Abstract
The biometric authentication in the online learning environment (OLE) is still exploratory and, despite an increase in keystroke dynamics biometrics research, many challenges remain in designing this authentication system due to the fact that it is economical and easily integrated with existing computer security system in OLE. Existing research in keystroke dynamics tends to focus on finding how keystroke dynamics of users can support non-intrusive authentications of users in OLEs. However, there is little evidence that researchers have approached the issue of unauthenticated users to take the role of authenticated users and perform tasks in the OLE with the intent of building models based on the keystroke dynamics of users. In a nutshell, the aim of this chapter is to provide an overview of the existing applications of keystroke dynamics as biometric authentication in the OLE, keystroke dynamics framework being designed for the OLE, advantages and disadvantages of a keystroke dynamics biometrics approach, as well as offering suggestions and possible future research directions.
TopIntroduction
The prevalence of online education has increased dramatically in the past decade as it offers several significant benefits. (U.S. Higher Education System, 2016; Freidman, 2016; Newton, 2015). Among those benefits are availability, accessibility, affordability, updatability, and economical (Li & Irby, 2008; Ruiz, 2017). However, along with the benefits of online learning come several challenges, one of which is academic dishonesty among students (Grijalva, Nowell, & Kerkvliet, 2006; King, Guyette, & Piotrowski, 2009). Unethical behavior in schools is rampant (King, Guyette, & Piotrowski, 2009). While cheating in school is not new, it has taken on new forms and is becoming easier to undertake due to increased use of technology to facilitate OLEs (King, Guyette, & Piotrowski, 2009; Sewell, Frith, & Colvin, 2010). The main challenge that the providers of online education facing is to assure a student who wants to take an exam is really the individual who is expected to attend to that test. Cyber cheating is far more widespread than originally believed because it is nearly impossible to verify the identity of an individual being assessed online (Moini & Madni, 2009).
To solve this cyber cheating issue, US government passed the Higher Education Opportunity Act (HEOA 2008) which requires that institutions offering online education have to make greater access control efforts for the purposes of assuring that students of record are those actually accessing the systems and taking online exams by adopting identification technologies as they become more ubiquitous (Monaco, Stewart, Cha, & Tappert, 2013). To comply with the requirements of this law, institutes of higher education who provide online courses have begun exploring the use of biometrics to authenticate students.
Biometric methods verify and authenticate the identity of a user based on a physiological or behavioral characteristic (Miller, 1994). One frequently used authentication mechanism is using usernames and passwords (Bours, 2012); thus “once only” authentication. However, in the case of online assessments and exams, there is a requirement to monitor the identity of users throughout the course of an entire assessment, thus continuous authentication. This includes how science and technology can be utilized to identify physiological or behavioral attributes that are unique to individual students (Karnan, Akila & Krishnaraj, 2011).
Commonly used biometric indicators (e.g., finger or palm prints, iris scans, facial and voice recognition) are effective because technology can accurately authenticate a user’s identity by comparing samples of unique physiological characteristics (Karnan, Akila & Krishnaraj, 2011). The main concern with using biometrics in the authentication process is systems needed to capture and compare these metrics can be prohibitively expensive to implement (Panchumarthy, Subramanian, & Sarkar, 2012). They can also be somewhat intrusive (e.g., taking facial recognition videos while working on a course). These biometrics are good gatekeeper measures; however, they do not serve well as in-system verification tools. It promotes high recognition accuracy due to its permanence and high uniqueness. However, it possibly suffers from low public acceptance due to invasiveness (iris scanning) and high implementation cost (DNA analysis) in large-scale deployment.
Key Terms in this Chapter
Latency: The elapsed time between the release of the first key and the depression of the second key.
Online Learning Environment: Learning platform that allows sharing of educational materials with the learners via the web. Examples include Moodle, WebCT, and Blackboard.
N-Graph: It means n consecutive key presses.
Verification: The biometric system authentication process which matches a captured biometric against the person's stored template (1:1).
Template: A mathematical representation of biometric data.
Fixed Text: Structured text to perform the analysis in a constrained way.
Keystroke: A single press of one of the keys on a computer on a keyboard.
Equal Error Rate (EER): An algorithm used to predetermine the threshold values for its false acceptance rate and its false rejection rate in a biometric security system.
Distance Metrics: It is a generalization of the concept of physical distance used to measure the similarity or regularity among the points.
Keyprint Profile: Baseline used for comparison, which includes only those data points somewhat outside the norm.
Signature Track: Build a signature profile that links the coursework to student’s identity using keystroke dynamics.
Flight Time: The period of silence between successive keystrokes events.
Trigraphs: It is a group of three letters that together form a single specific sound.
False-Acceptance Rate (FAR): The percentage of imposters incorrectly matched to a valid user's biometric.
Authentication: The process of recognizing a user's identity.
Digraphs: It is a combination of two letters representing one sound.
Proctor: An invigilator or supervisor at a university or college examination.
Online Assessment or E-Assessment: The systematic process of documenting and using practical data on the knowledge, skills in an e-learning environment.
E-Learning: Learning system based on formalized teaching but with the help of electronic media, typically on the internet.
Dwell Time: The latency between the key pressing and releasing of a key.
Identification: The biometric system process in which a person can be identified by performing a one-to-many (1:n) search against the entire enrolled population.
ICT: The infrastructure and components that enable modern computing with the help of information and communications technology.
False-Rejection Rate (FRR): The percentage of incorrectly rejected valid users.
Moodle: Modular object-oriented dynamic learning environment to provide an organized and central interface for e-learning in educational institutions around the world.
KeyTrac: Tool used to detect users based on their keystroke dynamics.
Free Text: Users are free to type whatever they want.
Keystroke Pattern: Keystroke measurements obtained yield information in the form of real numbers.
Keystroke Biometrics: The timing information about a key press and key release as a person is typing at a computer keyboard.
Hold Time: The mean time between key press and release for a particular key.
Keyprint Signature: Baseline used for comparison that includes all available data points.
Biometrics: The measurement and statistical analysis of people's unique physical and behavioral characteristics.