Authentication Using Pulse-Response Biometrics Kasper B. Rasmussen 1 - PowerPoint PPT Presentation

Authentication Using Pulse-Response Biometrics Kasper B. Rasmussen 1 Marc Roeschlin 2 Ivan Martinovic 1 Gene Tsudik 3 1 University of Oxford 2 ETH Zurich 3 UC Irvine Clermont Ferrand, 2014 Slide 1.

A Bit About Myself Lecturer at University of Oxford. Current Research Topics Security of Wireless Networks Protocol design Applied Cryptography Security of embedded systems Cyber-physical systems Oh yes—Biometrics. Slide 2.

Outline Background on Biometrics 1 Pulse-Response 2 Security Applications 3 Experimental Results 4 Slide 3.

Biometrics: A Definition Biometrics A means to identify individual human beings by their characteristics or traits. Slide 4.

Biometrics Behavioral Keystroke timing, speech pattern analysis, gait recognition and hand-writing Physiological Fingerprints, hand geometry, facial recognition, speech analysis and iris/retina scans Slide 5.

Biometrics Unobtrusive Keystroke timing, speech pattern analysis, gait recognition, hand-writing, facial recognition and speech analysis Invasive Fingerprints, hand geometry and iris/retina scans Slide 6.

Why a New Biometric? Some biometrics are“secure”but“hard to use” . Fingerprints Iris/Retina Others are“less secure”but“easy to use” . Face recognition Key-stroke dynamics Slide 7.

Biometric Design Goals Universal: The biometric must be universally 1 applicable, to the extent required by the application. Unique: The biometric must be unique within the 2 target population. Permanent: The biometric must be consistent over 3 the time period where it’s used. Slide 8.

Biometric Design Goals ...cont. Unobtrusive: An unobtrusive biometric is much 4 more likely to be accepted. Difficult to circumvent: Essential for a biometric in 5 any security context. ...also, for completeness Collectability, Acceptability and Cost Effectiveness Slide 9.

Biometrics in Security Identification Obtain the identity of a user. vs. Authentication Confirm the identity of a user. Slide 10.

Biometrics in Security Identification Obtain the identity of a user. vs. Authentication Confirm the identity of a user. Continuous Authentication Continuously confirm the identity of a user. Slide 11.

Pulse-Response Biometric Pulse signal applied to the palm of one hand. The biometric is captured by measuring the response in the user’s hand. Slide 12.

User Safety Voltage (V) 1 1.5 Max Current (mA) 0.1 500+ Exposure 100ns ∼ 500ms Slide 13.

Case 1: Hardening PIN Entry Slide 14.

Case 1: Hardening PIN Entry Biometric Properties Universality, Uniqueness, Permanence, Unobtrusiveness, Circumvention Difficulty Slide 15.

ATM Decision Flowchart No Is PIN Start Correct? Yes Does Accept! pulse-response Reject! match? Yes No End Slide 16.

ATM Decision Flowchart No Is PIN Start Correct? Yes Does Accept! pulse-response Reject! match? Yes No P break = P guess · P forge End Slide 17.

Case 2: Continuous Authentication Slide 18.

Case 2: Continuous Authentication Biometric Properties Universality, Uniqueness, Permanence, Unobtrusiveness, Circumvention Difficulty Slide 19.

Cont. Auth. Decision Flowchart Start Yes Wait for login. Does Reacquire pulse-response Get pulse-response Wait pulse-response match? reference. No T ake action. Pulse-response Policy database database End Slide 20.

Cont. Auth. Security Start "Start" Passed Yes Adv sits biometric Wait for login. Does Reacquire down test pulse-response Get pulse-response Wait pulse-response 1 2 reference. match? No T ake action. Pulse-response Policy database database Detected End 3 Slide 21.

Cont. Auth. Security Start "Start" Passed Yes Adv sits biometric Wait for login. Does Reacquire down test pulse-response Get pulse-response Wait pulse-response 1 2 reference. match? No T ake action. Pulse-response Policy database database Detected End 3   0 1 − α α P = 0 1 − β β   0 0 1 Slide 22.

Cont. Auth. Security   0 1 − α α P = 0 1 − β β   0 0 1 Probabilities after i rounds, starting in state 1 [1 , 0 , 0] · P i = [0 , (1 − α )(1 − β ) i − 1 , 1 − (1 − α )(1 − β ) i − 1 ] Probability of detection (state 3) for i = 10 1 − (1 − α )(1 − β ) i − 1 = 1 − (1 − 0 . 99)(1 − 0 . 3) 10 − 1 = 1 − 0 . 01 · 0 . 7 9 ≈ 99 . 96% Slide 23.

Cont. Auth. Security   0 1 − α α P = 0 1 − β β   0 0 1 Probabilities after i rounds, starting in state 1 [1 , 0 , 0] · P i = [0 , (1 − α )(1 − β ) i − 1 , 1 − (1 − α )(1 − β ) i − 1 ] Probability of detection (state 3) for i = 10 1 − (1 − α )(1 − β ) i − 1 = 1 − (1 − 0 . 99)(1 − 0 . 3) 10 − 1 After 50 rounds this grows to 99.99999997% = 1 − 0 . 01 · 0 . 7 9 ≈ 99 . 96% Slide 24.

Experimental Setup Slide 25.

Signals Input pulse Measured pulse Signal magnitude [Volt] 1.0 0.5 0.0 0 200 400 600 800 Time [ns] 500 400 Spectral density 300 200 100 0 0 25 50 75 100 Frequency bins Slide 26.

Classification Slide 27.

Binary detection error rate Selecting the Classifier 100% 25% 50% 75% 0% P u P l s u e P l s − u e 1 l s − − Latent Dirichlet Allocation, K-Nearest Neighbor Support Vector Machine, Euclidean Distance, e 1 1 S ● i − − n 1 1 e − 0 S L 1 0 i i n n 0 − 0 e 1 0 L S 0 0 ● ● i n − i n − 2 e 1 5 L 0 0 i S n − − 5 i n 1 0 e 0 0 L S i − i n 9 n − 8 e 1 0 ● S L − i i n 2 n − 5 SVM e 1 0 L ● S − i n 5 i n − 0 e 1 0 L S i − i n 9 n − 8 e 5 0 S L − S i i n 2 q n − 5 e 5 0 u L a − r i n 5 e S − 0 q L 5 0 i u n − a − 9 r 1 8 e 0 0 L − i n 2 − 5 1 0 − 2 P 5 u 0 ● P l s u e P l − s u e 1 l − − s S e 1 1 ● − − i n e 1 1 − 0 L 0 S i 1 i n 0 n − 0 e 1 0 S L 0 0 ● i i n n − − 2 e 1 5 L 0 0 S i n − i − 5 n 1 0 e 0 0 L S − i n 9 i n − 8 Euclidean e 1 0 L S i − i n 2 n − 5 e 1 0 S L − i i n 5 n − 0 e 1 0 L S − i n 9 i n − 8 e 5 0 L S i − S i n 2 q n − 5 e u 5 0 a L − i r n 5 S e − 0 L 5 0 q i ● u n − a − 9 r 1 8 e 0 0 L i − n 2 − 5 1 0 ● − P 2 5 u P 0 l s u e P l s − u e 1 l s − − S e 1 1 ● i n − − 1 1 e − 0 L S 1 0 i n 0 i n e − 0 1 0 L 0 0 S i ● i n − n − 2 e 1 5 L 0 0 ● ● i S n − i − 5 n 1 0 e 0 0 S L − i i n 9 n − 8 e 1 0 L ● ● S − i n 2 i n − 5 e 1 0 LDA L S i − i n 5 n − 0 e 1 0 ● S L − i i n 9 n − 8 e 5 0 L ● ● ● ● S − S i n 2 i n q − 5 u e 5 0 L a i − r n 5 S e − 0 L q 5 0 ● u i n − a − 9 r 1 8 e 0 L 0 ● − i n 2 − 5 1 0 − 2 P 5 u 0 P l s u e P l s − u e 1 l s − − e 1 1 S i − − n 1 1 e − 0 S L 1 0 i i n n 0 − 0 e 1 0 L S 0 0 i n − i n − 2 e 1 5 L 0 0 i S n − − 5 i n 1 0 e 0 0 L S i − i n 9 n − 8 e 1 0 ● S L − i i n 2 n − 5 e 1 0 Knn L S − i n 5 i n − 0 e 1 0 ● L S i − i n 9 n − 8 e 5 0 S L − S i i n 2 q n − 5 e 5 0 u L a − r i n 5 e S − 0 q L 5 0 ● ● ● i u n − a − 9 r 1 8 e 0 0 L − i n 2 − 5 Slide 28. 1 0 − 2 5 0