An official website of the United States government
Biometric authentication systems face significant challenges due to the vulnerability of traditional methods like passwords and fingerprints to theft or imitation. Electroencephalography (EEG)-based authentication presents a promising alternative by using unique brainwave patterns. This study introduces a novel EEG-based authentication system that utilizes cognitive and memory-related stimuli to elicit distinct brainwave responses. By incorporating multi-session data collection, the system effectively accounts for temporal variability. Additionally, advanced feature extraction techniques capture spatial, temporal, and spectral characteristics, enhancing authentication accuracy. A comprehensive feature engineering pipeline is employed, evaluating various classifiers across different stimuli types. Findings reveal that memory-related tasks, particularly word recognition, consistently generate the most reliable EEG responses. Among the classifiers tested, Logistic Regression demonstrates the highest effectiveness. The system achieves robust performance across multiple sessions, demonstrating its potential for practical real-world deployment. These findings lay a solid foundation for advancing EEG-based biometric authentication, paving the way for more secure and practical implementations in both research and applied settings.
more »
« less
Attacks and Mitigation Techniques for Iris-based Authentication Systems
Authentication is a key step for accessing resources and services. Currently, there are several ways of performing authentication such as text-based passwords and graphical images. These methods can be circumvented to bypass authentication system. Biometric signatures have been gaining popularity for user authentication. In this paper, we examine various attacks on iris-based authentication system followed by some common examples of mitigation techniques.
more »
« less
- Award ID(s):
- 1723578
- PAR ID:
- 10156144
- Date Published:
- Journal Name:
- Proc. of 44th IEEE Conference on Computer, Software and Applications (COMPSAC)
- Page Range / eLocation ID:
- 2
- Format(s):
- Medium: X
- Sponsoring Org:
- National Science Foundation
More Like this
-
-
This paper presents an EEG-based user authentication system using Event-Related Potentials (ERPs) to distinguish legitimate users from impostors. Utilizing a publicly available EEG dataset, we implemented a comprehensive data processing pipeline, which included advanced preprocessing and feature extraction techniques. Multiple state-of-the-art machine learning classifiers, such as CatBoost and XGBoost, were evaluated to assess their effectiveness in user authentication. The results showed a very low average Equal Error Rate (EER) of 2.53%. Our study emphasizes the strength of the P300 and N400 responses in biometric authentication and demonstrates the potential of advanced ensemble classifiers in improving system accuracy. This research contributes to the development of EEG-based authentication and lays the groundwork for future studies aiming to create secure and practical biometric systems.more » « less
-
null (Ed.)User authentication is a critical process in both corporate and home environments due to the ever-growing security and privacy concerns. With the advancement of smart cities and home environments, the concept of user authentication is evolved with a broader implication by not only preventing unauthorized users from accessing confidential information but also providing the opportunities for customized services corresponding to a specific user. Traditional approaches of user authentication either require specialized device installation or inconvenient wearable sensor attachment. This article supports the extended concept of user authentication with a device-free approach by leveraging the prevalent WiFi signals made available by IoT devices, such as smart refrigerator, smart TV, and smart thermostat, and so on. The proposed system utilizes the WiFi signals to capture unique human physiological and behavioral characteristics inherited from their daily activities, including both walking and stationary ones. Particularly, we extract representative features from channel state information (CSI) measurements of WiFi signals, and develop a deep-learning-based user authentication scheme to accurately identify each individual user. To mitigate the signal distortion caused by surrounding people’s movements, our deep learning model exploits a CNN-based architecture that constructively combines features from multiple receiving antennas and derives more reliable feature abstractions. Furthermore, a transfer-learning-based mechanism is developed to reduce the training cost for new users and environments. Extensive experiments in various indoor environments are conducted to demonstrate the effectiveness of the proposed authentication system. In particular, our system can achieve over 94% authentication accuracy with 11 subjects through different activities.more » « less
-
Controller Area Network (CAN) is the de-facto standard in-vehicle network system. Despite its wide adoption by automobile manufacturers, the lack of security design makes it vulnerable to attacks. For instance, broadcasting packets without authentication allows the impersonation of electronic control units (ECUs). Prior mitigations, such as message authentication or intrusion detection systems, fail to address the compatibility requirement with legacy ECUs, stealthy and sporadic malicious messaging, or guaranteed attack detection. We propose a novel authentication system called ShadowAuth that overcomes the aforementioned challenges by offering backward-compatible packet authentication to ECUs without requiring ECU firmware source code. Specifically, our authentication scheme provides transparent CAN packet authentication without modifying existing CAN packet definitions (e.g., J1939) via automatic ECU firmware instrumentation technique to locate CAN packet transmission code, and instrument authentication code based on the CAN packet behavioral transmission patterns. ShadowAuth enables vehicles to detect state-of-the-art CAN attacks, such as bus-off and packet injection, responsively within 60ms without false positives. ShadowAuth provides a sound and deployable solution for real-world ECUs.more » « less
-
User authentication is a critical process in both corporate and home environments due to the ever-growing security and privacy concerns. With the advancement of smart cities and home environments, the concept of user authentication is evolved with a broader implication by not only preventing unauthorized users from accessing confidential information but also providing the opportunities for customized services corresponding to a specific user. Traditional approaches of user authentication either require specialized device installation or inconvenient wearable sensor attachment. This paper supports the extended concept of user authentication with a device-free approach by leveraging the prevalent WiFi signals made available by IoT devices, such as smart refrigerator, smart TV and thermostat, etc. The proposed system utilizes the WiFi signals to capture unique human physiological and behavioral characteristics inherited from their daily activities, including both walking and stationary ones. Particularly, we extract representative features from channel state information (CSI) measurements of WiFi signals, and develop a deep learning based user authentication scheme to accurately identify each individual user. Extensive experiments in two typical indoor environments, a university office and an apartment, are conducted to demonstrate the effectiveness of the proposed authentication system. In particular, our system can achieve over 94% and 91% authentication accuracy with 11 subjects through walking and stationary activities, respectively.more » « less
- Free Publicly Accessible Full Text
-
Accepted Manuscript1.0
- Conference Paper:
- The DOI is not currently available.
