred to the identification proxy module in order to the safety of protecting safe control program self and with the characteristics of user keystroke information security of filter course driver module collection;
The identification proxy module is responsible for collecting and preliminary treatment characteristics of user keystroke information, and pretreated characteristics of user keystroke information security is transferred to identification module;
Identification module is responsible for the keystroke characteristic information with process user such as SVMs modified algorithm, obtains user's identification data;
The identification database module is responsible for safe storage user identity identification data.
Advantage of the present utility model is:
(1) identification system based on characteristics of user keystroke has improved security of system, and protection logging in system by user safety prevents the shared identical account number login of user, prevents from easily to be logined by the people after username-password from having things stolen.
(2) realized the identification of keeping fit part of username and password and keystroke characteristic identification.
(3) system is convenient to dispose and implement, and can significantly save the total cost of ownership that is used to strengthen identification safety.
Description of drawings
Fig. 1 is the identification system structural representation of the utility model based on characteristics of user keystroke;
Fig. 2 is the schematic diagram that the utility model realizes gathering characteristics of user keystroke.
Embodiment
Below in conjunction with drawings and Examples the utility model is elaborated.
The utility model provides a kind of identification system based on characteristics of user keystroke, as shown in Figure 1, described identification system mainly comprises filter course driver module 201, driving security protection module 202, data security transport module 203, safe control module 301, identification proxy module 401, identification module 402 and identification database module 403, wherein filter course driver module 201 is gathered user keystroke information, and user keystroke information comprises the time of staying on each button, the blanking time and the keystroke dynamics size of adjacent key; Driving security protection module 202 guarantees fail safe, the reliability and availability of characteristics of user keystroke information gathering simultaneously in order to guarantee job stability, hardware compatibility, system compatibility and the self-security of filter course driver module 201; Data security transport module 203 is in order to guarantee that characteristics of user keystroke information is by the transmission security of filter course driver module 201 to safe control module 301; Safe control module 301 is transferred to identification proxy module 401 in order to the safety of protecting safe control program self and with the characteristics of user keystroke information security; Identification proxy module 401 is responsible for collecting and preliminary treatment characteristics of user keystroke information, and pretreated characteristics of user keystroke information security is transferred to identification module 402; Identification module 402 is responsible for the keystroke characteristic information with process user such as SVMs modified algorithm, obtains user's identification data, and at last with the identification storage in identification database module 403.
The incident of described user keystroke is directly to be input to whole identification system based on characteristics of user keystroke by bottom input equipment keyboard 1, and keyboard 1 can be desktop keyboard, keyboard of notebook computer, ATM keyboard and cell phone keyboard etc.
At the keystroke time of keyboard 1, filter course driver module 201 is provided with two collection points, and corresponding respectively button is pressed T constantly DownLift T constantly with button Up, when user keystroke, the incident that button is pressed and lifted can trigger filter course driver module 201 and gather the time difference T that two moment were pressed and lifted to user keystroke 1=T Up-T Down, stride the key time T between two adjacent key 2=T ' Down-T Down, T ' wherein DownBe pressing constantly of adjacent key, record is also preserved.
When the user knocks a plurality of button, filter course driver module 201 can collect pressing of each button and lift time value constantly, then can be poor according to the blanking time that these time values calculating user keystrokes are pressed and lifted between the incident, the time of staying T when drawing user keystroke on each key 1, and between two adjacent key, stride the key time T 2So, when knocking continuous button " HELLO ", can collect T 1, T 2, T 3, T 4, as shown in Figure 2.
Filter course driver module 201 is chosen in the junction that i8042prt drives and kbdclass drives and does filtration, and the purpose of filtration is in order to remove the keystroke characteristic information of apparent error, to make keystroke characteristic information more rationally with effective, satisfying user's needs.Rational and effective is filtered, and can realize the compatibility of 201 pairs of different keyboards of filter course driver module, and filter course driver module 201 provided by the invention can be imported with the keystroke of USB keyboard by compatible PS2 keyboard.Simultaneously, operating systems such as filter course driver module 201 compatible Windows2000/XP/2003/Vista/7 are distinguished and are treated operating system solves Synchronization Control and IO processing in the difference of Synchronization Control and IO processing otherness.
Described driving security protection module 202 is in order to guarantee job stability, hardware compatibility, system compatibility and the self-security of filter course driver module 201, guarantee fail safe, the reliability and availability of characteristics of user keystroke information gathering simultaneously, and realize by the following method:
(1) critical code section in the keystroke characteristic information is added shell and handle, anti-dynamic and static debugging;
(2) use self-testing mechanism, prevent third party's routine change program implementation logic;
(3) employing prevents dynamic debugging.
Described data security transport module 203 adopts the SSL escape way that keystroke characteristic information is carried out safe transmission; Data security transport module 203 with carry out mutual authentication before safe control module 301 is communicated by letter.
Described safe control module 301 finish and data security transport module 203 between mutual authentication after, keystroke characteristic information is submitted to identification proxy module 401.Concrete submission process is: safe control module 301 receives characteristics of user keystroke information; To receive the deblocking storage, the order that piecemeal storage data are determined by random factor is deposited; And use symmetric encipherment algorithm that data are encrypted, the order of determining by random factor is submitted to identification proxy module 401 at last.Symmetric encipherment algorithm is meant that the data of obtaining by camouflage and perturbation technique have used the AES symmetric cryptography.
Described identification proxy module 401 is by JAVA, C, C++, C# .NET, PHP, ASP, PERL, CGI, PYTHON supervisor structure identification module 402 callers, in order to realization the enciphered data that safe control module 301 obtains is submitted to identification module 402, and as required data is carried out necessary preliminary treatment.Described preliminary treatment is specially:
After the KeyEvent that knocks generation by keyboard is hunted down, the number of division of KeyEvent on time shaft is designated as T, because a password input has n KeyEvent generation, so obtained n value sequence T n, pass through formula again Calculate to generate the new sequence that n-1 value arranged, as the coordinate of the n-1 dimensional vector of SVMs;
The keystroke characteristic information data is carried out clustering processing, the user is counted the keystroke characteristic information data of software at every turn and classify, of a sort characteristics of user keystroke information has very big similitude, and the characteristics of user keystroke information between inhomogeneity has very big diversity.
Data after the clustering processing are learnt and screened, select the bigger class characteristics of user keystroke information of similitude as data sample, other class is abandoned.
Described identification module 402 adopts the SVMs modified algorithm to calculate the sample average of keystroke characteristic information data, removes the noise in the sample, and sample average as new samples, is calculated output identification data;
Described identification database module 403 is used to store the user identity identification data of handling through identification module 402, and storage mode comprises fragmented storage and encrypts storage.

Claims (2)

1. identification system based on characteristics of user keystroke, it is characterized in that: described identification system comprises filter course driver module, driving security protection module, data security transport module, safe control module, identification proxy module, identification module and identification database module, wherein the filter course driver module is gathered and filtration treatment characteristics of user keystroke data, and exports to the data security transport module by driving security protection module data safety; After authentication is passed through mutually between data security transport module and the safe control module, data security is transferred to safe control module; Safe control module is stored the characteristics of user keystroke information data piecemeal that receives, and data are encrypted, and the order of determining by random factor is submitted to the identification proxy module at last; Collection of identification proxy module and preliminary treatment characteristics of user keystroke information are also exported to identification module; The keystroke characteristic information of identification module process user obtains user's identification data, and at last with the identification storage in the identification database module.
2. a kind of identification system based on characteristics of user keystroke according to claim 1 is characterized in that: the driving security protection module adds shell to the critical code section in the keystroke characteristic information to be handled, and uses self-testing mechanism and prevents dynamic debugging.
CN2009202462870U 2009-10-19 2009-10-19 Personal identification system based on keystroke dynamics of users Expired - Lifetime CN201674507U (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN2009202462870U CN201674507U (en) 2009-10-19 2009-10-19 Personal identification system based on keystroke dynamics of users

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN2009202462870U CN201674507U (en) 2009-10-19 2009-10-19 Personal identification system based on keystroke dynamics of users

Publications (1)

Publication Number Publication Date
CN201674507U true CN201674507U (en) 2010-12-15

Family

ID=43331914

Family Applications (1)

Application Number Title Priority Date Filing Date
CN2009202462870U Expired - Lifetime CN201674507U (en) 2009-10-19 2009-10-19 Personal identification system based on keystroke dynamics of users

Country Status (1)

Country Link
CN (1) CN201674507U (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104980279A (en) * 2014-10-16 2015-10-14 腾讯科技(深圳)有限公司 Identity authentication method, and related equipment and system
CN106039711A (en) * 2016-05-17 2016-10-26 网易(杭州)网络有限公司 User identity authentication method and device
CN114626694A (en) * 2022-02-24 2022-06-14 深圳市华师兄弟教育科技有限公司 Network course planning management system based on internet

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104980279A (en) * 2014-10-16 2015-10-14 腾讯科技(深圳)有限公司 Identity authentication method, and related equipment and system
CN106039711A (en) * 2016-05-17 2016-10-26 网易(杭州)网络有限公司 User identity authentication method and device
CN106039711B (en) * 2016-05-17 2019-05-14 网易(杭州)网络有限公司 A kind of method for authenticating user identity and device
CN114626694A (en) * 2022-02-24 2022-06-14 深圳市华师兄弟教育科技有限公司 Network course planning management system based on internet
CN114626694B (en) * 2022-02-24 2022-11-08 深圳市华师兄弟教育科技有限公司 Network course planning management system based on internet

Similar Documents

Publication Publication Date Title
CN101674184B (en) Identity recognition method based on user keystroke characteristic
CN2779485Y (en) High-security mobile data storage device
Akhtar et al. Biometrics: In search of identity and security (Q & A)
CN103842985B (en) The cloud system of intensified safety protection and security protection management method thereof
CN101561873B (en) Multimode authentication equipment with functions of iris recognition and USB Key
CN107332659A (en) A kind of identity identifying method based on biological characteristic, storage medium and system
CN103699995A (en) Payment authentication method based on fingerprints and finger veins
McAteer et al. Integration of biometrics and steganography: a comprehensive review
Mahadi et al. A survey of machine learning techniques for behavioral-based biometric user authentication
CN104009973B (en) It is a kind of based on set polynomial transformation with reconcile details in fingerprint Information hiding and restoration methods
CN201674507U (en) Personal identification system based on keystroke dynamics of users
US10146988B2 (en) Obtaining a biometric image and handling damaged biometrics
Zhang et al. Multimodal continuous user authentication on mobile devices via interaction patterns
CN105183192B (en) A kind of electronic identity pen and electric endorsement method based on intelligent touch screen interactive mode entr screen
CN103207963A (en) Two-factor authentication system based on fingerprint and vein recognition
CN105184571A (en) Payment authentication system based on combination of hand veins and multiple fingerprints
Buriro et al. SWIPEGAN: swiping data augmentation using generative adversarial networks for smartphone user authentication
CN101459514B (en) Method and apparatus for biological identification, biological characteristic data ciphering method
CN107026928A (en) A kind of behavioural characteristic identification authentication method and device based on mobile phone sensor
CN104077513A (en) Information processing method and electronic equipment
Gamble et al. Convolutional neural network for human activity recognition and identification
CN103593596A (en) USB KEY for collecting external biological characteristics
Chithra et al. Pristine PixCaptcha as graphical password for secure eBanking using Gaussian elimination and cleaves algorithm
CN201365347Y (en) Mobile telephone with independent built-in data assistant device
Buriro et al. Evaluation of motion-based touch-typing biometrics in online financial environments

Legal Events

Date Code Title Description
C14 Grant of patent or utility model
GR01 Patent grant
CX01 Expiry of patent term
CX01 Expiry of patent term

Granted publication date: 20101215