ML Security PapersDetecting Cognitive Signatures in Typing Behavior for Non-Intrusive Authorship Verification
Published on arXiv
2603.00177
Output Integrity Attack
OWASP ML Top 10 — ML09
Key Finding
Analytical evaluation estimates 85–95% discrimination accuracy between genuine human composition and AI-generated/transcribed text under stated assumptions
Cognitive Load Correlation (CLC)
Novel technique introduced
The proliferation of AI-generated text has intensified the need for reliable authorship verification, yet current output-based methods are increasingly unreliable. We observe that the ordinary typing interface captures rich cognitive signatures, measurable patterns in keystroke timing that reflect the planning, translating, and revising stages of genuine composition. Drawing on large-scale keystroke datasets comprising over 136 million events, we define the Cognitive Load Correlation (CLC) and show it distinguishes genuine composition from mechanical transcription. We present a non-intrusive verification framework that operates within existing writing interfaces, collecting only timing metadata to preserve privacy. Our analytical evaluation estimates 85 to 95 percent discrimination accuracy under stated assumptions, while limiting biometric leakage via evidence quantization. We analyze the adversarial robustness of cognitive signatures, showing they resist timing-forgery attacks that defeat motor-level authentication because the cognitive channel is entangled with semantic content. We conclude that reframing authorship verification as a human-computer interaction problem provides a privacy-preserving alternative to invasive surveillance.
Key Contributions
- Defines the Cognitive Load Correlation (CLC) metric — a measure of correlation between local semantic complexity and inter-keystroke intervals — that captures the cognitive signature of genuine composition versus mechanical transcription or AI-generated text
- Presents a non-intrusive authorship verification framework operating within existing writing interfaces, collecting only timing metadata and limiting biometric leakage via evidence quantization
- Analyzes adversarial robustness of cognitive signatures, demonstrating they resist timing-forgery attacks that defeat motor-level authentication because the cognitive channel is entangled with semantic content
🛡️ Threat Analysis
Proposes a novel forensic detection method for AI-generated content: the Cognitive Load Correlation (CLC) derived from keystroke timing patterns distinguishes genuine human composition from AI-generated text. The paper's primary contribution is the detection technique and framework itself, not a domain application of existing detectors. Adversarial robustness against timing-forgery attacks is explicitly evaluated.