Mitigating Snoop-Forge-Replay Attack by Integrating Text-Based and Language-Based Traits with the Keystroke Verification System

A new attack called the snoop-forge-replay attack is presented on keystroke-based continuous verification systems. The snoop-forge-replay is a sample-level forgery attack and is not specific to any particular keystroke-based continuous verification method or sysem. It can be launched with easily available keyloggers and APIs for keystroke synthesis. Our results ffrom 2460 experiments show that: 1)the snoop-forge-replay attacks achieve alarmingly high error rates compared to zero-effort imposter attacks, which have been the de facto standard for evaluating keystroke-based continuous verification systems; 2)four state-of-the –art verification methods, three types of keystroke latencies, and 11 matching-pair settings(a key parameter in continuous verification with keystrokes) that is examined here were suspectible to the attack; 3)the attack is effective even when as low as 20 to 100 keystrokes were snooped to create forgeries.