International Journal of Trend in Scientific Research and Development (IJTSRD)

Volume 5 Issue 3, March-April 2021 Available Online: www.ijtsrd.com e-ISSN: 2456 – 6470

Keystroke with Data Leakage Detection for

Secure Email Authentication
Mrs. V. Hemalatha1, V. Boominathan2, K. Harithas2, P. Raj Kumar2, S. Vijaya Bharathi2
1HOD,

1,2Department of CSE, N.S.N. College of Engineering and Technology, Karur, Tamil Nadu, India

ABSTRACT How to cite this paper: Mrs. V. Hemalatha

The user authentication is the important factor which allows the user to use a | V. Boominathan | K. Harithas | P. Raj
particular software. The user authentication is also performed in various kinds Kumar | S. Vijaya Bharathi "Keystroke
of social media such as Gmail, Facebook, etc. The traditional password system with Data Leakage Detection for Secure
is used for user authentication. But this technique has a lot of demerits in it. Email Authentication" Published in
Some hackers also cracks the password and perform some unwanted actions International Journal
in the user authentication. In order to remove the difficulties in this traditional of Trend in Scientific
password technique and to provide additional security in user authentication, Research and
the keystroke with data leakage detection for secure email authentication is Development (ijtsrd),
designed. This system uses Keystroke Dynamics. This system consists of five ISSN: 2456-6470,
different types of modules such as Email Framework Construction, User Volume-5 | Issue-3,
Enrolment, Keystroke Authentication, Data Sharing and Data Leakage April 2021, pp.797- IJTSRD39969
Detection. This system gets the details of the user such as name and email. 799, URL:
Then it allows to enter the password. This password is stored along with the www.ijtsrd.com/papers/ijtsrd39969.pdf
keystroke dynamics data such as the typing speed of the password and the
threshold value. Both the Keystroke dynamics data and the original password Copyright © 2021 by author (s) and
are stored in the database. When the user wants to log into the system, the International Journal of Trend in Scientific
user has to give the password according to the keystroke dynamics data. Then Research and Development Journal. This
only, the user can log into the system. Hence this system can also be used in is an Open Access article distributed
Cyber security and provide security and privacy for the user data. under the terms of
the Creative
KEYWORDS: Responsive, Mobility, Keystroke Dynamics, security Commons Attribution
License (CC BY 4.0)
(http://creativecommons.org/licenses/by/4.0)

1. INTRODUCTION
Authentication is one of the most important process. One of businesses. The backups of these can remain up to several
the oldest technique in protecting the user data is to use months on their server, even if it is deleted the mailbox.
passwords. But nowadays, passwords are easier to crack and Nowadays an email is becoming a mainstream business tool.
there is no protection for user’s data. Hence, the Keystroke An email is being used for communication at workplace and
Dynamics feature is used to enhance the security features from social media logins to bank accounts. Authentication of
and the user authentication of a system. the email process is only processed with the help of
username and password. User should create account and
1.1. PROBLEM STATEMENT
register their username and password for further
The major problem in most of the IT companies are Data
verification process. Security of an email is the main concern
leakage and cracking of passwords. Most of the Hackers use
for companies & it includes confidentiality that ensures
password cracking softwares to crack the user’s password
information will not expose to unauthorized entities. Email
and perform some unwanted actions such as stealing the
messages passes through intermediate computers before
data, modifying the data and add some unwanted data with
reaching their final destination and it is easy for attackers to
the user’s data. This causes more number of problems in all
intercept and read messages. An email can be misused to
kinds of fields.
leave sensitive data open to compromise. So, it may be of
2. OBJECTIVES little surprise that attacks on emails are common. When an
The goals of our project is to create a system which uses authenticated user leaves a system logged in and with a
keystroke dynamics for user authentication. password attached to it that invites an attacker to steal the
The user interface of this system should be efficient, sensitive data at their leisure. If employee used that
user friendly and maintain privacy. computer for personal use which means information is now
This system should provide security against all kinds of willingly available to the attacker.
piracy.
4. PROPOSED SYSTEM
This system should notify the user when the data of the
Email is one of the crucial aspects of web data
user has been hacked.
communication. The increasing use of email has led to a
3. EXISTING SYSTEM lucrative business opportunity called spamming. To
Email is used by millions of people to communicate around overcome the problems of authentication and data leakage in
the world and it is important application for many email sharing provide key stroke authentication technique

@ IJTSRD | Unique Paper ID – IJTSRD39969 | Volume – 5 | Issue – 3 | March-April 2021 Page 797
 International Journal of Trend in Scientific Research and Development (IJTSRD) @ www.ijtsrd.com eISSN: 2456-6470
and random key sharing methods. Keystroke authentication confirm password and keystroke value. The key stroke value
can be classified as either static or continuous. The static analyzed during password typing. Keystroke duration
refers to keystroke analysis performed only at specific times, threshold and user details are stored in the server database.
for example during the login process. When the latter is
5.3. Keystroke Authentication
applied, the analysis of the typing speed is performed
Anonymous access is the most common website access
continuously during the whole session, thus providing a tool
control method, which allows anyone to visit the public
to detect user substitution after the login. Proposed work
areas of a website while preventing unauthorized users from
has implemented based on static key stroke method. In the
gaining access to a critical features and private information
enrolment phase, for each user, a threshold based key stroke
of web servers. The user verification phase analyzes the mail
values are acquired. Leakage detection is implemented using
id, password and keystroke value of the server. During
key sharing through SMS. When the message was shared
password verification, key stroke time for password will be
between sender and receiver, secret key will be generating
calculated and matched with database. User should enter the
and distributing to the authority. When a receiver wants to
password with the specified time, otherwise they will not
view the shared message, they will be authenticate using key
allow to access application.
value. Otherwise unauthorized access notification is shared
to the authority. 5.4. Data Sharing
User can share the message to another user in secure email
4.1. ARCHITECTURE
environment. Once completion of authentication process
they will be allow to compose the mail. Then add the
recipient detail to communicate. Receiver also creates
account with key stroke authentication method. Authorized
users are allowed to access this application.
5.5. Data Leakage Detection
The Mail is being sent to authorized user and unauthorized
user. As the unauthorized user receives the mail, the system
detects that the mail has been send to the unauthorized user
using key verification process; Receiver want to verify their
secret key before accessing mail content. Here, on the user
side, if the unauthorized user accesses that mail, the mail
does not display the contents of the mail.
6. CONCLUSION
To deal with the problem of Data leakage, this system
implements a variety of data distribution strategies that can
improve the distributor's chances of identifying a leaker.
Also it includes implementation of the concept of key stroke
authentication for user authentication. In proposed email
framework, users register using their details with key stroke
values. During login process, user can also be verified using
their password with key stroke values. This will enhance the
process of authentication in email and also provides OTP
Fig.1 System Architecture
generation, to predict the authorization of user during email
5. FIELDS OF THIS SYSTEM content access.
Email Framework Construction
6.1. Future Enhancement
User Enrolment
Keystroke Authentication Future work includes the investigation of agent guilt models
Data Sharing that capture leakage scenarios. Watermarking that uses
various algorithms through encryption to offer security can
Data leakage detection
be designed along with probability-based model which
5.1. Email Framework Construction provides both the security as well as detection technique to
A mail server is an application that receives incoming e-mail identify guilty.
from local users and remote senders and forwards outgoing
REFERENCES
e-mail for delivery. A computer dedicated to running such
applications is also called a mail server. In this module [1] Alotaibi, Saud, Abdulrahman Alruban, Steven Furnell,
framework like a mail server was created. This framework and Nathan L. Clarke. "A Novel Behaviour Profiling
Approach to Continuous Authentication for Mobile
contains server and multiple users. Server can maintain all
user details. Users easily upload the files in inbox and also Applications." In ICISSP, pp. 246-251.
share the data anywhere and anytime. This framework 2019.
enable for provide key stroke authentication and leakage [2] Mhenni, Abir, Estelle Cherrier, Christophe
detection process. Rosenberger, and Najoua Essoukri Ben Amara.
5.2. User Enrolment "Double serial adaptation mechanism for keystroke
dynamics authentication based on a single password."
In this Email application, User has to register the appropriate
Computers & Security 83 (2019): 151-166.
details in the Email server database for using the
authentication process. These details include username, [3] Foresi, Andrew, and Reza Samavi. "User
address, email id, contact number, primary password, authentication using keystroke dynamics via crowd

@ IJTSRD | Unique Paper ID – IJTSRD39969 | Volume – 5 | Issue – 3 | March-April 2021 Page 798
 International Journal of Trend in Scientific Research and Development (IJTSRD) @ www.ijtsrd.com eISSN: 2456-6470
sourcing." In 2019 17th International Conference on text keystroke dynamics for Arabic language using
Privacy, Security and Trust (PST), pp. 1-3. IEEE, 2019. Euclidean distance." In 2016 12th International
Conference on Innovations in Information Technology
[4] Salem, Asma, and Mohammad S. Obaidat. "A novel
(IIT), pp. 1-6. IEEE, 2016.
security scheme for behavioral authentication
systems based on keystroke dynamics." Security and [8] Ahmed, Ahmed A., and Issa Traore. "Biometric
Privacy 2, no. 2 (2019): e64. recognition based on free-text keystroke dynamics."
IEEE transactions on cybernetics 44, no. 4 (2013):
[5] Ferrari, Carlo, Daniele Marini, and Michele Moro. "An
458-472.
adaptive typing biometric system with varying users
model." In 2018 32nd International Conference on [9] Huang, Jiaju, Daqing Hou, and Stephanie Schuckers. "A
Advanced Information Networking and Applications practical evaluation of free-text keystroke dynamics."
Workshops (WAINA), pp. 564-568. IEEE, 2018. In 2017 IEEE International Conference on Identity,
Security and Behavior Analysis (ISBA), pp.1-8. IEEE,
[6] Shen, Sung-Shiou, Tsai-Hua Kang, Shen-Ho Lin, and
2017.
Wei Chien. "Random graphic user password
authentication scheme in mobile devices." In 2017 [10] Senathipathi, K., and Krishnan Batri. "An analysis of
International conference on applied system particle swarm optimization and genetic algorithm
innovation (ICASI), pp. 1251-1254. IEEE, 2017. with respect to keystroke dynamics." In 2014
international conference on green computing
[7] Alsuhibany, Suliman A., Muna Almushyti, Noorah
communication and electrical engineering (ICGCCEE),
Alghasham, and Fatimah Alkhudier. "Analysis of free-
pp. 1-11. IEEE, 2014.

@ IJTSRD | Unique Paper ID – IJTSRD39969 | Volume – 5 | Issue – 3 | March-April 2021 Page 799