EQUALAUTH: FAIR AND SECURE BIOMETRICS FOR ALL ABILITIES

The present disclosure relates to a behavioral biometric based authentication system. User device sends user data associated with a user to a system. The user data includes behavioral biometric data such as keystroke dynamics, mouse movements, touchscreen interactions, voice patterns, device handling and the like. The system identifies a disability based on the user data and extracts a pre-trained model associated with that specific disability from any one of: database and model repository. The model is further trained using the user data to generate and store a user profile. The user sends an authentication request during processing of a user request, the processor extracts the user profile to verify the identity of the user. Further, the anomaly detector checks for any anomalies during the processing of user request. The system sends alerts to the user device and/or temporarily locks an account and terminates the processing of the user request upon detection of an anomaly

Coding Solutions for the Secure Biometric Storage Problem

The paper studies the problem of securely storing biometric passwords, such as fingerprints and irises. With the help of coding theory Juels and Wattenberg derived in 1999 a scheme where similar input strings will be accepted as the same biometric. In the same time nothing could be learned from the stored data. They called their scheme a "fuzzy commitment scheme". In this paper we will revisit the solution of Juels and Wattenberg and we will provide answers to two important questions: What type of error-correcting codes should be used and what happens if biometric templates are not uniformly distributed, i.e. the biometric data come with redundancy. Answering the first question will lead us to the search for low-rate large-minimum distance error-correcting codes which come with efficient decoding algorithms up to the designed distance. In order to answer the second question we relate the rate required with a quantity connected to the "entropy" of the string, trying to estimate a sort of "capacity", if we want to see a flavor of the converse of Shannon's noisy coding theorem. Finally we deal with side-problems arising in a practical implementation and we propose a possible solution to the main one that seems to have so far prevented real life applications of the fuzzy scheme, as far as we know.Comment: the final version appeared in Proceedings Information Theory Workshop (ITW) 2010, IEEE copyrigh

Intrusion Detection Using Mouse Dynamics

Compared to other behavioural biometrics, mouse dynamics is a less explored area. General purpose data sets containing unrestricted mouse usage data are usually not available. The Balabit data set was released in 2016 for a data science competition, which against the few subjects, can be considered the first adequate publicly available one. This paper presents a performance evaluation study on this data set for impostor detection. The existence of very short test sessions makes this data set challenging. Raw data were segmented into mouse move, point and click and drag and drop types of mouse actions, then several features were extracted. In contrast to keystroke dynamics, mouse data is not sensitive, therefore it is possible to collect negative mouse dynamics data and to use two-class classifiers for impostor detection. Both action- and set of actions-based evaluations were performed. Set of actions-based evaluation achieves 0.92 AUC on the test part of the data set. However, the same type of evaluation conducted on the training part of the data set resulted in maximal AUC (1) using only 13 actions. Drag and drop mouse actions proved to be the best actions for impostor detection.Comment: Submitted to IET Biometrics on 23 May 201