Abstract
Biometric characteristics are often used as a supplementary component in user authentication and identification schemes. Many biometric traits, both physiological and behavioral, offering a wider range of security and stability, have been explored. We propose a new physiological trait based on the human body’s electrical response to a square pulse signal, called pulse-response, and analyze how this biometric characteristic can be used to enhance security in the context of two example applications: (1) an additional authentication mechanism in PIN entry systems and (2) a means of continuous authentication on a secure terminal. The pulse-response biometric recognition is effective because each human body exhibits a unique response to a signal pulse applied at the palm of one hand and measured at the palm of the other. This identification mechanism integrates well with other established methods and could offer an additional layer of security, either on a continuous basis or at log-in time. We build a proof-of-concept prototype and perform experiments to assess the feasibility of pulse-response for biometric authentication. The results are very encouraging, achieving an equal error rate of 2% over a static dataset and 9% over a dataset with samples taken over several weeks. We also quantize resistance to attack by estimating individual worst-case probabilities for zero-effort impersonation in different experiments.
- L. C. F. Araujo, L. H. R. Sucupira, Jr., M. G. Lizarraga, L. L. Ling, and J. B. T. Yabu-Uti. 2005. User authentication through typing biometrics features. IEEE Transactions on Signal Processing 53, 2, 851--855. Google ScholarDigital Library
- Salil P. Banerjee and Damon L. Woodard. 2012. Biometric authentication and identification using keystroke dynamics: A survey. Journal of Pattern Recognition Research 7, 1 116--139.Google ScholarCross Ref
- Claude Barral and Assia Tria. 2009. Fake fingers in fingerprint recognition: Glycerin supersedes gelatin. In Formal to Practical Security, Vronique Cortier, Claude Kirchner, Mitsuhiro Okada, and Hideki Sakurada (Eds.). Lecture Notes in Computer Science, Vol. 5458. Springer, Berlin, 57--69. Google ScholarDigital Library
- Saleh Bleha, Charles Slivinsky, and Bassam Hussien. 1990. Computer-access security systems using keystroke dynamics. IEEE Transactions on Pattern Analysis and Machine Intelligence 12, 12, 1217--1222. Google ScholarDigital Library
- Arman Boehm, Dongqu Chen, Mario Frank, Ling Huang, Cynthia Kuo, Tihomir Lolic, Ivan Martinovic, and Dawn Song. 2013. SAFE: Secure authentication with face and eyes. In International Conference on Privacy and Security in Mobile Systems (PRISMS’13). 1--8.Google ScholarCross Ref
- Sungzoon Cho, Chigeun Han, Dae Hee Han, and Hyung il Kim. 2000. Web based keystroke dynamics identity verification using neural network. Journal of Organizational Computing and Electronic Commerce 10, 295--307.Google ScholarCross Ref
- Nathan L. Clarke and Steven Furnell. 2007. Advanced user authentication for mobile devices. Computers 8 Security 26, 2, 109--119. Google ScholarDigital Library
- Cory Cornelius, Ronald Peterson, Joseph Skinner, Ryan Halter, and David Kotz. 2014. A wearable system that knows who wears it. In Proceedings of the 12th Annual International Conference on Mobile Systems, Applications, and Services (MobiSys’14). 55--67. Google ScholarDigital Library
- Cory Cornelius, Jacob Sorber, Ronald A. Peterson, Joe Skinner, Ryan J. Halter, and David Kotz. 2012. Who wears me? Bioimpedance as a passive biometric. In Proceedings of the 3rd USENIX Workshop on Health Security and Privacy (HealthSec’12), Carl A. Gunter and Zachary N. J. Peterson (Eds.). Google ScholarDigital Library
- Alexander De Luca, Alina Hang, Frederik Brudy, Christian Lindner, and Heinrich Hussmann. 2012. Touch me once and I know it’s you!: Implicit authentication based on touch screen patterns. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems (CHI’12). ACM, New York, NY, 987--996. Google ScholarDigital Library
- I. Deutschmann, P. Nordstrom, and L. Nilsson. 2013. Continuous authentication using behavioral biometrics. IT Professional 15, 4, 12--15. Google ScholarDigital Library
- Simon Eberz, Kasper Bonne Rasmussen, Vincent Lenders, and Ivan Martinovic. 2015. Preventing lunchtime attacks: Fighting insider threats with eye movement biometrics. In 22nd Annual Network and Distributed System Security Symposium (NDSS’15), San Diego, CA, February 8-11, 2014.Google ScholarCross Ref
- Tom Fawcett. 2006. An introduction to ROC analysis. Pattern Recognition Letters 27, 8, 861--874. Google ScholarDigital Library
- Tao Feng, Ziyi Liu, Kyeong-An Kwon, Weidong Shi, B. Carbunar, Yifei Jiang, and N. Nguyen. 2012. Continuous mobile authentication using touchscreen gestures. In IEEE Conference on Technologies for Homeland Security (HST’12). 451--456.Google Scholar
- Mario Frank, Ralf Biedert, Eugene Ma, Ivan Martinovic, and Dawn Song. 2013. Touchalytics: On the applicability of touchscreen input as a behavioral biometric for continuous authentication. IEEE Transactions on Information Forensics and Security 8, 1, 136--148. Google ScholarDigital Library
- Javier Galbally, Arun Ross, Marta Gomez-Barrero, Julian Fierrez, and Javier Ortega-Garcia. 2012. From the Iriscode to the Iris: A new vulnerability of iris recognition systems. White paper. In Briefings of the Black Hat Conference.Google Scholar
- Hugo Gamboa and Ana Fred. 2004. A behavioral biometric system based on human-computer interaction, In Biometric Technology for Human Identification. Proceedings of SPIE 5404, 381--392.Google Scholar
- R. Giot, M. El-Abed, and C. Rosenberger. 2009. Keystroke dynamics with low constraints SVM based passphrase enrollment. In IEEE 3rd International Conference on Biometrics: Theory, Applications, and Systems (BTAS’09). 1--6. Google ScholarDigital Library
- Daniele Gunetti and Claudia Picardi. 2005. Keystroke analysis of free text. ACM Transactions on Information and System Security 8, 3, 312--347. Google ScholarDigital Library
- Payas Gupta and Debin Gao. 2010. Fighting coercion attacks in key generation using skin conductance. In Proceedings of the 19th USENIX Conference on Security (USENIX Security’10). USENIX Association, Berkeley, CA, 30--30. Google ScholarDigital Library
- Sylvain Hocquet, J.-Y. Ramel, and Hubert Cardot. 2005. Fusion of methods for keystroke dynamic authentication. In 4th IEEE Workshop on Automatic Identification Advanced Technologies (AutoID’05). IEEE, 224--229. Google ScholarDigital Library
- Christian Holz and Marius Knaust. 2015. Biometric touch sensing: Seamlessly augmenting each touch with continuous authentication. In Proceedings of the 28th Annual ACM Symposium on User Interface Software 8 Technology. ACM, 303--312. Google ScholarDigital Library
- Information Technology Laboratory -- National Institute of Standards and Technology. 2013. The Biometrics Resource Center. http://www.nist.gov/itl/csd/biometrics/index.cfm.Google Scholar
- Anil K. Jain, Arun Ross, and Karthik Nandakumar. 2011. Introduction to Biometrics. Springer. Google ScholarDigital Library
- Anil K. Jain, Arun Ross, and Sharath Pankanti. 2006. Biometrics: A tool for information security. IEEE Transactions on Information Forensics and Security 1, 2, 125--143. Google ScholarDigital Library
- Zach Jorgensen and Ting Yu. 2011. On mouse dynamics as a behavioral biometric for authentication. In Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security (ASIACCS’11). 476--482. Google ScholarDigital Library
- Rick Joyce and Gopal Gupta. 1990. Identity authentication based on keystroke latencies. Communications of the ACM 33, 2, 168--176. Google ScholarDigital Library
- Kevin S. Killourhy. 2012. A Scientific Understanding of Keystroke Dynamics. Ph.D. Dissertation. Carnegie Mellon University, Pittsburgh, PA. Google ScholarDigital Library
- Lyra Nara. 2013. Hand Electrodes Brass (1 Pair). (2013). Retrieved April 15, 2017 from http://www.lyranara.com/hand-electrodes-brass-1-pair/.Google Scholar
- Orjan G. Martinsen and Sverre Grimnes. 2011. Bioimpedance and Bioelectricity Basics. Academic Press, Cambridge, MA.Google Scholar
- Fabian Monrose, Michael K. Reiter, and Susanne Wetzel. 1999. Password hardening based on keystroke dynamics. In Proceedings of the 6th ACM Conference on Computer and Communications Security (CCS’99). 73--82. Google ScholarDigital Library
- Youssef Nakkabi, Issa Traoré, and Ahmed Awad E. Ahmed. 2010. Improving mouse dynamics biometric performance using variance reduction via extractors with separate features. IEEE Transactions on Systems, Man, and Cybernetics, Part A 40, 6, 1345--1353. Google ScholarDigital Library
- National Science 8 Technology Council. 2006. Biometrics Frequently Asked Questions. http://biometrics.gov/Documents/FAQ.pdf.Google Scholar
- Minh Duc Nguyen and Quang Minh Bui. 2009. Your face is NOT your password: Face authentication bypassing - Lenovo - Asus - Toshiba. White paper. In Briefings of the Black Hat Conference.Google Scholar
- Koichiro Niinuma and Anil K. Jain. 2010. Continuous user authentication using temporal information. In Technology for Human Identification VII. Proceedings of SPIE 7667, 76670L--76670L--11.Google Scholar
- Maja Pusara and Carla E. Brodley. 2004. User re-authentication via mouse movements. In Proceedings of the ACM Workshop on Visualization and Data Mining for Computer Security (VizSEC/DMSEC’04). 1--8. Google ScholarDigital Library
- Kasper Bonne Rasmussen, Marc Roeschlin, Ivan Martinovic, and Gene Tsudik. 2014. Authentication using pulse-response biometrics. In Proceedings of the 21st Annual Network and Distributed System Security Symposium.Google Scholar
- Kenneth Revett and Sérgio Tenreiro de Magalhães. 2010. Cognitive biometrics: Challenges for the future. In Global Security, Safety, and Sustainability, Sérgio Tenreiro de Magalhães, Hamid Jahankhani, and Ali G. Hessami (Eds.). Communications in Computer and Information Science, Vol. 92. Springer, 79--86.Google Scholar
- Sensible Vision Inc. 2013. Facial Recognition Provides Continuous System Security. Retrieved April 15, 2017 from http://www.sensiblevision.com/en-us/fastaccessanywhere/overview.aspx.Google Scholar
- R. Spillane. 1975. Keyboard apparatus for personal identification. IBM Technical Disclosure Bulletin 17, 3346.Google Scholar
- Pin Shen Teh, Andrew Beng Jin Teoh, and Shigang Yue. 2013. A survey of keystroke dynamics biometrics. The Scientific World Journal 2013 (2013).Google Scholar
- Chee Meng Tey, Payas Gupta, and Debin Gao. 2013. I can be you: Questioning the use of keystroke dynamics as biometrics. In 20th Annual Network and Distributed System Security Symposium (NDSS’13), San Diego, California, February 24--27, 2013. http://internetsociety.org/doc/i-can-be-you-questioning-use-keystroke-dynamics-biometrics.Google Scholar
- Dat Tran, Wanli Ma, Girija Chetty, and Dharmendra Sharma. 2007. Fuzzy and Markov models for keystroke biometrics authentication. In Proceedings of the 7th WSEAS International Conference on Simulation, Modelling and Optimization (SMO’07). World Scientific and Engineering Academy and Society (WSEAS), Stevens Point, WI, 89--94. http://dl.acm.org/citation.cfm?id=1353862.1353878 Google ScholarDigital Library
- David Umphress and Glen Williams. 1985. Identity verification through keyboard characteristics. International Journal of Man-- Machine Studies 23, 3, 263--273.Google ScholarCross Ref
- VIRDI Biometric. 2009. How to make the fake fingerprints (by VIRDI). Video.Retrieved April 15, 2017 from http://www.youtube.com/watch?v=-H71tyMupqk last accessed 03.08.2013.Google Scholar
- John Woodward, Nicholas Orlans, and Peter Higgins. 2003. Biometrics. McGraw-Hill/Osborne, New York, NY. Google ScholarDigital Library
- Nan Zheng, Aaron Paloski, and Haining Wang. 2011. An efficient user verification system via mouse movements. In Proceedings of the 18th ACM Conference on Computer and Communications Security (CCS’11). 139--150. Google ScholarDigital Library
Index Terms
- Pulse-Response: Exploring Human Body Impedance for Biometric Recognition
Recommendations
Activity related authentication using prehension biometrics
This paper presents an extensive study on prehension-based dynamic features and their use for biometric purposes. The term prehension describes the combined movement of reaching, grasping and manipulating objects. The motivation behind the proposed ...
An efficient approach to iris detection for iris biometric processing
Detection of iris in an eye image poses a number of challenges, such as inferior image quality, occlusion of eyelids, eyelashes etc. Owing to these problems, it is not possible to achieve 100% accuracy in any iris-based biometric authentication system. ...
Palmprint and Finger-Knuckle-Print for efficient person recognition based on Log-Gabor filter response
Person recognition systems based on biometrics are being increasingly utilized in any applications to enhance the security of physical and logical access systems. A number of biometric traits exist and are in use in various applications. Each biometric ...
Comments