Human-seeded attacks and exploiting hot-spots in graphical passwords
SS'07 Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium
Towards practical biometric key generation with randomized biometric templates
Proceedings of the 15th ACM conference on Computer and communications security
A lightweight biometric signature scheme for user authentication over networks
Proceedings of the 4th international conference on Security and privacy in communication netowrks
The practical subtleties of biometric key generation
SS'08 Proceedings of the 17th conference on Security symposium
An efficient user verification system via mouse movements
Proceedings of the 18th ACM conference on Computer and communications security
Blog or block: Detecting blog bots through behavioral biometrics
Computer Networks: The International Journal of Computer and Telecommunications Networking
Examining a Large Keystroke Biometrics Dataset for Statistical-Attack Openings
ACM Transactions on Information and System Security (TISSEC)
Hi-index | 0.00 |
Biometric security is a topic of rapidly growing importance, especially as it applies to user authentication and key generation. In this paper, we describe our initial steps towards developing evaluation methodologies for behavioral biometrics that take into account threat models which have largely been ignored. We argue that the pervasive assumption that forgers are minimally motivated (or, even worse, naïve), or that attacks can only be mounted through manual effort, is too optimistic and even dangerous. To illustrate our point, we analyze a handwriting-based key-generation system and show that the standard approach of evaluation significantly overestimates its security. Additionally, to overcome current labor-intensive hurdles in performing more accurate assessments of system security, we present a generative attack model based on concatenative synthesis that can provide a rapid indication of the security afforded by the system. We show that our generative attacks match or exceed the effectiveness of forgeries rendered by the skilled humans we have encountered.