User Tools

Site Tools


behavioral_biometrics

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
behavioral_biometrics [2019/09/03 13:39]
sandeep.gupta@unitn.it [People]
behavioral_biometrics [2022/01/18 08:27] (current)
Line 1: Line 1:
-Among the [[research_activities|research topics]] ​ of the [[start|Security Group]], we are investigating the use of behavioral biometrics for user authentication on new generation devices. Existing authentication schemes, e.g., PIN/​passwords,​ face and iris recognition,​ etc., have shown to be less secure and less usable and users are reluctant to enable them on their devices. Consequently,​ the research has been diverted to find their usable alternatives.+Among the [[research_activities|research topics]] ​ of the [[start|Security Group]], we are investigating the use of behavioral biometrics for user authentication on new-generation devices. Existing authentication schemes, e.g., PIN/​passwords,​ face and iris recognition,​ etc., have shown to be less secure and less usable and users are reluctant to enable them on their devices. Consequently,​ the research has been diverted to find usable alternatives.
  
  
 Human biological data, due to its permanence and uniqueness, can be used as a means of identification,​ authentication and access control. The use of biological data for the purpose of identity management is termed as biometric recognition or simply biometrics. Physical (based on the physical characteristics) and behavioral (based on behaviors) biometrics are the most popular types. Physical characteristics include fingerprints,​ hand geometry, iris or retina scans, etc., and behavioral characteristics include keystrokes, gait, signature, voice, etc. Other biometrics use chemical features (based on events that happen in a person'​s body, measured by e.g., odor or temperature) and cognitive features (based on brain responses to specific stimuli, e.g. odor or sound). Human biological data, due to its permanence and uniqueness, can be used as a means of identification,​ authentication and access control. The use of biological data for the purpose of identity management is termed as biometric recognition or simply biometrics. Physical (based on the physical characteristics) and behavioral (based on behaviors) biometrics are the most popular types. Physical characteristics include fingerprints,​ hand geometry, iris or retina scans, etc., and behavioral characteristics include keystrokes, gait, signature, voice, etc. Other biometrics use chemical features (based on events that happen in a person'​s body, measured by e.g., odor or temperature) and cognitive features (based on brain responses to specific stimuli, e.g. odor or sound).
  
-Biometrics has got all the potential to completely replace PINs and passwords because they can be stolen, forgotten, and shared. Biometric authentication has been studied for a long time. Large-scale commercial deployments already exist, such as the fingerprint sensors on laptops and smartphones. However, these deployments are based on physical biometrics, which essentially ​require ​explicit user action, hence result in annoying ​the users. As a results, most of the research about transparent,​ implicit and unobservable authentication for smartphone'​s security and access control is based on behavioral biometrics.+Biometrics has got all the potential to completely replace PINs and passwords because they can be stolen, forgotten, and shared. Biometric authentication has been studied for a long time. Large-scale commercial deployments already exist, such as the fingerprint sensors on laptops and smartphones. However, these deployments are based on physical biometrics, which essentially ​requires ​explicit user action, hence result in annoying users. As a result, most of the research about transparent,​ implicit and unobservable authentication for smartphone'​s security and access control is based on behavioral biometrics.
  
-Behavioral biometrics offer many advantages over physiological traits. One of the main advantages is that the behavioral patterns can be collected transparently or sometimes even without user's knowledge. More importantly,​ data collection does not require any special dedicated hardware. However, most of the behaviors are not unique enough to provide accurate user identification but have shown promising results in user verification. Various behavior-based authentication solutions have been tested and evaluated but are yet to be deployed at large scale. One reason is that the performance of many of these schemes is not yet at the same level as physical biometrics. Another reason is that not much attention has been paid to the performance of biometrics under differing or difficult circumstances. For example, gait authentication is typically evaluated by having subjects walk along flat surfaces of corridors in buildings.+Behavioral biometrics offer many advantages over physiological traits. One of the main advantages is that the behavioral patterns can be collected transparently or sometimes even without ​the user's knowledge. More importantly,​ data collection does not require any special dedicated hardware. However, most of the behaviors are not unique enough to provide accurate user identification but have shown promising results in user verification. Various behavior-based authentication solutions have been tested and evaluated but are yet to be deployed at large scale. One reason is that the performance of many of these schemes is not yet at the same level as physical biometrics. Another reason is that not much attention has been paid to the performance of biometrics under differing or difficult circumstances. For example, gait authentication is typically evaluated by having subjects walk along flat surfaces of corridors in buildings.
  
  
-We have been developing behavioral-biometric-based solutions that authenticate the users with either minimal or no cooperation from the users. We are designing, prototyping and testing the proposed authentication based on our identified behaviors, i.e., how a person holds her phone, moves her phone, or interact ​with its touchscreen. We are also performing the comparative evaluation, based on accuracy, performance,​ and usability, with the state-of-the-art behavioral-biometric-based solutions. All of our solutions exploit the existing hardware (avoiding additional hardware ​requirement) and hence can be implemented on most of the smartphones available in the market today. ​+We have been developing behavioral-biometric-based solutions that authenticate the users with either minimal or no cooperation from the users. We are designing, prototyping and testing the proposed authentication based on our identified behaviors, i.e., how a person holds her phone, moves her phone, or interacts ​with its touchscreen. We are also performing the comparative evaluation, based on accuracy, performance,​ and usability, with the state-of-the-art behavioral-biometric-based solutions. All of our solutions exploit the existing hardware (avoiding additional hardware ​requirements) and hence can be implemented on most of the smartphones available in the market today. ​
  
 ==== Themes ==== ==== Themes ====
  
-Within the main stream ​project we covered a number of themes.+Within the mainstream ​project we covered a number of themes.
  
-  * Authentication for Smartphones,​ tablets and smartwatches.+  * Authentication for Smartphones,​ tabletsand smartwatches.
   * Securing the behavioral-biometric-template (ongoing)   * Securing the behavioral-biometric-template (ongoing)
   * Risk-based adaptive/​continuous user authentication schemes(ongoing).   * Risk-based adaptive/​continuous user authentication schemes(ongoing).
Line 42: Line 42:
   * [[Android App Reputation Services (ARTS)]]   * [[Android App Reputation Services (ARTS)]]
  
 +
 +==== Datasets ====
 +
 +**Instructions to access to our datasets**
 +
 +  - Send the {{:​disi_securitylab_license.pdf|signed license agreement}} by email as per the instructions mentioned below.
 +  - Send an email to __security(AT)disi(DOT)unitn(DOT)it__,​ as follows:
 +  - Subject: [DATABASE download: DISI Security Lab Datasets]
 +  - Body: Your name, e-mail, telephone number, organization,​ postal mail, the purpose for which you will use the database, time and date at which you sent the email with the signed license agreement.
 +  - Once the email (//​preferred you to use your company/​institute/​university email id//) along with the license agreement has been received, we will send the requested database. ​
 +
 +
 +**Datasets Available**
 +
 +  - **41 users micro hand-movements dataset (21263 observations) collected in the wild using smartphone.**
 +  - 95 users touch and hold-movements data (smartphones)
 +  - 86 users swipe, pickup, and voice data (smartphones)
 +  - 40 users hold and digital signature data (tablets)
 +  - 40 users hand-movements data for Smarthandle
 ==== Solutions ==== ==== Solutions ====
   * [[http://​unitn.apachetechnology.com/#​dialerauth|DialerAuth]]   * [[http://​unitn.apachetechnology.com/#​dialerauth|DialerAuth]]
Line 53: Line 72:
 ====Talks and Tutorials ==== ====Talks and Tutorials ====
  
 +  * Sandeep Gupta. [[https://​youtu.be/​t91JcogINcQ|Next-generation user authentication schemes for IoT applications]],​ FOSAD, 2019.
 +  * Sandeep Gupta. [[https://​youtu.be/​EyJ-th-L8Ik|Introduction to Machine Learning and Classifiers]],​ UNITN, 2019. 
   * Attaullah Buriro. //Mobile Biometrics: Towards A Comprehensive ​ Evaluation Methodology//​. Madrid, Spain. October 2017.{{:​research_activities:​mobile-biometrics.pdf|Slides}}   * Attaullah Buriro. //Mobile Biometrics: Towards A Comprehensive ​ Evaluation Methodology//​. Madrid, Spain. October 2017.{{:​research_activities:​mobile-biometrics.pdf|Slides}}
   * Attaullah Buriro. //Hold & Sign: A Novel Behavioral Biometrics for Smartphone User Authentication//​. DistriNET KULeuven, LEuven, Belgium. December 2016.{{:​research_activities:​diskman.pdf|Slides}}   * Attaullah Buriro. //Hold & Sign: A Novel Behavioral Biometrics for Smartphone User Authentication//​. DistriNET KULeuven, LEuven, Belgium. December 2016.{{:​research_activities:​diskman.pdf|Slides}}
Line 60: Line 81:
   ​   ​
   ==== Publications ====   ==== Publications ====
 +  ​
 +**2020**
 +    * Sandeep Gupta, Attaullah Buriro and Bruno Crispo: A chimerical dataset combining physiological and behavioral biometric traits for reliable user authentication on smart devices and ecosystems; Data In Brief (DIB), Elsevier.
 +  ​
 **2019** **2019**
     * Sandeep Gupta, Attaullah Buriro and Bruno Crispo: A Risk-driven Model to Minimize the Effects of Human Factors on Smart Devices; ETAA, 2019.     * Sandeep Gupta, Attaullah Buriro and Bruno Crispo: A Risk-driven Model to Minimize the Effects of Human Factors on Smart Devices; ETAA, 2019.
behavioral_biometrics.txt ยท Last modified: 2022/01/18 08:27 (external edit)