Toward Robotic Robbery on the Touch Screen

Serwadda, Abdul; Phoha, Vir V.; Wang, Zibo; Kumar, Rajesh; Shukla, Diksha

doi:10.1145/2898353

Cited by 25 publications

(23 citation statements)

References 21 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Although there are several advantages associated with the active authentication systems, there are different limitations and problems are facing it which are as follows [49,50,51,56,57]: • Noisy data: the sensed data that recorded by the sensors devices that used in active authentication systems is always affected by some level of impreciseness in measurements. • Non-universality: the active authentication system may not be able to collect meaningful data.…”

Section: Limitations and Challengesmentioning

confidence: 99%

See 1 more Smart Citation

A survey on behavioral biometric authentication on smartphones

Mahfouz

Mahmoud

Eldin

2017

Journal of Information Security and Applications

View full text Add to dashboard Cite

Recent research has shown the possibility of using smartphones' sensors and accessories to extract some behavioral attributes such as touch dynamics, keystroke dynamics and gait recognition. These attributes are known as behavioral biometrics and could be used to verify or identify users implicitly and continuously on smartphones. The authentication systems that have been built based on these behavioral biometric traits are known as active or continuous authentication systems.This paper provides a review of the active authentication systems. We present the components and the operating process of the active authentication systems in general, followed by an overview of the state-of-theart behavioral biometric traits that used to develop an active authentication systems and their evaluation on smartphones. We discuss the issues, strengths and limitations that associated with each behavioral biometric trait. Also, we introduce a comparative summary between them. Finally, challenges and open research problems are presented in this research field.

show abstract

Section: Limitations and Challengesmentioning

confidence: 99%

“…• Vulnerabilities: such as spoofing and robot attacks. for example Serwadda et al [57] developed two Lego-driven robotic attacks on touch-based authentication.…”

Section: Limitations and Challengesmentioning

confidence: 99%

A survey on behavioral biometric authentication on smartphones

Mahfouz

Mahmoud

Eldin

2017

Journal of Information Security and Applications

View full text Add to dashboard Cite

show abstract

“…Earlier work authenticates users while they are being shown controlled stimuli, such as images [13] or moving shapes [14]. Eberz [19] Touch dynamics Assisted manual imitation Perfect [20] Touch dynamics Automatic (robot) None [21] Touch dynamics Automatic (robot) Perfect [22] Gait Assisted manual imitation Perfect [2] ECG Signal generator Cross-device users while they perform standard computer tasks (reading, typing, browsing and watching videos) [15]. Their featureset consists of temporal features reflecting short-term speed and acceleration, spatial features that measure the steadiness of the gaze and the changes of the pupil diameter.…”

Section: Biometric Authenticationmentioning

confidence: 99%

“…This approach significantly increased the system's false accept rate, although the baseline equal error rate is already much higher than that of related work. The authors also consider a targeted attack, for which they assume the attacker has obtained a perfect copy of (some) of the victim's feature vectors [21].…”

Section: Imitation Attacksmentioning

confidence: 99%

When Your Fitness Tracker Betrays You: Quantifying the Predictability of Biometric Features Across Contexts

Eberz

Lovisotto

Patané

et al. 2018

2018 IEEE Symposium on Security and Privacy (SP)

View full text Add to dashboard Cite

Attacks on behavioral biometrics have become increasingly popular. Most research has been focused on presenting a previously obtained feature vector to the biometric sensor, often by the attacker training themselves to change their behavior to match that of the victim. However, obtaining the victim's biometric information may not be easy, especially when the user's template on the authentication device is adequately secured. As such, if the authentication device is inaccessible, the attacker may have to obtain data elsewhere. In this paper, we present an analytic framework that enables us to measure how easily features can be predicted based on data gathered in a different context (e.g., different sensor, performed task or environment). This framework is used to assess how resilient individual features or entire biometrics are against such cross-context attacks. In order to be able to compare existing biometrics with regard to this property, we perform a user study to gather biometric data from 30 participants and five biometrics (ECG, eye movements, mouse movements, touchscreen dynamics and gait) in a variety of contexts. We make this dataset publicly available online. Our results show that many attack scenarios are viable in practice as features are easily predicted from a variety of contexts. All biometrics include features that are particularly predictable (e.g., amplitude features for ECG or curvature for mouse movements). Overall, we observe that cross-context attacks on eye movements, mouse movements and touchscreen inputs are comparatively easy while ECG and gait exhibit much more chaotic cross-context changes.

show abstract

“…Threat Scenario -Using gamification for attack: The idea behind this scenario is that a malicious entity puts a game on the app market such that users download and play it. Unbeknownst to the users, the game is instrumented to elicit user moves or actions that enable the capture of security-sensitive data such as behavioral biometric data (e.g., swipe patterns that could later be used to drive attacks such as that in [28]) or even more traditional authentication credentials (e.g., an unlock pattern). For a more focused exposition, we tailor the rest of the description to the pattern lock mechanism since this is the case studied in our experiments.…”

Section: Assumptions: Threat Scenario Vs Benign Scenariomentioning

confidence: 99%

Gamification of Wearable Data Collection

Acharya

Matovu

Serwadda

et al. 2019

Proceedings of the 2019 3rd International Conference on Compute and Data Analysis

Self Cite

View full text Add to dashboard Cite

Games are designed to build on certain inherently reward centered aspects of our psychology. This encourages the user to keep playing and engaging in the entertainment for just a bit longer. In this paper we explore the way in which gamification can be used to benefit researchers aiming to collect large amounts of data from sometimes less than enthusiastically motivated participants. We also investigate the risks associated with such mechanisms for data collection and how malicious entities could use these same methods to trick users into exposing private information. Across several experiments used to measure the cross-applicable nature of the data we collected, we demonstrate that a gamified version of a data collection tool could be used to predict the pattern used to unlock a phone.

show abstract

Toward Robotic Robbery on the Touch Screen

Cited by 25 publications

References 21 publications

A survey on behavioral biometric authentication on smartphones

A survey on behavioral biometric authentication on smartphones

When Your Fitness Tracker Betrays You: Quantifying the Predictability of Biometric Features Across Contexts

Gamification of Wearable Data Collection

Contact Info

Product

Resources

About