An approach for user authentication on non-keyboard devices using mouse click characteristics and statistical-based classification

Internet security has become a serious issue for anyone connected to the Internet. To avoid unauthorized people accessing an information system, keystroke dynamics-based authentication (KDA) systems combine password knowledge with typing characteristics to enhance the security of general password authentication systems. However, some portable computational devices have no computer keyboard, for example, personal digital assistants and mobile phones. That is, KDA systems cannot successfully work while the enrollment phase is implemented based on a standard desktop keyboard. This reduces the portability of the KDA system. This paper adopts rhythms clicked by a mouse as another identifiable factor. Mouse clicks can be replaced by a stylus on non-keyboard device, numeral buttons on mobile phones, or fingers on touch screens to enhance system portability. In our proposed system, the click data are based on the time instances during pressing and releasing the mouse button. Five features based on these time periods are calculated using this data. We invited twenty-five users to participate in our experiment. The experimental results showed that our authentication system can achieve a good accuracy. Our experiments also showed that the rhythm clicked by a mouse can function as the second identifiable factor in general password authentication systems or as the standby identifiable factor in KDA systems.