Adversarial Activity Detection and Prediction Using Behavioral Biometrics

Behavioral biometrics can be used in different security applications like authentication, identification, etc. One of the trending applications is predicting future activities of people and guessing whether they will engage in malicious activities in the future. In this research, we study the possibility of predicting future activities and propose novel methods for near-future activity prediction. First, we study gait signals captured using smartphone accelerometer sensor and build a model to predict a future gait signal. Activity recognition using body movements captured from mobile phone sensors has been a major point of interest in recent research. Data that is being continuously read from mobile sensors can be used to recognize user activity. We propose a model for predicting human body movements based on the previous activity that has been read from sensors and continuously updating our prediction as new data becomes available. Our results show that our model can predict the future movement signal with a high accuracy that can contribute to several applications in the area. Second, we study keystroke acoustics and build a model for predicting future activities of the users by recording their keystrokes audio. Using keystroke acoustics to predict typed text has significant advantages, such as being recorded covertly from a distance and requiring no physical access to the computer system. Recently, some studies have been done on keystroke acoustics, however, to the best of our knowledge none have used them to predict adversarial activities. On a dataset of two million keystrokes consisting of seven adversarial and one benign activity, we use a signal processing approach to extract keystrokes from the audio and a clustering method to recover the typed letters followed by a text recovery module to regenerate the typed words. Furthermore, we use a neural network model to classify the benign and adversarial activities and achieve significant results: (1) we extract individual keystroke sounds from the raw audio with 91% accuracy and recover words from audio recordings in a noisy environment with 71% average top-10 accuracy. (2) We classify adversarial activities with 93% to 98% average accuracy under different operating scenarios. Third, we study the correlation between the personality traits of users with their keystroke and mouse dynamics. Even with the availability of multiple interfaces, such as voice, touch, etc., keyboard and mouse remain the primary interfaces to a computer. Any insights on the relation between keyboard and mouse dynamics with the personality type of the users can provide foundations for various applications, such as advertisement, social media, etc. We use a dataset of keystroke and mouse dynamics collected from 104 users together with their responses to two personality tests to analyze how their interaction with the computer relates to their personality. Our findings show that there are considerable trends and patterns in keystroke and mouse dynamics that are correlated with each personality type

GANTouch: An Attack-Resilient Framework for Touch-based Continuous Authentication System

Previous studies have shown that commonly studied (vanilla) implementations of touch-based continuous authentication systems (V-TCAS) are susceptible to active adversarial attempts. This study presents a novel Generative Adversarial Network assisted TCAS (G-TCAS) framework and compares it to the V-TCAS under three active adversarial environments viz. Zero-effort, Population, and Random-vector. The Zero-effort environment was implemented in two variations viz. Zero-effort (same-dataset) and Zero-effort (cross-dataset). The first involved a Zero-effort attack from the same dataset, while the second used three different datasets. G-TCAS showed more resilience than V-TCAS under the Population and Random-vector, the more damaging adversarial scenarios than the Zero-effort. On average, the increase in the false accept rates (FARs) for V-TCAS was much higher (27.5% and 21.5%) than for G-TCAS (14% and 12.5%) for Population and Random-vector attacks, respectively. Moreover, we performed a fairness analysis of TCAS for different genders and found TCAS to be fair across genders. The findings suggest that we should evaluate TCAS under active adversarial environments and affirm the usefulness of GANs in the TCAS pipeline.Comment: 11 pages, 7 figures, 2 tables, 3 algorithms, in IEEE TBIOM 202

Seamless Authentication for Ubiquitous Devices

User authentication is an integral part of our lives; we authenticate ourselves to personal computers and a variety of other things several times a day. Authentication is burdensome. When we wish to access to a computer or a resource, it is an additional task that we need to perform~-- an interruption in our workflow. In this dissertation, we study people\u27s authentication behavior and attempt to make authentication to desktops and smartphones less burdensome for users. First, we present the findings of a user study we conducted to understand people\u27s authentication behavior: things they authenticate to, how and when they authenticate, authentication errors they encounter and why, and their opinions about authentication. In our study, participants performed about 39 authentications per day on average; the majority of these authentications were to personal computers (desktop, laptop, smartphone, tablet) and with passwords, but the number of authentications to other things (e.g., car, door) was not insignificant. We saw a high failure rate for desktop and laptop authentication among our participants, affirming the need for a more usable authentication method. Overall, we found that authentication was a noticeable part of all our participants\u27 lives and burdensome for many participants, but they accepted it as cost of security, devising their own ways to cope with it. Second, we propose a new approach to authentication, called bilateral authentication, that leverages wrist-wearable technology to enable seamless authentication for things that people use with their hands, while wearing a smart wristband. In bilateral authentication two entities (e.g., user\u27s wristband and the user\u27s phone) share their knowledge (e.g., about user\u27s interaction with the phone) to verify the user\u27s identity. Using this approach, we developed a seamless authentication method for desktops and smartphones. Our authentication method offers quick and effortless authentication, continuous user verification while the desktop (or smartphone) is in use, and automatic deauthentication after use. We evaluated our authentication method through four in-lab user studies, evaluating the method\u27s usability and security from the system and the user\u27s perspective. Based on the evaluation, our authentication method shows promise for reducing users\u27 authentication burden for desktops and smartphones

Learning Behavioral Representations of Routines From Large-scale Unlabeled Wearable Time-series Data Streams using Hawkes Point Process

Continuously-worn wearable sensors enable researchers to collect copious amounts of rich bio-behavioral time series recordings of real-life activities of daily living, offering unprecedented opportunities to infer novel human behavior patterns during daily routines. Existing approaches to routine discovery through bio-behavioral data rely either on pre-defined notions of activities or use additional non-behavioral measurements as contexts, such as GPS location or localization within the home, presenting risks to user privacy. In this work, we propose a novel wearable time-series mining framework, Hawkes point process On Time series clusters for ROutine Discovery (HOT-ROD), for uncovering behavioral routines from completely unlabeled wearable recordings. We utilize a covariance-based method to generate time-series clusters and discover routines via the Hawkes point process learning algorithm. We empirically validate our approach for extracting routine behaviors using a completely unlabeled time-series collected continuously from over 100 individuals both in and outside of the workplace during a period of ten weeks. Furthermore, we demonstrate this approach intuitively captures daily transitional relationships between physical activity states without using prior knowledge. We also show that the learned behavioral patterns can assist in illuminating an individual's personality and affect.Comment: 2023 9th ACM SIGKDD International Workshop on Mining and Learning From Time Series (MiLeTS 2023