ksd 0.0.1

data/History.txt

@@ -0,0 +1,7 @@
+== 0.0.1 2009-01-05
+
+* 1 major enhancement:
+  * Made my library into a gem.
+* 2 known bugs:
+  * Paths to analysis and password files must be set through constants before use. The default should use the current path of the requiring file.
+  * Needs specs!

data/Manifest.txt

@@ -0,0 +1,18 @@
+History.txt
+Manifest.txt
+PostInstall.txt
+README.rdoc
+Rakefile
+examples/enroll_login.rb
+examples/enroll_scentences.rb
+examples/login.rb
+lib/keystroke_dynamics.rb
+lib/keystroke_dynamics/analysis.rb
+lib/keystroke_dynamics/validation.rb
+script/console
+script/destroy
+script/generate
+spec/keystroke_dynamics_spec.rb
+spec/spec.opts
+spec/spec_helper.rb
+tasks/rspec.rake

data/PostInstall.txt

@@ -0,0 +1,7 @@
+
+For more information on keystroke_dynamics, see http://ksd.rubyforge.org
+
+NOTE: Change this information in PostInstall.txt 
+You can also delete it if you don't want it.
+
+

data/README.rdoc

@@ -0,0 +1,59 @@
+= keystroke_dynamics
+
+* http://ksd.rubyforge.org/
+
+== DESCRIPTION:
+Simple keystroke dynamics analyzer/validator written in Ruby-GTK
+
+
+== FEATURES:
+
+* Analysis holds logic to extract simple biometric information from GTK widgets.
+* Validation holds logic to manage user enrollment, validation and cryptographic functions.
+
+== EXAMPLES:
+The three included Ruby-GTK examples demonstrate the principle of biometric authentication based on keystroke dynamics. For experimentational purposes, I have created two different examples which establish a metric from a users typing. The first, enroll_scentences.rb, lets you type in 5 pangrams (scentences that hold every letter of the alphabet) to establish your metric. The other, enroll_login.rb, lets you type your login details 10 times. I leave it as an excercise to the user to see which method works best for him or her.
+The login.rb example lets you try out your newly created username, password and keystroke metric on a login screen.
+
+== REQUIREMENTS:
+
+
+Depends on
+* GTK
+* Ruby GTK bindings
+* Ruby OpenSSL bindings
+
+== INSTALL:
+
+* sudo gem install keystroke_dynamics
+
+If you don't have the Ruby GTK or OpenSSL bindings you should install them through your package manager.
+
+On Debian/Ubuntu:
+* sudo apt-get install libgtk2-ruby
+* sudo apt-get install libopenssl-ruby
+
+== LICENSE:
+
+(The MIT License)
+
+Copyright (c) 2009 Aram Verstegen
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+'Software'), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
+CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
+TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
+SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/Rakefile

@@ -0,0 +1,28 @@
+%w[rubygems rake rake/clean fileutils newgem rubigen].each { |f| require f }
+require File.dirname(__FILE__) + '/lib/keystroke_dynamics'
+
+# Generate all the Rake tasks
+# Run 'rake -T' to see list of generated tasks (from gem root directory)
+$hoe = Hoe.new('ksd', KeystrokeDynamics::VERSION) do |p|
+  p.developer('Aram Verstegen', 'aram@aczid.nl')
+  p.changes              = p.paragraphs_of("History.txt", 0..1).join("\n\n")
+  p.post_install_message = 'PostInstall.txt' # TODO remove if post-install message not required
+  p.rubyforge_name       = p.name # TODO this is default value
+  # p.extra_deps         = [
+  #   ['activesupport','>= 2.0.2'],
+  # ]
+  p.extra_dev_deps = [
+    ['newgem', ">= #{::Newgem::VERSION}"]
+  ]
+  
+  p.clean_globs |= %w[**/.DS_Store tmp *.log]
+  path = (p.rubyforge_name == p.name) ? p.rubyforge_name : "\#{p.rubyforge_name}/\#{p.name}"
+  p.remote_rdoc_dir = File.join(path.gsub(/^#{p.rubyforge_name}\/?/,''), 'rdoc')
+  p.rsync_args = '-av --delete --ignore-errors'
+end
+
+require 'newgem/tasks' # load /tasks/*.rake
+Dir['tasks/**/*.rake'].each { |t| load t }
+
+# TODO - want other tests/tasks run by default? Add them to the list
+# task :default => [:spec, :features]

data/examples/enroll_login.rb

@@ -0,0 +1,93 @@
+#!/usr/bin/env ruby
+# == Summary
+# This is an example enrollment application set up to collect keystroke dynamics data by letting the user type his username and password several times.
+
+require 'gtk2'
+$:.unshift(File.dirname(__FILE__) + '/../lib')
+require 'rubygems'
+require 'keystroke_dynamics'
+KeystrokeDynamics::Validation::KSD_DIR = './keystroke_dynamics/'
+KeystrokeDynamics::Validation::PH_FILE = './passwd'
+
+window = Gtk::Window.new
+window.title = "Keystroke dynamics enrollment test application"
+window.signal_connect("destroy") { Gtk.main_quit }
+window.signal_connect("delete_event") { Gtk.main_quit }
+
+mainbox = Gtk::VBox.new(false,0)
+window.add(mainbox)
+mainbox.show
+
+user = Gtk::Entry.new
+user.set_text("username")
+user.set_editable(true)
+pass = Gtk::Entry.new
+pass.set_text("pass")
+pass.set_editable(true)
+pass.set_invisible_char(42) # 42 is "*" in unicode
+pass.set_visibility(false)
+
+loginbox = Gtk::VBox.new
+loginbox.pack_start(Gtk::Label.new("Choose you login details"), true, true, 0)
+loginbox.pack_start(user, true, true, 0)
+loginbox.pack_start(pass, true, true, 0)
+
+mainbox.pack_start(loginbox, true, true,0)
+mainbox.show
+
+mainbox.pack_start(Gtk::Label.new("Please type your login details 10 times so I can learn they way you type them."), true, true, 20)
+
+statsbox = Gtk::HBox.new
+mean_hold_label = Gtk::Label.new
+mean_seek_label = Gtk::Label.new
+mean_kps_label = Gtk::Label.new
+statsbox.pack_start(mean_hold_label, true, true, 0)
+statsbox.pack_start(mean_seek_label, true, true, 0)
+statsbox.pack_start(mean_kps_label, true, true, 0)
+
+ksds = []
+for i in (0..9)
+  loginbox = Gtk::HBox.new
+  login = Gtk::Entry.new
+  login.select_region(0,-1)
+  login.set_editable(true)
+  pass = Gtk::Entry.new
+  pass.set_editable(true)
+  pass.set_invisible_char(42) # 42 is "*" in unicode
+  pass.set_visibility(false)
+  loginbox.pack_start(login, true, true, 0)
+  loginbox.pack_start(pass, true, true, 0)
+  ksds[i] = KeystrokeDynamics::Analysis.new
+  ksds[i].analyze_keys([login, pass])
+  loginbox.signal_connect_after("key-release-event", ksds[i]) do |w, e, analyzer|
+    mean_hold_label.text = "Mean hold: #{analyzer.mean_hold}"
+    mean_seek_label.text = "Mean seek: #{analyzer.mean_seek}"
+    mean_kps_label.text = "Mean KPS: #{analyzer.mean_kps}"
+    false
+  end
+  loginbox.show
+  mainbox.pack_start(loginbox,true,true,0)
+end
+
+mainbox.pack_start(statsbox,true,true,20)
+statsbox.show
+
+button = Gtk::Button.new("Enroll")
+button.signal_connect("clicked") do |w|
+  keystroke_array_array = []
+  ksds.each do |ksd|
+    keystroke_array_array << ksd.keystrokes
+  end
+  if KeystrokeDynamics::Validation.enroll(user.text, pass.text, keystroke_array_array)
+    Gtk.main_quit
+  end
+end
+button.show
+mainbox.pack_start(button, true, true,0)
+
+window.set_default_size(100, 100).show_all
+
+window.show
+
+Gtk.main
+exit

data/examples/enroll_scentences.rb

@@ -0,0 +1,94 @@
+#!/usr/bin/env ruby
+# == Summary
+# This is an example enrollment application set up to collect keystroke dynamics data by letting the user type several scentences.
+require 'gtk2'
+$:.unshift(File.dirname(__FILE__) + '/../lib')
+require 'rubygems'
+require 'keystroke_dynamics'
+KeystrokeDynamics::Validation::KSD_DIR = './keystroke_dynamics/'
+KeystrokeDynamics::Validation::PH_FILE = './passwd'
+
+window = Gtk::Window.new
+window.title = "Keystroke dynamics enrollment test application"
+window.signal_connect("destroy") { Gtk.main_quit }
+window.signal_connect("delete_event") { Gtk.main_quit }
+
+mainbox = Gtk::VBox.new(false,0)
+window.add(mainbox)
+mainbox.show
+
+user = Gtk::Entry.new
+user.set_text("username")
+user.set_editable(true)
+pass = Gtk::Entry.new
+pass.set_text("pass")
+pass.set_editable(true)
+pass.set_invisible_char(42) # 42 is "*" in unicode
+pass.set_visibility(false)
+
+loginbox = Gtk::VBox.new
+loginbox.pack_start(Gtk::Label.new("Choose you login details"), true, true, 0)
+loginbox.pack_start(user, true, true, 0)
+loginbox.pack_start(pass, true, true, 0)
+
+mainbox.pack_start(loginbox, true, true,0)
+mainbox.show
+
+mainbox.pack_start(Gtk::Label.new("Please type these scentences so I can learn your keyboard dynamics."), true, true, 20)
+
+scentences = [
+  Gtk::Label.new("Two driven jocks help fax my big quiz."),
+  Gtk::Label.new("How quickly daft jumping zebras vex."),
+  Gtk::Label.new("The five boxing wizards jump quickly."),
+  Gtk::Label.new("Jackdaws love my big sphinx of quartz."),
+  Gtk::Label.new("The quick brown fox jumps over the lazy dog.")
+  ]
+  
+statsbox = Gtk::HBox.new
+mean_hold_label = Gtk::Label.new
+mean_seek_label = Gtk::Label.new
+mean_kps_label = Gtk::Label.new
+statsbox.pack_start(mean_hold_label, true, true, 0)
+statsbox.pack_start(mean_seek_label, true, true, 0)
+statsbox.pack_start(mean_kps_label, true, true, 0)
+
+ksds = []
+for i in (0..4)
+  entry = Gtk::Entry.new
+  entry.set_text("")
+  entry.set_editable(true)
+  ksds[i] = KeystrokeDynamics::Analysis.new
+  ksds[i].analyze_keys(entry)
+  mainbox.pack_start(scentences[i],true,true,0)
+  entry.signal_connect_after("key-release-event", ksds[i]) do |w, e, analyzer|
+    mean_hold_label.text = "Mean hold: #{analyzer.mean_hold}"
+    mean_seek_label.text = "Mean seek: #{analyzer.mean_seek}"
+    mean_kps_label.text = "Mean KPS: #{analyzer.mean_kps}"
+    false
+  end
+  entry.show
+  mainbox.pack_start(entry,true,true,0)
+end
+
+mainbox.pack_start(statsbox,true,true,20)
+statsbox.show
+
+button = Gtk::Button.new("Enroll")
+button.signal_connect("clicked") do |w|
+  keystroke_array_array = []
+  ksds.each do |ksd|
+    keystroke_array_array << ksd.keystrokes
+  end
+  if KeystrokeDynamics::Validation.enroll(user.text, pass.text, keystroke_array_array)
+    Gtk.main_quit
+  end
+end
+button.show
+mainbox.pack_start(button, true, true,0)
+
+window.set_default_size(100, 100).show_all
+
+window.show
+
+Gtk.main
+exit

data/examples/login.rb

@@ -0,0 +1,63 @@
+#!/usr/bin/env ruby
+# == Summary
+# This is an example login application set up to validate keystroke dynamics data.
+
+require 'gtk2'
+$:.unshift(File.dirname(__FILE__) + '/../lib')
+require 'rubygems'
+require 'keystroke_dynamics'
+KeystrokeDynamics::Validation::KSD_DIR = './keystroke_dynamics/'
+KeystrokeDynamics::Validation::PH_FILE = './passwd'
+KeystrokeDynamics::Validation::ACCURACY_THRESHOLD = 0.5
+
+
+window = Gtk::Window.new
+window.title = "Keystroke dynamics login test application"
+window.signal_connect("destroy") { Gtk.main_quit }
+window.signal_connect("delete_event") { Gtk.main_quit }
+
+mainbox = Gtk::VBox.new(false,0)
+window.add(mainbox)
+mainbox.show
+
+mainbox.pack_start(Gtk::Label.new("Try to log in!"), true, true, 20)
+
+login = Gtk::Entry.new
+login.select_region(0,-1)
+login.set_editable(true)
+pass = Gtk::Entry.new
+pass.set_editable(true)
+pass.set_invisible_char(42) # 42 is "*" in unicode
+pass.set_visibility(false)
+
+ksd = KeystrokeDynamics::Analysis.new
+ksd.analyze_keys([login, pass])
+
+button = Gtk::Button.new("Log in")
+button.signal_connect("clicked") do |w|
+  if(KeystrokeDynamics::Validation.validate(login.text, pass.text, [ksd.keystrokes]))
+    puts "Logged in successfully!"
+    Gtk.main_quit
+  end
+  # reset entry fields and identified keys to allow several login attempts, avoid the risk of comparing empty keys
+  login.text=""
+  pass.text=""
+  ksd.keystrokes = []
+end
+
+button.show
+
+mainbox.pack_start(login, true, true,0)
+mainbox.pack_start(pass, true, true,0)
+mainbox.pack_start(button, true, true,20)
+
+login.show
+pass.show
+
+window.set_default_size(100, 100).show_all
+
+window.show
+
+Gtk.main
+exit
+

data/lib/keystroke_dynamics/analysis.rb

@@ -0,0 +1,226 @@
+# == Summary
+# The Analysis class is used to:
+# * gather keystroke data from attached GTK widgets
+# * calculate character-specific statistics from the gathered keystroke data to base a metric on
+# * calculate an average metric, consisting of min/max/mean seek/hold times per character, over several instances of keystroke data using these statistics
+# * calculate the deviiation between these average metrics
+# * calculate general statistics from the gathered keystroke data, to provide real time feedback to users
+
+# Module housing Analysis class, Validation class and associated constants
+module KeystrokeDynamics
+
+# Number of milliseconds allowed to be slower or faster from measured profile.
+# For example, setting this to 1000 means that there can be a total of 1 second deviation in keystroke min/max/mean seeks and holds combined. Having a 1 second deviation would then make the compare_metrics function return 0.
+# This number needs to be increased as the number of compared metrics increases to allow for standard deviation.
+MAX_ALLOWED_DEVIATION = 800
+
+# == Summary
+# The Analysis class is used to:
+# * gather keystroke data from attached GTK widgets
+# * calculate character-specific statistics from the gathered keystroke data to base a metric on
+# * calculate an average metric, consisting of min/max/mean seek/hold times per character, over several instances of keystroke data using these statistics
+# * calculate the deviiation between these average metrics
+# * calculate general statistics from the gathered keystroke data, to provide real time feedback to users
+#
+# === Data structures
+# First, a signal handler is attached to log key data. These are keystrokes with metadata such as time_pressed, time_released. These are elaborated on by calculating the hold time and the seek time since the last character interactively.
+# These keystrokes are stored in an array which ensures they stay in an ordered position.
+# The statistics and metric functions operate on an array of these keystroke arrays, which allows for test data from several widgets to be analyzed simultaneously. This metric is a hash of keystrokes with more explicit biometric information, namely min/max/mean seek/hold times.
+# This metric can be tested for simmilarity to a refrence metric by counting the number of deviations in ms from the reference metric. The reference metric is actually calculated using the same metric function, because it is able to condense many instances of widgets (arrays of arrays) to a metric. Averaging over many widgets ensures any deviation gets more flattened out, and thus makes the metric more accurate.
+#
+# == Notes
+# This class is instantiable as an Analysis, to capture input and do simple statistics on it.
+# However, it also houses all the logic to calculate and compare the metric as class methods, which can be called from everywhere. (So it is partly like a static class would be in other languages.)
+class Analysis
+  # This array houses the analyzed keystrokes, with hashes like <tt>{:time_pressed, :time_released, :character, :seek_time, :hold_time}</tt>.
+  # If the concept of hashes is unfamilliar to you, it might help to think of them like simple structs.
+  attr_accessor :keystrokes
+
+  def initialize
+    # Using an array ensures the keystrokes are stored in the order they were inserted.
+    # This is important because the release event handler needs to look through the list to find the last key which was pressed, but possibly not yet released.
+    @keystrokes = []
+  end
+
+  # Attaches signal handlers to (an array of) widgets so that keystroke dynamics data can be collected from them.
+  def analyze_keys(widget_array)
+    widget_array = [widget_array] if !widget_array.is_a?(Array)
+    widget_array.each do |widget|
+      widget.add_events(Gdk::Event::KEY_PRESS)
+      widget.add_events(Gdk::Event::KEY_RELEASE)
+      widget.signal_connect("key-press-event") do |w, e|
+        if(e.keyval)
+          keystroke = {:time_pressed => e.time, :character => Gdk::Keyval.to_name(e.keyval).to_s}
+          last = last_keystroke || {}
+          # Calculates seek time.
+          if(last[:time_pressed] != nil)
+            keystroke[:seek_time] = (keystroke[:time_pressed] - last[:time_pressed]) if last[:time_pressed] != nil
+          end
+          @keystrokes << keystroke
+        end
+        # Lets the event propagate up to the original signal handler.
+        false
+      end
+    
+      widget.signal_connect("key-release-event") do |w, e|
+        if(e.keyval)
+          # Calculates hold time.
+          # Iterates through the array in reverse to find the last pressed, but not yet released key.
+          @keystrokes.reverse_each do |keystroke|
+            if(keystroke[:time_released] == nil)
+              keystroke[:time_released] = e.time
+              keystroke[:hold_time] = (e.time - keystroke[:time_pressed]) if keystroke[:time_pressed] != nil
+            end
+          end
+        end
+        # Lets the event propagate up to the original signal handler.
+        false
+      end
+    end 
+  end
+
+  # Returns last recorded keystroke hash.
+  def last_keystroke
+    # Looks if we are still in the middle of our last keystroke, and returns it if necessary.
+    @keystrokes.reverse_each do |keystroke|
+      if(keystroke[:time_released] == nil)
+        return keystroke
+      end
+    end
+    # If all the logged keystrokes were released, return the last one in the array.
+    @keystrokes.last
+  end
+
+  # Returns mean seek time for all analyzed keystrokes.
+  # Used to display realtime statistics in the application.
+  def mean_seek
+    mean = Analysis.metric([@keystrokes])
+    mean_seek = 0 
+    mean.each_pair do |idx, keystroke|
+      mean_seek += keystroke[:mean_seek].to_i
+    end
+    if mean.size.to_i != 0
+      return (mean_seek.to_i / mean.size.to_i).to_i
+    else
+      return 0
+    end
+  end
+
+  # Returns mean hold time for all analyzed keystrokes.
+  # Used to display realtime statistics in the application.
+  def mean_hold
+    mean = Analysis.metric([@keystrokes])
+    mean_hold = 0 
+    mean.each_pair do |idx, keystroke|
+      mean_hold += keystroke[:mean_hold].to_i
+    end
+    if mean.size.to_i != 0
+      return (mean_hold.to_i / mean.size.to_i).to_i
+    else
+      return 0
+    end
+  end
+
+  # Returns mean number of keystrokes per second.
+  # Used to display realtime statistics in the application.
+  def mean_kps
+    last = last_keystroke || {}
+    first = @keystrokes.first || {}
+    time_in_ms = (last[:time_pressed].to_i - first[:time_pressed].to_i).to_f
+    if time_in_ms != 0
+      return (@keystrokes.size.to_f / ((time_in_ms / 1000).to_f)).to_i
+    else
+      return 0
+    end
+  end
+
+  # Returns deviation as an int betwoon 0 and 1.
+  # Returns 0 if the max deviation is reached or exceeded.
+  # Returns 0.5 if half of the max deviation is reached.
+  # Returns 1 if the deviation is 0, ie the hashes of keystrokes match perfectly.
+  def self.compare_metrics(metric_test, metric_ref)
+    deviation = 0
+    metric_test.each_pair do |idx,keystroke|
+      if metric_test[idx.to_sym].is_a?(Hash) && metric_ref[idx.to_sym].is_a?(Hash)
+        # Deviation will increase by the amount of ms seeks and holds differ from mean.
+        mean_seek_diff = (metric_test[idx.to_sym][:mean_seek].to_i - metric_ref[idx.to_sym][:mean_seek].to_i)
+        mean_hold_diff = (metric_test[idx.to_sym][:mean_hold].to_i - metric_ref[idx.to_sym][:mean_hold].to_i)
+        if mean_seek_diff > 0
+          deviation += mean_seek_diff
+        else
+          deviation -= mean_seek_diff
+        end
+
+        if mean_hold_diff > 0
+          deviation += mean_hold_diff
+        else
+          deviation -= mean_hold_diff
+        end
+
+        # Deviation will increase by the amount of ms seeks and holds exceed min/max holds and seeks.
+        if metric_test[idx.to_sym][:mean_hold] < metric_ref[idx.to_sym][:min_hold]
+          deviation += (metric_ref[idx.to_sym][:min_hold] - metric_test[idx.to_sym][:mean_hold]).to_i
+        end
+        if metric_test[idx.to_sym][:mean_hold] > metric_ref[idx.to_sym][:max_hold]
+          deviation += (metric_test[idx.to_sym][:mean_hold] - metric_ref[idx.to_sym][:max_hold]).to_i
+        end
+        if metric_test[idx.to_sym][:mean_seek] < metric_ref[idx.to_sym][:min_seek]
+          deviation += (metric_ref[idx.to_sym][:min_seek] - metric_test[idx.to_sym][:mean_seek]).to_i
+        end
+        if metric_test[idx.to_sym][:mean_seek] > metric_ref[idx.to_sym][:max_seek]
+          deviation += (metric_test[idx.to_sym][:mean_seek] - metric_ref[idx.to_sym][:max_seek]).to_i
+        end
+      end
+    end
+    if(deviation > MAX_ALLOWED_DEVIATION)
+      return 0
+    elsif((0 < deviation) && (deviation < MAX_ALLOWED_DEVIATION))
+      return 1-(deviation.to_f/MAX_ALLOWED_DEVIATION)
+    else
+      return 1
+    end
+  end
+
+  # Calculates mean, min and max seek/hold times per character from an array of keystroke arrays.
+  # Returns a hash with <tt>{character.to_sym => {:mean_seek, :mean_hold, :min_seek, :max_seek, :min_hold, :max_hold}}</tt>.
+  def self.metric(keystroke_array_array)
+    stats = self.statistics(keystroke_array_array)
+    metric = {}
+    stats.each_pair do |idx, key|
+      metric[idx] = {
+        :mean_hold => (key[:hold_total] / key[:holds]),
+        :mean_seek => (key[:seek_total] / key[:seeks]),
+        :min_seek => key[:min_seek].to_i,
+        :max_seek => key[:max_seek].to_i,
+        :min_hold => key[:min_hold].to_i,
+        :max_hold => key[:max_hold].to_i
+      }
+    end
+    metric
+  end
+
+  # Calculates total seeks/holds, total seeks/holds time and min/max hold/seek values for each character analyzed.
+  # Returns a hash with <tt>{character.to_sym => {:seek_total, :hold_total, :seeks, :holds, :character, :min_seek, :max_seek, :min_hold, :max_hold}}</tt>.
+  def self.statistics(keystroke_array_array)
+    stats = {}
+    keystroke_array_array.each do |keystroke_array|
+      keystroke_array.each do |keystroke|
+        key = keystroke[:character].to_sym
+        stats[key] = {:seek_total => 0, :hold_total => 0, :seeks => 0, :holds => 0, :character => keystroke[:character]} unless stats[key].is_a?(Hash)
+        stats[key][:seek_total] += keystroke[:seek_time].to_i
+        stats[key][:hold_total] += keystroke[:hold_time].to_i
+        stats[key][:seeks] += 1
+        stats[key][:holds] += 1
+        stats[key][:min_seek] = keystroke[:seek_time].to_i if stats[key][:min_seek].to_i > keystroke[:seek_time].to_i
+        stats[key][:max_seek] = keystroke[:seek_time].to_i if stats[key][:max_seek].to_i < keystroke[:seek_time].to_i
+        stats[key][:min_hold] = keystroke[:hold_time].to_i if stats[key][:min_hold].to_i > keystroke[:hold_time].to_i
+        stats[key][:max_hold] = keystroke[:hold_time].to_i if stats[key][:max_hold].to_i < keystroke[:hold_time].to_i
+      end
+    end
+    stats
+  end
+
+
+end
+
+end

data/lib/keystroke_dynamics/validation.rb

@@ -0,0 +1,167 @@
+# == Summary
+# The Validation class is used to:
+# * validate username, password and keyboard metric
+# * enroll new users with username, password and averaged keyboard metric
+# * house the cryptographic functions needed for these operations
+
+require 'fileutils'
+require 'digest/sha1'
+require 'openssl'
+require 'base64'
+
+# Module housing Analysis class, Validation class and associated constants
+module KeystrokeDynamics
+
+# Password hashes file.
+PH_FILE = File.join(File.dirname(__FILE__), "../passwd")
+
+# Keystrokes dynamics dir.
+KSD_DIR = File.join(File.dirname(__FILE__), "../keystroke_dynamics")
+
+# An accuracy threshold of 0 allows for maximum deviation from measured mean/min/max seek and hold times.
+# An accuracy threshold of 0.5 allows for half of total deviation from measured mean/min/max seek and hold times.
+# An accuracy threshold of 1 allows for 0 milliseconds of total deviation from measured mean/min/max seek and hold times.
+ACCURACY_THRESHOLD = 0.5
+
+# == Summary
+# The Validation class is used to:
+# * validate username, password and keyboard metric
+# * enroll new users with username, password and averaged keyboard metric
+# * house the cryptographic functions needed for these operations
+#
+# === Keying scheme
+# The password file houses a salted password hash and the salt generated for each user that has enrolled. The unsalted password hash, plus the salt (which is actually an AES IV) is used for encrypting and decrypting the keyboard metrics analyzed during enrollment and validation.
+#
+# == Notes
+# All these methods are class methods. In other languages you could call this a static class.
+class Validation
+
+  # Validates login details accompanied by an array of keystroke arrays
+  # (Usually this would be an array with just one keystroke array, but I made it like this to be able to support more elaborate authentication mechanisms with longer texts and more input fields. it might be beneficial to have more data validated at a higher threshold to even out deviation.)
+  # When a user tries to validate, the user's salted password hash and iv (the salt) are loaded from the reference metric file created at enrollment. These are used to compare the user's login credentials as would normally happen. After that the metric acquired during login is compared to the reference metric for the user, which is decrypted from the disk using the unsalted password hash as a key.
+  # Returns a boolean:
+  # Returns false if a login error occurs.
+  # Returns true only if login information is correct and keystroke dynamics match the profile saved at enrollment within limit defined by MAX_ALLOWED_DEVIATION.
+  def self.validate(username, password, keystroke_array_array)
+    pass_hashes = self.load_pass_hashes
+    unless pass_hashes[username.to_sym].nil?
+      iv = pass_hashes[username.to_sym][:iv]
+    else
+      iv = ""
+    end
+    # Match login details in password file
+    if (pass_hashes[username.to_sym] || {})[:hash] == self.pass_hash(password,iv)
+      # Open user's reference metric
+      begin
+        mean_metric = File.open(File.join(KSD_DIR,"#{username}.met"), 'rb') do |f|
+          Marshal.load(self.decrypt(f.read, password, iv))
+        end
+      rescue
+        mean_metric = []
+        puts "Keystroke dynamics not registered for user #{username}"
+        return false
+      end
+      # Compare metrics for known characters
+      mean_accuracy = Analysis.compare_metrics(Analysis.metric(keystroke_array_array), mean_metric)
+      # ACCURACY_THRESHOLD allows weighting of the allowed deviation.
+      # For example, if MAX_ALLOWED_DEVIATION is 1000 ms, setting ACCURACY_THRESHOLD to 0.5 would allow deviations of no more than 500 ms.
+      if mean_accuracy < ACCURACY_THRESHOLD
+        puts "Keystroke dynamics didn't match user #{username} (measuered mean accuracy: #{mean_accuracy}, required mean accuracy: > #{ACCURACY_THRESHOLD})"
+        return false
+      else
+        puts "Identified user #{username} with mean accuracy of #{mean_accuracy}"
+        return true
+      end
+    elsif pass_hashes[username.to_sym].is_a?(Hash)
+      puts "Incorrect password for user #{username}"
+      return false
+    else
+      puts "User \"#{username}\" not enrolled"
+      return false
+    end
+  end
+
+  # Enrolls a user.
+  # When a user tries to enroll and no such user exists in the password file, a new entry in the password file is created. The entry contains a salted password hash and the salt which double respectively as they key and intialization vector (IV) for cryptographic operations on the user's keystroke metric.
+  # An average of the supplied 2 dimensional array is calculated, which is encrypted and written to a file to be used as a reference metric.
+  # Returns a boolean
+  # Returns false if a user with the supplied username is already enrolled.
+  # Returns true if everything went as planned, returns false if username or password are empty or a user by the same name exists.
+  def self.enroll(username, password, keystroke_array_array)
+    pass_hashes = self.load_pass_hashes
+    if username == ""
+      puts "Username can't be blank"
+      return false
+    end
+    if password == ""
+      puts "Password can't be blank"
+      return false
+    end
+    if pass_hashes[username.to_sym] != nil
+      puts "User exists"
+      return false
+    end
+    iv = OpenSSL::Cipher::Cipher.new("aes-256-cbc").random_iv
+    pass_hashes[username.to_sym] = {:hash => self.pass_hash(password,iv), :iv => iv}
+    self.create_met_dir
+    # Saves encrypted metric to file
+    File.open(File.join(KSD_DIR,"#{username}.met"), 'wb') do |f|
+      marshal = Marshal.dump(Analysis.metric(keystroke_array_array))
+      f.write(self.encrypt(marshal, password, pass_hashes[username.to_sym][:iv]))
+    end
+    self.save_pass_hashes(pass_hashes)
+    return true
+  end
+
+  # Returns SHA1 hash of optionally salted string.
+  def self.pass_hash(pass, salt = "")
+    Digest::SHA1.hexdigest(pass+salt)
+  end
+
+  # Returns Base64 encoded, AES 256 encrypted string using hashed key.
+  def self.encrypt(string, key, iv)
+    c = OpenSSL::Cipher::Cipher.new("aes-256-cbc")
+    c.encrypt
+    # it is very important to not use a salted hash here, because that is written to the passwords file
+    c.key = self.pass_hash(key)
+    c.iv = iv
+    e = c.update(Base64.encode64(string))
+    e << c.final
+    e
+  end
+
+  # Returns AES 256 decrypted, Base64 decoded string using hashed key.
+  def self.decrypt(string, key, iv)
+    c = OpenSSL::Cipher::Cipher.new("aes-256-cbc")
+    c.decrypt
+    c.key = self.pass_hash(key)
+    c.iv = iv
+    d = c.update(string)
+    d << c.final
+    Base64.decode64(d)
+  end
+
+  # Loads usernames, salted password hashes and ivs.
+  # Returns a hash of login information loaded from disk.
+  # Returned hash takes the form of <tt>{username.to_sym => {:hash, :iv }</tt>.
+  def self.load_pass_hashes
+    unless File.exists?(PH_FILE)
+      FileUtils.touch(PH_FILE)
+      File.open(PH_FILE,'wb') {|f| Marshal.dump({}, f)}
+    end
+    File.open(PH_FILE, 'rb') { |f| Marshal.load(f)} || {}
+  end
+
+  # Writes the login information information to disk.
+  def self.save_pass_hashes(pass_hashes)
+    File.open(PH_FILE, 'wb') { |f| Marshal.dump(pass_hashes, f)}
+  end
+
+  # Creates a directory for encrypted metric files if it doenst exist yet.
+  def self.create_met_dir
+    FileUtils.mkdir(KSD_DIR) unless File.exists?(KSD_DIR)
+  end
+
+end
+
+end

data/lib/keystroke_dynamics.rb

@@ -0,0 +1,28 @@
+$:.unshift(File.dirname(__FILE__)) unless
+  $:.include?(File.dirname(__FILE__)) || $:.include?(File.expand_path(File.dirname(__FILE__)))
+
+require "keystroke_dynamics/analysis"
+require "keystroke_dynamics/validation"
+
+# == Simple keystroke dynamics analyzer/validator written in Ruby-GTK
+# Copyright (c) 2008 Aram Verstegen <aram@aczid.nl>
+#
+# == Summary
+# The three included Ruby-GTK examples demonstrate the principle of biometric authentication based on keystroke dynamics. For experimentational purposes, I have created two different examples which establish a metric from a users typing. The first, enroll_scentences.rb, lets you type in 5 pangrams (scentences that hold every letter of the alphabet) to establish your metric. The other, enroll_login.rb, lets you type your login details 10 times. I leave it as an excercise to the user to see which method works best for him or her.
+# The login.rb example lets you try out your newly created username, password and keystroke metric on a login screen.
+#
+# === Libraries
+# The logic in analyzer.rb and validation.rb can be used by other Ruby-GTK applications, as Analysis instances have methods to attach signal handlers for any Instantiable GTK widget.
+#
+# ==== Analysis
+# This class holds logic to extract simple biometric information from GTK widgets.
+#
+# ==== Validation
+# This class holds logic to manage user enrollment, validation and cryptographic functions.
+#
+# === Dependencies
+# To run the Ruby-GTK examples you will need libgtk2-ruby.
+# The validation functions require libopenssl-ruby.
+module KeystrokeDynamics
+  VERSION = '0.0.1'
+end

data/script/console

@@ -0,0 +1,10 @@
+#!/usr/bin/env ruby
+# File: script/console
+irb = RUBY_PLATFORM =~ /(:?mswin|mingw)/ ? 'irb.bat' : 'irb'
+
+libs =  " -r irb/completion"
+# Perhaps use a console_lib to store any extra methods I may want available in the cosole
+# libs << " -r #{File.dirname(__FILE__) + '/../lib/console_lib/console_logger.rb'}"
+libs <<  " -r #{File.dirname(__FILE__) + '/../lib/keystroke_dynamics.rb'}"
+puts "Loading keystroke_dynamics gem"
+exec "#{irb} #{libs} --simple-prompt"

data/script/destroy

@@ -0,0 +1,14 @@
+#!/usr/bin/env ruby
+APP_ROOT = File.expand_path(File.join(File.dirname(__FILE__), '..'))
+
+begin
+  require 'rubigen'
+rescue LoadError
+  require 'rubygems'
+  require 'rubigen'
+end
+require 'rubigen/scripts/destroy'
+
+ARGV.shift if ['--help', '-h'].include?(ARGV[0])
+RubiGen::Base.use_component_sources! [:rubygems, :newgem, :newgem_theme, :test_unit]
+RubiGen::Scripts::Destroy.new.run(ARGV)

data/script/generate

@@ -0,0 +1,14 @@
+#!/usr/bin/env ruby
+APP_ROOT = File.expand_path(File.join(File.dirname(__FILE__), '..'))
+
+begin
+  require 'rubigen'
+rescue LoadError
+  require 'rubygems'
+  require 'rubigen'
+end
+require 'rubigen/scripts/generate'
+
+ARGV.shift if ['--help', '-h'].include?(ARGV[0])
+RubiGen::Base.use_component_sources! [:rubygems, :newgem, :newgem_theme, :test_unit]
+RubiGen::Scripts::Generate.new.run(ARGV)

data/spec/keystroke_dynamics_spec.rb

@@ -0,0 +1,11 @@
+require File.dirname(__FILE__) + '/spec_helper.rb'
+
+# Time to add your specs!
+# http://rspec.info/
+describe "Place your specs here" do
+  
+  it "find this spec in spec directory" do
+    violated "Be sure to write your specs"
+  end
+  
+end

data/spec/spec.opts

@@ -0,0 +1 @@
+--colour

data/spec/spec_helper.rb

@@ -0,0 +1,10 @@
+begin
+  require 'spec'
+rescue LoadError
+  require 'rubygems'
+  gem 'rspec'
+  require 'spec'
+end
+
+$:.unshift(File.dirname(__FILE__) + '/../lib')
+require 'keystroke_dynamics'

data/tasks/rspec.rake

@@ -0,0 +1,21 @@
+begin
+  require 'spec'
+rescue LoadError
+  require 'rubygems'
+  require 'spec'
+end
+begin
+  require 'spec/rake/spectask'
+rescue LoadError
+  puts <<-EOS
+To use rspec for testing you must install rspec gem:
+    gem install rspec
+EOS
+  exit(0)
+end
+
+desc "Run the specs under spec/models"
+Spec::Rake::SpecTask.new do |t|
+  t.spec_opts = ['--options', "spec/spec.opts"]
+  t.spec_files = FileList['spec/**/*_spec.rb']
+end

metadata

@@ -0,0 +1,94 @@
+--- !ruby/object:Gem::Specification 
+name: ksd
+version: !ruby/object:Gem::Version 
+  version: 0.0.1
+platform: ruby
+authors: 
+- Aram Verstegen
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2009-01-21 00:00:00 +01:00
+default_executable: 
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: newgem
+  type: :development
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: 1.2.3
+    version: 
+- !ruby/object:Gem::Dependency 
+  name: hoe
+  type: :development
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: 1.8.0
+    version: 
+description: Simple keystroke dynamics analyzer/validator written in Ruby-GTK
+email: 
+- aram@aczid.nl
+executables: []
+
+extensions: []
+
+extra_rdoc_files: 
+- History.txt
+- Manifest.txt
+- PostInstall.txt
+- README.rdoc
+files: 
+- History.txt
+- Manifest.txt
+- PostInstall.txt
+- README.rdoc
+- Rakefile
+- examples/enroll_login.rb
+- examples/enroll_scentences.rb
+- examples/login.rb
+- lib/keystroke_dynamics.rb
+- lib/keystroke_dynamics/analysis.rb
+- lib/keystroke_dynamics/validation.rb
+- script/console
+- script/destroy
+- script/generate
+- spec/keystroke_dynamics_spec.rb
+- spec/spec.opts
+- spec/spec_helper.rb
+- tasks/rspec.rake
+has_rdoc: true
+homepage: http://ksd.rubyforge.org/
+post_install_message: PostInstall.txt
+rdoc_options: 
+- --main
+- README.rdoc
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+requirements: []
+
+rubyforge_project: ksd
+rubygems_version: 1.3.1
+signing_key: 
+specification_version: 2
+summary: Simple keystroke dynamics analyzer/validator written in Ruby-GTK
+test_files: []
+