The practical subtleties of biometric key generation
SS'08 Proceedings of the 17th conference on Security symposium
Personal verification based on extraction and characterisation of retinal feature points
Journal of Visual Languages and Computing
Retinal verification using a feature points-based biometric pattern
EURASIP Journal on Advances in Signal Processing - Special issue on recent advances in biometric systems: a signal processing perspective
Keystroke-based authentication by key press intervals as a complementary behavioral biometric
SMC'09 Proceedings of the 2009 IEEE international conference on Systems, Man and Cybernetics
Online signature verification with support vector machines based on LCSS kernel functions
IEEE Transactions on Systems, Man, and Cybernetics, Part B: Cybernetics - Special issue on gait analysis
Random forgery attacks against DTW-based online signature verification algorithm
Proceedings of the 2011 ACM Symposium on Applied Computing
On measuring forgery quality in online signatures
Pattern Recognition
Synthetic on-line signature generation. Part I: Methodology and algorithms
Pattern Recognition
When kids' toys breach mobile phone security
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Examining a Large Keystroke Biometrics Dataset for Statistical-Attack Openings
ACM Transactions on Information and System Security (TISSEC)
Hi-index | 0.00 |
Biometric security is a topic of rapidly growing importance in the areas of user authentication and cryptographic key generation. In this paper, we describe our steps toward developing evaluation methodologies for behavioral biometrics that take into account threat models that have been largely ignored. We argue that the pervasive assumption that forgers are minimally motivated (or, even worse, naive) is too optimistic and even dangerous. Taking handwriting as a case in point, we show through a series of experiments that some users are significantly better forgers than others, that such forgers can be trained in a relatively straightforward fashion to pose an even greater threat, that certain users are easy targets for forgers, and that most humans are a relatively poor judge of handwriting authenticity, and hence, their unaided instincts cannot be trusted. Additionally, to overcome current labor-intensive hurdles in performing more accurate assessments of system security, we present a generative attack model based on concatenative synthesis that can provide a rapid indication of the security afforded by the system. We show that our generative attacks match or exceed the effectiveness of forgeries rendered by the skilled humans we have encountered.