Keystroke dynamics in Linux

Question

I'm thinking of implementing a keystroke dynamics (authenticating people based on their typing patterns) application for Linux. As I see it, I have two alternatives:

1. Extend the Linux logon to support keystroke dynamics
2. Create a desktop-locker program which "locks" the screen and can only be unlocked by a typist with a particular typing pattern

Is alternative 1 possible? Windows supports extending the logon process via msgina.dll, does Linux support something of the sort?

For altenative 2, is is possible to disable the mouse and keyboard?

Answer 1

Hey, Linux is open source, you could do anything you want :-)

It is very likely that you don't need to modify the kernel. For example, terminal login is controlled by the login program. Changing the source and rebuilding it will definitely allow you to do what you need to, although how difficult it is I've no idea :-)

Graphical login is taken care of by the window manager, so which program to change depends on which window manager you use.

EDIT: On a second thought, I'm not sure if login is executed early enough to catch the keystroke dynamics. Besides, it is a bit risky because if your version of login fails, it could make it difficult to login and fix the problem. You might need to take a look at getty and see how it invokes login. If you do it in a graphical interface it might be easier since you can always fall back to text terminal to fix any problem.

Answer 2

libpam has plugin ability. so yes, totally possible, like the (in)famous msgina :)

locking the screen is mmm rather touchy - who is responsible? window manager, X server, session manager, the screen saver process, ?

I'm afraid different desktop environments (Gnome, KDE...) might have different opinions. Although these days, I'm pretty positive all of them will share some kind of FreeDesktop dbus interface to coordinate this type of functionality.

Answer 3

The proper way to do this would probably be through a PAM authentication module. Check out the module writers guide here: http://www.kernel.org/pub/linux/libs/pam/Linux-PAM-html/Linux-PAM_MWG.html

Basically you can just add your module to the PAM stack, have it do its keystroke analysis, and then pass either success or fail to the system. This lets you integrate it with the console login process, and even SSH if PAM is enabled there. I'm not quite sure how it would work with a graphical login such as KDM or GDM. I know you can use PAM modules with those, but of course the interaction is done through the GUI textbox.

Answer 4

Assuming this is more than just a toy (in other words, if you plan to distribute), be sure you think about how to get around the typing pattern analysis when things go wrong. My typing patterns probably change quite a bit over time, as I've got wrist problems that flare up now and then. When they do, my typing probably changes markedly. I wouldn't be too surprised if my typing changes somewhat from morning to night even, as I am more or less tired and/or caffeinated.