
Research Article
Active Attack that Exploits Biometric Similarity Difference and Basic Countermeasures
@INPROCEEDINGS{10.1007/978-3-030-98005-4_7, author={Pin Lyu and Wandong Cai and Yao Wang}, title={Active Attack that Exploits Biometric Similarity Difference and Basic Countermeasures}, proceedings={Ad Hoc Networks and Tools for IT. 13th EAI International Conference, ADHOCNETS 2021, Virtual Event, December 6--7, 2021, and 16th EAI International Conference, TRIDENTCOM 2021, Virtual Event, November 24, 2021, Proceedings}, proceedings_a={ADHOCNETS \& TRIDENTCOM}, year={2022}, month={3}, keywords={Gait authentication Wearable sensors Impersonation attack}, doi={10.1007/978-3-030-98005-4_7} }
- Pin Lyu
Wandong Cai
Yao Wang
Year: 2022
Active Attack that Exploits Biometric Similarity Difference and Basic Countermeasures
ADHOCNETS & TRIDENTCOM
Springer
DOI: 10.1007/978-3-030-98005-4_7
Abstract
As one of the most popular IoT (Internet of Things) devices, smartphone stores sensitive personal information. As a result, authentication on smartphones attracts widespread attention in recent years. Sensor-based authentication methods have achieved excellent results due to their feasibility and high efficiency. However, the current work lacks comprehensive security verification, undetected potential vulnerabilities are likely to be leveraged to launch attacks on these authentication approaches. We propose a novel attack to evaluate the reliability and robustness of the existing authentication methods. The basic idea behind our strategy is that the system has its authentication error; we elaborately analyze the false-negative samples to summarize its vulnerable properties and leverage such vulnerabilities to design our attack. The experiment result proves the feasibility of our attack and also demonstrates the drawbacks of the existing approaches. In addition, we propose a corresponding protect approach to defend against this attack, of which the scheme has the self-learning ability to update according to the newly detected attacks. Compared with authentications using multiple sensors, we only adopt a single accelerometer to achieve an EER of 5.3%, showing the convenience and effectiveness of our system.