{"title":"Mobile Biometrics, Replay Attacks, and Behavior Profiling: An Empirical Analysis of Impostor Detection","authors":"T. Neal, D. Woodard","doi":"10.1109/ICB45273.2019.8987407","DOIUrl":null,"url":null,"abstract":"The rise of mobile devices has contributed new biometric modalities which reflect behavioral tendencies as users interact with the device’s services. In this paper, we explore replay attacks against such systems and how a remote attack might affect authentication performance. There are few efforts that focus on replay attacks in mobile biometric systems, and none to our knowledge related to user-device interactions, such as the use of mobile apps. Instead, previous efforts have mainly considered spoofing attacks, which implicate that the attacker has learned their target’s behavior instead of obtaining a direct copy of logged behavior by theft. Here, we explore temporally-derived replay attacks that assume that application, Bluetooth, and Wi-Fi data has been captured remotely and then intelligently combined with some level of noise to avoid the replay of an exact copy of legitimate data. We study several factors that may affect replay attack detection, including the effects of varying the amount of data available during data collection, the number of samples used for training, and supervised and unsupervised learning on attack detection. In our analysis, false positive rates increased from 2.3% when using zero-effort attacks to over 40% as a result of replay attacks. However, our results also show that by contextualizing behavior in the feature representation, false positive rates decrease by over 25%.","PeriodicalId":430846,"journal":{"name":"2019 International Conference on Biometrics (ICB)","volume":"8 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 International Conference on Biometrics (ICB)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICB45273.2019.8987407","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 2
Abstract
The rise of mobile devices has contributed new biometric modalities which reflect behavioral tendencies as users interact with the device’s services. In this paper, we explore replay attacks against such systems and how a remote attack might affect authentication performance. There are few efforts that focus on replay attacks in mobile biometric systems, and none to our knowledge related to user-device interactions, such as the use of mobile apps. Instead, previous efforts have mainly considered spoofing attacks, which implicate that the attacker has learned their target’s behavior instead of obtaining a direct copy of logged behavior by theft. Here, we explore temporally-derived replay attacks that assume that application, Bluetooth, and Wi-Fi data has been captured remotely and then intelligently combined with some level of noise to avoid the replay of an exact copy of legitimate data. We study several factors that may affect replay attack detection, including the effects of varying the amount of data available during data collection, the number of samples used for training, and supervised and unsupervised learning on attack detection. In our analysis, false positive rates increased from 2.3% when using zero-effort attacks to over 40% as a result of replay attacks. However, our results also show that by contextualizing behavior in the feature representation, false positive rates decrease by over 25%.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
