Biometric Encoding for Replay-Resistant Smartphone User Authentication Using Handgrips

IF 7.7 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

IEEE Transactions on Mobile Computing Pub Date : 2024-10-04 DOI:10.1109/TMC.2024.3474673

Long Huang;Chen Wang

{"title":"Biometric Encoding for Replay-Resistant Smartphone User Authentication Using Handgrips","authors":"Long Huang;Chen Wang","doi":"10.1109/TMC.2024.3474673","DOIUrl":null,"url":null,"abstract":"Biometrics have been widely applied for user authentication. However, existing biometric authentications are vulnerable to biometric spoofing, because they can be observed and forged. In addition, they rely on verifying biometric features that rarely change. To address this issue, we propose to verify the handgrip biometric that can be unobtrusively extracted by acoustic signals when the user holds the phone. This biometric is uniquely associated with the user’s hand geometry, body-fat ratio, and gripping strength, which are hard to reproduce. Furthermore, we propose two biometric encoding techniques (i.e., temporal-frequential and spatial) to convert static biometrics into dynamic biometric features to prevent data reuse. In particular, we develop a biometric authentication system to work with the challenge-response protocol. We encode the ultrasonic signal according to a random challenge sequence and extract a distinct biometric code as the response. We further develop two decoding algorithms to decode the biometric code for user authentication. Additionally, we investigate multiple new attacks and explore using a latent diffusion model to solve the acoustic noise discrepancies between the training and testing data to improve system performance. Extensive experiments show our system achieves 97% accuracy in distinguishing users and rejects 100% replay attacks with \n<inline-formula><tex-math>$ 0.6 \\, s$</tex-math></inline-formula>\n challenge sequence.","PeriodicalId":50389,"journal":{"name":"IEEE Transactions on Mobile Computing","volume":"24 2","pages":"1230-1248"},"PeriodicalIF":7.7000,"publicationDate":"2024-10-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Transactions on Mobile Computing","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10705898/","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

Biometrics have been widely applied for user authentication. However, existing biometric authentications are vulnerable to biometric spoofing, because they can be observed and forged. In addition, they rely on verifying biometric features that rarely change. To address this issue, we propose to verify the handgrip biometric that can be unobtrusively extracted by acoustic signals when the user holds the phone. This biometric is uniquely associated with the user’s hand geometry, body-fat ratio, and gripping strength, which are hard to reproduce. Furthermore, we propose two biometric encoding techniques (i.e., temporal-frequential and spatial) to convert static biometrics into dynamic biometric features to prevent data reuse. In particular, we develop a biometric authentication system to work with the challenge-response protocol. We encode the ultrasonic signal according to a random challenge sequence and extract a distinct biometric code as the response. We further develop two decoding algorithms to decode the biometric code for user authentication. Additionally, we investigate multiple new attacks and explore using a latent diffusion model to solve the acoustic noise discrepancies between the training and testing data to improve system performance. Extensive experiments show our system achieves 97% accuracy in distinguishing users and rejects 100% replay attacks with

$ 0.6 \, s$

challenge sequence.

查看原文本刊更多论文

防重放智能手机用户身份验证的生物识别编码

生物识别技术已广泛应用于用户认证。然而，现有的生物识别认证容易受到生物识别欺骗的攻击，因为它们可以被观察和伪造。此外，它们依赖于验证很少变化的生物特征。为了解决这个问题，我们建议验证当用户拿着手机时，可以通过声音信号不显眼地提取的握持生物特征。这种生物特征与用户的手的几何形状、体脂比和握力有独特的联系，而这些是很难复制的。此外，我们提出了两种生物特征编码技术（即时间-频率和空间），将静态生物特征转换为动态生物特征，以防止数据重用。特别是，我们开发了一个生物识别认证系统，以配合挑战响应协议。我们根据随机挑战序列对超声波信号进行编码，并提取一个独特的生物特征码作为响应。我们进一步开发了两种解码算法来解码用户身份验证的生物识别代码。此外，我们研究了多种新的攻击，并探索使用潜在扩散模型来解决训练和测试数据之间的声学噪声差异，以提高系统性能。大量的实验表明，我们的系统在识别用户方面达到了97%的准确率，并且在0.6 \,s$挑战序列下拒绝了100%的重放攻击。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

IEEE Transactions on Mobile Computing 工程技术-电信学

CiteScore

12.90

自引率

2.50%

发文量

403

审稿时长

6.6 months

期刊介绍： IEEE Transactions on Mobile Computing addresses key technical issues related to various aspects of mobile computing. This includes (a) architectures, (b) support services, (c) algorithm/protocol design and analysis, (d) mobile environments, (e) mobile communication systems, (f) applications, and (g) emerging technologies. Topics of interest span a wide range, covering aspects like mobile networks and hosts, mobility management, multimedia, operating system support, power management, online and mobile environments, security, scalability, reliability, and emerging technologies such as wearable computers, body area networks, and wireless sensor networks. The journal serves as a comprehensive platform for advancements in mobile computing research.