Convolutional Neural Networks for Attribute-based Active Authentication on Mobile Devices

We present a Deep Convolutional Neural Network (DCNN) architecture for the task of continuous authentication on mobile devices. To deal with the limited resources of these devices, we reduce the complexity of the networks by learning intermediate features such as gender and hair color instead of identities. We present a multi-task, part-based DCNN architecture for attribute detection that performs better than the state-of-the-art methods in terms of accuracy. As a byproduct of the proposed architecture, we are able to explore the embedding space of the attributes extracted from different facial parts, such as mouth and eyes, to discover new attributes. Furthermore, through extensive experimentation, we show that the attribute features extracted by our method outperform the previously presented attribute-based method and a baseline LBP method for the task of active authentication. Lastly, we demonstrate the effectiveness of the proposed architecture in terms of speed and power consumption by deploying it on an actual mobile device.Comment: Accepted in BTAS 201

Explainable Black-Box Attacks Against Model-based Authentication

Establishing unique identities for both humans and end systems has been an active research problem in the security community, giving rise to innovative machine learning-based authentication techniques. Although such techniques offer an automated method to establish identity, they have not been vetted against sophisticated attacks that target their core machine learning technique. This paper demonstrates that mimicking the unique signatures generated by host fingerprinting and biometric authentication systems is possible. We expose the ineffectiveness of underlying machine learning classification models by constructing a blind attack based around the query synthesis framework and utilizing Explainable-AI (XAI) techniques. We launch an attack in under 130 queries on a state-of-the-art face authentication system, and under 100 queries on a host authentication system. We examine how these attacks can be defended against and explore their limitations. XAI provides an effective means for adversaries to infer decision boundaries and provides a new way forward in constructing attacks against systems using machine learning models for authentication

Cross-Domain Deep Face Matching for Real Banking Security Systems

Ensuring the security of transactions is currently one of the major challenges that banking systems deal with. The usage of face for biometric authentication of users is attracting large investments from banks worldwide due to its convenience and acceptability by people, especially in cross-domain scenarios, in which facial images from ID documents are compared with digital self-portraits (selfies) for the automated opening of new checking accounts, e.g, or financial transactions authorization. Actually, the comparison of selfies and IDs has also been applied in another wide variety of tasks nowadays, such as automated immigration control. The major difficulty in such process consists in attenuating the differences between the facial images compared given their different domains. In this work, in addition to collecting a large cross-domain face dataset, with 27,002 real facial images of selfies and ID documents (13,501 subjects) captured from the databases of the major public Brazilian bank, we propose a novel architecture for such cross-domain matching problem based on deep features extracted by two well-referenced Convolutional Neural Networks (CNN). Results obtained on the dataset collected, called FaceBank, with accuracy rates higher than 93%, demonstrate the robustness of the proposed approach to the cross-domain face matching problem and its feasible application in real banking security systems

Transparent Face Recognition in the Home Environment

The BASIS project is about the secure application of transparent biometrics in the home environment. Due to transparency and home-setting requirements there is variance in appearance of the subject. An other problem which needs attention is the extraction of features. The quality of the extracted features is not only depending on the proper preprocessing of the input data but also on the suitability of the extraction algorithm for this problem. Possible approaches to address problems due to transparency requirements are the use of active appearance models in face recognition, smart segmentation, multi-camera solutions and tracking. In this paper an inventory of problems and possible solution will be give

Secure Mobile Crowdsensing with Deep Learning

In order to stimulate secure sensing for Internet of Things (IoT) applications such as healthcare and traffic monitoring, mobile crowdsensing (MCS) systems have to address security threats, such as jamming, spoofing and faked sensing attacks, during both the sensing and the information exchange processes in large-scale dynamic and heterogenous networks. In this article, we investigate secure mobile crowdsensing and present how to use deep learning (DL) methods such as stacked autoencoder (SAE), deep neural network (DNN), and convolutional neural network (CNN) to improve the MCS security approaches including authentication, privacy protection, faked sensing countermeasures, intrusion detection and anti-jamming transmissions in MCS. We discuss the performance gain of these DL-based approaches compared with traditional security schemes and identify the challenges that need to be addressed to implement them in practical MCS systems.Comment: 7 pages, 5 figure

Enhancing Trust in eAssessment - the TeSLA System Solution

Trust in eAssessment is an important factor for improving the quality of online-education. A comprehensive model for trust based authentication for eAssessment is being developed and tested within the score of the EU H2020 project TeSLA. The use of biometric verification technologies to authenticate the identity and authorship claims of individual students in online-education scenarios is a significant component of TeSLA. Technical Univerity of Sofia (TUS) Bulgaria, a member of TeSLA consortium, participates in large-scale pilot tests of the TeSLA system. The results of questionnaires to students and teachers involved in the TUS pilot tests are analyzed and summarized in this work. We also describe the TeSLA authentication and fraud-detection instruments and their role for enhancing trust in eAssessment.Comment: Presented at the Conference on Technology Enhanced Assessment (TEA), 2018. 18 pages, 2 tables, 3 figure

Targeted Backdoor Attacks on Deep Learning Systems Using Data Poisoning

Deep learning models have achieved high performance on many tasks, and thus have been applied to many security-critical scenarios. For example, deep learning-based face recognition systems have been used to authenticate users to access many security-sensitive applications like payment apps. Such usages of deep learning systems provide the adversaries with sufficient incentives to perform attacks against these systems for their adversarial purposes. In this work, we consider a new type of attacks, called backdoor attacks, where the attacker's goal is to create a backdoor into a learning-based authentication system, so that he can easily circumvent the system by leveraging the backdoor. Specifically, the adversary aims at creating backdoor instances, so that the victim learning system will be misled to classify the backdoor instances as a target label specified by the adversary. In particular, we study backdoor poisoning attacks, which achieve backdoor attacks using poisoning strategies. Different from all existing work, our studied poisoning strategies can apply under a very weak threat model: (1) the adversary has no knowledge of the model and the training set used by the victim system; (2) the attacker is allowed to inject only a small amount of poisoning samples; (3) the backdoor key is hard to notice even by human beings to achieve stealthiness. We conduct evaluation to demonstrate that a backdoor adversary can inject only around 50 poisoning samples, while achieving an attack success rate of above 90%. We are also the first work to show that a data poisoning attack can create physically implementable backdoors without touching the training process. Our work demonstrates that backdoor poisoning attacks pose real threats to a learning system, and thus highlights the importance of further investigation and proposing defense strategies against them

A Survey on Ear Biometrics

Recognizing people by their ear has recently received significant attention in the literature. Several reasons account for this trend: first, ear recognition does not suffer from some problems associated with other non contact biometrics, such as face recognition; second, it is the most promising candidate for combination with the face in the context of multi-pose face recognition; and third, the ear can be used for human recognition in surveillance videos where the face may be occluded completely or in part. Further, the ear appears to degrade little with age. Even though, current ear detection and recognition systems have reached a certain level of maturity, their success is limited to controlled indoor conditions. In addition to variation in illumination, other open research problems include hair occlusion; earprint forensics; ear symmetry; ear classification; and ear individuality. This paper provides a detailed survey of research conducted in ear detection and recognition. It provides an up-to-date review of the existing literature revealing the current state-of-art for not only those who are working in this area but also for those who might exploit this new approach. Furthermore, it offers insights into some unsolved ear recognition problems as well as ear databases available for researchers

WSMN: An optimized multipurpose blind watermarking in Shearlet domain using MLP and NSGA-II

Digital watermarking is a remarkable issue in the field of information security to avoid the misuse of images in multimedia networks. Although access to unauthorized persons can be prevented through cryptography, it cannot be simultaneously used for copyright protection or content authentication with the preservation of image integrity. Hence, this paper presents an optimized multipurpose blind watermarking in Shearlet domain with the help of smart algorithms including MLP and NSGA-II. In this method, four copies of the robust copyright logo are embedded in the approximate coefficients of Shearlet by using an effective quantization technique. Furthermore, an embedded random sequence as a semi-fragile authentication mark is effectively extracted from details by the neural network. Due to performing an effective optimization algorithm for selecting optimum embedding thresholds, and also distinguishing the texture of blocks, the imperceptibility and robustness have been preserved. The experimental results reveal the superiority of the scheme with regard to the quality of watermarked images and robustness against hybrid attacks over other state-of-the-art schemes. The average PSNR and SSIM of the dual watermarked images are 38 dB and 0.95, respectively; Besides, it can effectively extract the copyright logo and locates forgery regions under severe attacks with satisfactory accuracy

Offline Signature-Based Fuzzy Vault (OSFV: Review and New Results

An offline signature-based fuzzy vault (OSFV) is a bio-cryptographic implementation that uses handwritten signature images as biometrics instead of traditional passwords to secure private cryptographic keys. Having a reliable OSFV implementation is the first step towards automating financial and legal authentication processes, as it provides greater security of confidential documents by means of the embedded handwritten signatures. The authors have recently proposed the first OSFV implementation which is reviewed in this paper. In this system, a machine learning approach based on the dissimilarity representation concept is employed to select a reliable feature representation adapted for the fuzzy vault scheme. Some variants of this system are proposed for enhanced accuracy and security. In particular, a new method that adapts user key size is presented. Performance of proposed methods are compared using the Brazilian PUCPR and GPDS signature databases and results indicate that the key-size adaptation method achieves a good compromise between security and accuracy. While average system entropy is increased from 45-bits to about 51-bits, the AER (average error rate) is decreased by about 21%.Comment: This paper has been submitted to The 2014 IEEE Symposium on Computational Intelligence in Biometrics and Identity Management (CIBIM