Thank you for feedback, your suggestions are greatly appreciated. BTW the project is not currently a comercial project, we are just doing the research to see if it is possible to identify someone correctly within a certain amount of keystrokes. Previous keystroke biometric research has already proven that if certain users type the same passage multiple times their averages/deviations from the mean are still within a certain percentage refering to profiles that they created. It is actually a very high percentage of accuracy. Here is a link to a previous work in the area.
http://portal.acm.org/citation.cfm?i...CM&coll=portal
What we are trying to accomplish is this task in realtime without having to have to intially create a profile and asking you to type a hundred to two hundred words. Instead the user would initiate the program in "profile gathering mode" or something of the sort and use the computer as they would normally would. As for having different typing styles...that has definitely come to our minds, especially typing drunk.we thought it is probably a good thing that the system would log us out if we were typing drunk.
While there are many details such as restarting the system in safe mode to turn it off.....that probably wouldnt be possible if there was a password on the system? So i guess im suggesting that this program might be an addition to say your normal precautions. I do not think that this program would be the finally end all program that keeps your computer safe but it does add an additional line of security....if the research would prove to be successful. Also if you had enough time with a passworded machine physically, don't you thing you would be able to access the information on the system readily? Isn't the already comercial fingerprint recognition program started up right when you the load windows? i guess you could start it in bios...but a little modification of the code and you could do that with our program. What im saying is that this keystroke recognition would be another viable solution to additional computer security.
As for the users on dial up or not connected all the time...the server was initiated so that it would be a carefree program to use so that people wouldnt be bothered by it and could remain anonymous. We believed that we would get fewer participants if we had participates have to go through the hassle of submit their log files thru email. As for the security issue....I guarentee that it is purely for academic research.(however my word is trivial to an internet community) but if you take a look at the webpage and its links we are vouched for by the University. In the end it is your decision to partake in our research if you think its too risky, by all means you don't have to run our data collection program. If I could I would post our source code to demonstrate were not doing any shady activity. However we do not want people to steal our idea. Well hope I was informative enough to convince some people to participate. I would offer some prize but were starving college students.
Reply With Quote