550 research outputs found
Keystroke Biometrics in Response to Fake News Propagation in a Global Pandemic
This work proposes and analyzes the use of keystroke biometrics for content
de-anonymization. Fake news have become a powerful tool to manipulate public
opinion, especially during major events. In particular, the massive spread of
fake news during the COVID-19 pandemic has forced governments and companies to
fight against missinformation. In this context, the ability to link multiple
accounts or profiles that spread such malicious content on the Internet while
hiding in anonymity would enable proactive identification and blacklisting.
Behavioral biometrics can be powerful tools in this fight. In this work, we
have analyzed how the latest advances in keystroke biometric recognition can
help to link behavioral typing patterns in experiments involving 100,000 users
and more than 1 million typed sequences. Our proposed system is based on
Recurrent Neural Networks adapted to the context of content de-anonymization.
Assuming the challenge to link the typed content of a target user in a pool of
candidate profiles, our results show that keystroke recognition can be used to
reduce the list of candidate profiles by more than 90%. In addition, when
keystroke is combined with auxiliary data (such as location), our system
achieves a Rank-1 identification performance equal to 52.6% and 10.9% for a
background candidate list composed of 1K and 100K profiles, respectively.Comment: arXiv admin note: text overlap with arXiv:2004.0362
Continuous User Authentication Using Multi-Modal Biometrics
It is commonly acknowledged that mobile devices now form an integral part of an individualâs everyday life. The modern mobile handheld devices are capable to provide a wide range of services and applications over multiple networks. With the increasing capability and accessibility, they introduce additional demands in term of security.
This thesis explores the need for authentication on mobile devices and proposes a novel mechanism to improve the current techniques. The research begins with an intensive review of mobile technologies and the current security challenges that mobile devices experience to illustrate the imperative of authentication on mobile devices. The research then highlights the existing authentication mechanism and a wide range of weakness. To this end, biometric approaches are identified as an appropriate solution an opportunity for security to be maintained beyond point-of-entry. Indeed, by utilising behaviour biometric techniques, the authentication mechanism can be performed in a continuous and transparent fashion.
This research investigated three behavioural biometric techniques based on SMS texting activities and messages, looking to apply these techniques as a multi-modal biometric authentication method for mobile devices. The results showed that linguistic profiling; keystroke dynamics and behaviour profiling can be used to discriminate users with overall Equal Error Rates (EER) 12.8%, 20.8% and 9.2% respectively. By using a combination of biometrics, the results showed clearly that the classification performance is better than using single biometric technique achieving EER 3.3%. Based on these findings, a novel architecture of multi-modal biometric authentication on mobile devices is proposed. The framework is able to provide a robust, continuous and transparent authentication in standalone and server-client modes regardless of mobile hardware configuration. The framework is able to continuously maintain the security status of the devices. With a high level of security status, users are permitted to access sensitive services and data. On the other hand, with the low level of security, users are required to re-authenticate before accessing sensitive service or data
Predictive biometrics: A review and analysis of predicting personal characteristics from biometric data
Interest in the exploitation of soft biometrics information has continued to develop over the last decade or so. In comparison with traditional biometrics, which focuses principally on person identification, the idea of soft biometrics processing is to study the utilisation of more general information regarding a system user, which is not necessarily unique. There are increasing indications that this type of data will have great value in providing complementary information for user authentication. However, the authors have also seen a growing interest in broadening the predictive capabilities of biometric data, encompassing both easily definable characteristics such as subject age and, most recently, `higher level' characteristics such as emotional or mental states. This study will present a selective review of the predictive capabilities, in the widest sense, of biometric data processing, providing an analysis of the key issues still adequately to be addressed if this concept of predictive biometrics is to be fully exploited in the future
Behaviour Profiling for Mobile Devices
With more than 5 billion users globally, mobile devices have become ubiquitous in our daily life.
The modern mobile handheld device is capable of providing many multimedia services through a
wide range of applications over multiple networks as well as on the handheld device itself. These
services are predominantly driven by data, which is increasingly associated with sensitive
information. Such a trend raises the security requirement for reliable and robust verification
techniques of users.This thesis explores the end-user verification requirements of mobile devices and proposes a novel
Behaviour Profiling security framework for mobile devices. The research starts with a critical
review of existing mobile technologies, security threats and mechanisms, and highlights a broad
range of weaknesses. Therefore, attention is given to biometric verification techniques which have
the ability to offer better security. Despite a large number of biometric works carried out in the
area of transparent authentication systems (TAS) and Intrusion Detection Systems (IDS), each have
a set of weaknesses that fail to provide a comprehensive solution. They are either reliant upon a
specific behaviour to enable the system to function or only capable of providing security for
network based services. To this end, the behaviour profiling technique is identified as a potential
candidate to provide high level security from both authentication and IDS aspects, operating in a
continuous and transparent manner within the mobile host environment.This research examines the feasibility of a behaviour profiling technique through mobile users
general applications usage, telephone, text message and multi-instance application usage with the
best experimental results Equal Error Rates (EER) of 13.5%, 5.4%, 2.2% and 10% respectively.
Based upon this information, a novel architecture of Behaviour Profiling on mobile devices is
proposed. The framework is able to provide a robust, continuous and non-intrusive verification
mechanism in standalone, TAS or IDS modes, regardless of device hardware configuration. The
framework is able to utilise user behaviour to continuously evaluate the system security status of
the device. With a high system security level, users are granted with instant access to sensitive
services and data, while with lower system security levels, users are required to reassure their
identity before accessing sensitive services.The core functions of the novel framework are validated through the implementation of a
simulation system. A series of security scenarios are designed to demonstrate the effectiveness of
the novel framework to verify legitimate and imposter activities. By employing the smoothing
function of three applications, verification time of 3 minutes and a time period of 60 minutes of
the degradation function, the Behaviour Profiling framework achieved the best performance with
False Rejection Rate (FRR) rates of 7.57%, 77% and 11.24% for the normal, protected and overall
applications respectively and with False Acceptance Rate (FAR) rates of 3.42%, 15.29% and 4.09%
for their counterparts
Using Keystroke Dynamics and Location Verification Method for Mobile Banking Authentication.
With the rise of security attacks on mobile phones, traditional methods to authentication such as Personal Identification Numbers (PIN) and Passwords are becoming ineffective due to their limitations such as being easily forgettable, discloser, lost or stolen. Keystroke dynamics is a form of behavioral biometric based authentication where an analysis of how users type is monitored and used in authenticating users into a system. The use of location data provides a verification mechanism based on userâs location which can be obtained via their phones Global Positioning System (GPS) facility. This study evaluated existing authentication methods and their performance summarized. To address the limitations of traditional authentication methods this paper proposed an alternative authentication method that uses Keystroke dynamics and location data. To evaluate the proposed authentication method experiments were done through use of a prototype android mobile banking application that captured the typing behavior while logging in and location data from 60 users. The experiment results were lower compared to the previous studies provided in this paper with a False Rejection Rate (FRR) of 5.33% which is the percentage of access attempts by legitimate users that have been rejected by the system and a False Acceptance Rate (FAR) of 3.33% which is the percentage of access attempts by imposters that have been accepted by the system incorrectly, giving an Equal Error Rate (EER) of 4.3%.The outcome of this study demonstrated keystroke dynamics and location verification on PINs as an alternative authentication of mobile banking transactions building on current smartphones features with less implementation costs with no additional hardware compared to other biometric methods. Keywords: smartphones, biometric, mobile banking, keystroke dynamics, location verification, securit
- âŠ