Acceptance of Biometric Systemsfor User Authentication and Identification

Dobaibi, Mymoon

January 2023

Biometric systems have become increasingly popular for user authentication andidentification across various domains, including smartphones, laptops, financial services,healthcare, and security. These systems offer enhanced security and quickaccess to data, aiming to address the challenges associated with passwords and pins.However, achieving a method that provides a 100% guarantee in all fields and for alldevices remains a challenge. To explore user perceptions on the acceptance of biometricsystems, an online survey was conducted with 99 participants from diversebackgrounds, education levels, ages, and countries. The survey focused on understandingusers’ acceptance of biometric systems based on their experiences and perspectives.Additionally, it aimed to investigate whether demographic factors, suchas age, education, and background, influence user acceptance. The study also comparedthe preferred authentication technique among users with findings from previousstudies. The survey results supported previous research, showing that fingerprinttechnology is the most recommended and preferred method for user authentication,followed by facial recognition. This study sheds light on the growing adoption ofbiometric systems to overcome password-related issues and provides valuable insightsinto user preferences for authentication and identification methods.

Biometrics Acceptance

Authentication Techniques

User Preferences

Preferred Techniques

User Experiences

User Perception.

Computer Sciences

Datavetenskap (datalogi)

KUDDLER

Lewis, Evan

January 2010

No description available.

Electrical Engineering

premature infant

medical device

NICU

biometrics

mother

Kangaroo Care

Multimodal recognition using simultaneous images of iris and face with opportunistic feature selection

Tompkins, Richard Cortland

22 August 2011

No description available.

Electrical Engineering

biometrics

computer vision

face recognition

iris recognition

pattern recognition

DESIGN AND PERFORMANCE ANALYSIS OF A SECURE PROCES-SOR SCAN-SP WITH CRYPTO-BIOMETRIC CAPABILITIES

Kannavara, Raghudeep

29 October 2009

No description available.

Computer Science

Electrical Engineering

Engineering

Secure Processor

Cryptography

Steganography

Biometrics

SCAN methodology

Local-Global graphs

Secure Trust Establishment in an Internet of Things Framework

Meharia, Pallavi

January 2016

No description available.

Computer Science

Internet of Things

Security

Authentication

Wireless Body Area Networks

Autonomous Vehicle

Biometrics

SINGULAR VALUE DECOMPOSITION AND 2D PRINCIPAL COMPONENT ANALYSIS OF IRIS-BIOMETRICS FOR AUTOMATIC HUMAN IDENTIFICATION

Brown, Michael J.

05 September 2006

No description available.

iris recognition

singular value decomposition (SVD)

2D principal component analysis (2DPCA)

biometrics

Evasion Attacks Against Behavioral Biometric Continuous Authentication Using a Generative Adversarial Network

Blenneros, Herman, Sävenäs, Erik

January 2021

The aim of the project was to examine the feasibilityof evading continuous authentication systems with a generativeadversarial network. To this end, a group of supervised andunsupervised state-of-the-art classifiers were trained on a publiclyavailable dataset of stroke patterns on mobile devices. To find thebest configurations for each classifier, hyper-parameter searcheswere performed. To attack the classifiers, a generative adversarialnetwork was trained on the dataset to reproduce samples followingthe same distribution. The generative adversarial networkwas optimized to maximize the Equal Error Rate metric of theclassifiers on the reproduced data. Our results show that theEqual Error Rate and the Threshold False Acceptance Rateincreased on generated samples compared to random evasionattacks. Across the classifiers, the greatest increase in Equal ErrorRate was 26 percent (for the artificial neural network), and thegreatest increase in Threshold False Acceptance Rate was 60percent for the same classifier. Moreover, it was found that, ingeneral, the unsupervised classifiers were more robust towardsthis type of attack. The results indicate that evasion attacksagainst continuous authentication systems using a generativeadversarial network are feasible and thus constitute a real threat. / Målet med detta projekt var att undersökamöjligheten att undgå ett aktivt verifieringssystem med hjälpav ett generativt nätverk. För att göra detta valde vi ut ettantal moderna klassifieringsalgoritmer och tränade dem på enoffentlig datasamling av svepmönster på mobiltelefoner. För atterhålla de bästa konfigurationerna för varje klassifieringsalgoritmutfördes hyper-parameter sökningar. För att attackera klassifieringsalgorithmernaimplementerades ett generative adversarialnetwork som tränades på datasamlingen för att reproduceraliknande svepmönster. Det generativa nätverket optimerades föratt maximera klassifieringsalgoritmernas likvärdiga felkvot medden reproducerade datan. Resultaten visar att den likvärdigafelkvoten och tröskeln av den felaktiga verifieringskvoten ökademed den reproducerade datan jämfört med slumpmässiga tester.Den högsta ökningen av den likvärdiga felkvoten var 26 procent(för det artificiella neurala nätverket) och den högsta ökningenav tröskeln av den felaktiga verifieringskvoten var 60 procent forsamma algoritm. Därutöver fann vi att de oövervakade klassifieringsalgoritmernavar mer motståndskraftiga mot denna typenav attack jämfört med de övervakade klassifieringsalgoritmerna.Resultaten tyder på att det är möjligt att till viss del undgå ettaktivt verifieringssystem med hjälp av ett generative adversarialnetwork och att denna typen av attacker utgör ett konkret hot. / Kandidatexjobb i elektroteknik 2021, KTH, Stockholm

Continuous Authentication

Generative Adversarial Network

evasion

biometrics

Elektroteknik och elektronik

Factors Influencing the Adoption of Biometric Security Technologies by Decision Making Information Technology and Security Managers

Lease, David R.

10 1900

The research conducted under this study offers an understanding of the reasons why information technology (IT) and/or information assurance (IA) managers choose to recommend or not to recommend particular technologies, specifically biometric security, to their organizations. A review of the relevant literature provided the foundation to develop a set of research questions and factors for this research effort. The research questions became the basis of the study’s stated hypotheses for examining managers’ perceptions of the security effectiveness, need, reliability, and cost-effectiveness of biometrics. The research indicates that positive perceptions of security effectiveness, need, reliability, and cost-effectiveness correlate with IT/IA managers’ willingness to recommend biometric security technologies. The implications of this study are that executives and managers can make informed decisions about the recommendation and adoption process relevant to biometric security technologies through an understanding of how perceptions of biometric technology affect the decision to recommend this type of technology. The study’s results may also help biometric product developers, vendors, and marketers understand the important perceptions of biometric security technologies within their customer base of IT/IA managers.

biometric security

technology adoption

information security

information assurance

information technology

biometrics

decision making

QA75

T1

Design and Verification of Privacy and User Re-authentication Systems

Jagadeesan, Harini

29 May 2009

In the internet age, privacy and security have become major concerns since an increasing number of transactions are made over an unsecured network. Thus there is a greater chance for private data to be misused. Further, insider attacks can result in loss of valuable data. Hence there arises a strong need for continual, non-intrusive, quick user re-authentication. Previously, a number of studies have been conducted on authentication using behavioral attributes. Currently, few successful re-authentication mechanisms are available since they use either the mouse or the keyboard for re-authentication and target particular applications. However, successful re-authentication is still dependent on a large number of factors such as user excitation level, fatigue and using just the keyboard or the mouse does not mitigate these factors successfully. Both keyboard and mouse contain valuable, hard-to-duplicate information about the user's behavior. This can be used for analysis and identification of the current user. We propose an application independent system that uses this information for user re-authentication. This system will authenticate the user continually based on his/her behavioral attributes obtained from both the keyboard and mouse operations. This re-authentication system is simple, continual, non-intrusive and easily deployable. To utilize the mouse and keyboard information for re-authentication, we propose a novel heuristic that uses the percentage of mouse-to-keyboard interaction ratio. This heuristic allows us to extract suitable user-behavioral attributes. The extracted data is compared with an already trained database for user re-authentication. The accuracy of the system is calculated by the number of correct identifications to total number of identifications. At present, the accuracy of the system is around 96% for application based user re-authentication and around 82% for application independent user re-authentication. We perform black box, white box testing and Spec# verification procedures that prove the robustness of the proposed system. On testing POCKET, a privacy protection software for children, it was found that the security of POCKET was inadequate at the user level. Our system enhances POCKET security at the user level and ensures that the child's privacy is protected. / Master of Science

biometrics

behavioral

testing

mouse

verification

keyboard

security

Spec#

user re-authentication

API de Segurança e Armazenamento de uma Arquitetura Multibiométrica para Controle de Acesso com Autenticação Contínua. / Security and Persistence APIs of a Multi-biometric Access Control Architecture for Continuous Authentication.

Oliveira, Adriana Esmeraldo de

16 September 2011

Made available in DSpace on 2015-05-14T12:36:30Z (GMT). No. of bitstreams: 1 arquivototal.pdf: 4594295 bytes, checksum: bd4f4df655903b796eb6cf79a5060ded (MD5) Previous issue date: 2011-09-16 / Coordenação de Aperfeiçoamento de Pessoal de Nível Superior / A biometric system that employs one single biometric characteristic is constrained. This limitation can be reduced by fusing the information presented by multiple sources. A system that consolidates the evidence presented by multiple biometric sources is known as a multibiometric system. In such a context, this work proposes the security and persistence APIs of a multi-biometric architecture, which is capable of using one or more biometric modalities. In access control applications, a user might be forced to authenticate in order to give an unauthorized access to a criminal. As an alternative to this problem, the API uses a continuous authentication process, which verifies if the user identified at the start of the software application is still able to remain on the system, without human interferences or breaks in the process. Much of the literature on biometric system design has focused on system error rates and scaling equations. However, it is also important to have a solid foundation for future progress as the processes and systems architecture for the new biometric application are designed. Hence, the designed architecture made it possible to create a well-defined API for multibiometric systems, which may help developers to standardize, among other things, their data structure, in order to enable and facilitate templates fusion and interoperability. Therefore, the developed security and persistence APIs support a multi-biometric access control architecture. This architecture is extensible, that is, capable of easily comprising new biometric characteristics and processes, yet making it possible to use a template security mechanism. The APIs were designed and implemented. They were demonstrated by a prototype application, through which it was possible to conduct the test experiments. / Um sistema biométrico que empregue uma única peculiaridade ou traço característico é restrito. Esta limitação pode ser suavizada pela fusão dos dados apresentados por múltiplas fontes. Um sistema que consolida a evidência apresentada por múltiplas fontes biométricas é conhecido como um sistema multibiométrico. Nesse contexto, este trabalho propõe a interface de aplicação (API) de segurança e armazenamento de uma arquitetura multibiométrica, com habilidade de empregar uma ou mais modalidades biométricas. Em aplicações de controle de acesso, um usuário pode ser coagido a se autenticar para permitir um acesso indevido. Como alternativa para este problema, a API utiliza um processo de autenticação contínua, que verifica se o usuário que se identificou no início de uma aplicação de software ainda está apto a continuar no sistema, sem interferências humanas ou paralisações do processo. Grande parte da literatura sobre projeto de sistemas biométricos tem o foco nas taxas de erro do sistema e na simplificação de equações. No entanto, também é importante que se tenha uma base sólida para progressos futuros no momento em que os processos e a arquitetura da nova aplicação biométrica estiverem sendo projetados. Neste sentido, a arquitetura projetada permitiu a construção de uma API bem definida para sistemas multibiométricos, que deverá auxiliar os desenvolvedores a padronizar, entre outras coisas, sua estrutura de dados, de forma a possibilitar e facilitar a fusão de modelos biométricos e a interoperabilidade. Deste modo, a API de segurança e armazenamento desenvolvida suporta uma arquitetura multibiométrica de controle de acesso para autenticação contínua extensível, isto é, capaz de receber novas características e processos biométricos com facilidade, permitindo, ainda, o uso de um mecanismo de segurança de templates biométricos. A API foi projetada e implementada. Sua demonstração foi feita através de uma aplicação protótipo, por meio da qual foi possível realizar os testes.

Multibiometria

Biometria

Multimodalidade

Controle de acesso

Autenticação contínua

Arquitetura de software

Segurança de templates

Multi-biometrics

Biometrics

Multimodality

Access control

Continuous authentication

Software architecture

Template security