poster

Poster: Towards a Framework for Assessing Vulnerabilities of Brainwave Authentication Systems

Authors:

Karen Becker,

Patricia Arias-Cabarcos,

Thilo Habrich,

Christian BeckerAuthors Info & Claims

CCS '19: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security

Pages 2577 - 2579

https://doi.org/10.1145/3319535.3363260

Published: 06 November 2019 Publication History

Get Access

Abstract

In the quest to devise new alternatives to password-based authentication, behavioral biometrics have become more and more appealing due to the improved usability that comes with their unobtrusiveness. One such type of biometric are brainwaves, which can be nowadays easily measured and used to prove a person's identity. Given the potential for this technology to be adopted in the near future, it is paramount to analyze its security implications. Furthermore, recent advances in brain computer interfaces make feasible the usage of brainwaves to prove users' identity. This work presents a comprehensive framework for assessing the vulnerabilities of brainwave authentication systems, incorporating new attack vectors that target specific features of brain biometrics. Resting on this theoretical groundwork, we analyze the existing literature on attacks and countermeasures, identifying gaps and providing a foundation for future research. Furthermore, we evaluated a subset of attacks identified through the framework and report our preliminary results.

References

[1]

Mohammed Abo-Zahhad, Sabah Mohammed Ahmed, and Sherif Nagib Abbas. 2015. A Survey on Brain Biometrics. IET Biometrics, Vol. 4, 3 (sep 2015), 179--190.

Google Scholar

[2]

Robertas Damavs evivc ius, Rytis Maskeli=unas, Egidijus Kazanavivc ius, and Marcin Wo'zniak. 2018. Combining cryptography with EEG biometrics. Computational intelligence and neuroscience, Vol. 2018 (2018).

Google Scholar

[3]

EmotivSystems. 2019. Emotiv Epoc Headset. https://www.emotiv.com/epoc/ Retrieved July 31, 2019 from

Google Scholar

[4]

Qiong Gui, Maria V. Ruiz-Blondet, Sarah Laszlo, and Zhanpeng Jin. 2019. A Survey on Brain Biometrics. ACM Computing Surveys (CSUR), Vol. 51, 6 (feb 2019), 112:1--112:38.

Digital Library

Google Scholar

[5]

Marcello Ienca and Pim Haselager. 2016. Hacking the brain: brain-computer interfacing technology and the ethics of neurosecurity. Ethics and Information Technology, Vol. 18, 2 (April 2016), 117--129.

Digital Library

Google Scholar

[6]

Anil K Jain, Arun Ross, and Umut Uludag. 2005. Biometric template security: Challenges and solutions. In 13th European signal processing conference. IEEE Computer Society, Antalya, Turkey, 1--4.

Google Scholar

[7]

Wael H. Khalifa, Abdel-Badeeh Salem, Kenneth Roushdy, and Mohamed Revett. 2012. A survey of EEG based user authentication schemes. In 2012 8th International Conference on Informatics and Systems (INFOS). IEEE, BIO--55--BIO--60.

Google Scholar

[8]

Ivan Martinovic, Doug Davies, Mario Frank, Daniele Perito, Tomas Ros, and Dawn Song. 2012. On the Feasibility of Side-Channel Attacks with Brain-Computer Interfaces. In 21st USENIX Security Symposium (USENIX Security 12). USENIX, Bellevue, WA, 143--158.

Google Scholar

[9]

NIST. 2015. Measuring Strength of Authentication. Discussion draft 1. Information Technology Laboratory.

Google Scholar

[10]

QianQian Li, Ding Ding, and Mauro Conti. 2015. Brain-computer interface applications: Security and privacy challenges. In 2015 IEEE Conference on Communications and Network Security (CNS '15). Florence, IT, 663--666.

Google Scholar

[11]

Nalini K. Ratha, Jonathan H. Connell, and Ruud M. Bolle. 2001. Enhancing security and privacy in biometrics-based authentication systems. IBM Systems Journal, Vol. 40, 3 (Jan. 2001).

Digital Library

Google Scholar

[12]

Ali Velshi and Hussein Saddique. 2017. Brain hacking: What Bill Gates and other tech titans want with our mind. https://www.nbcnews.com/tech/technews/ brain-hacking-what-bill-gates-other-tech-titans-want-ourn833156 Retrieved July 31, 2019 from

Google Scholar

[13]

N. Wiener. 1965. Cybernetics or Control and Communication in the Animal and the Machine .(Vol. 25). MIT Press, Cambridge, MA.

Google Scholar

[14]

Jonathan Wolpaw and Elizabeth W. Wolpaw. 2012. Brain-Computer Interfaces: Principles and Practice. Oxford University Press, Oxford, UK.

Google Scholar

Cited By

View all

Meng WCai YYang LChiu W(2021)Hybrid Emotion-Aware Monitoring System Based on Brainwaves for Internet of Medical ThingsIEEE Internet of Things Journal10.1109/JIOT.2021.30794618:21(16014-16022)Online publication date: 1-Nov-2021
https://doi.org/10.1109/JIOT.2021.3079461
Chiu WMeng WLi W(2021)I Can Think Like You! Towards Reaction Spoofing Attack on Brainwave-Based AuthenticationSecurity, Privacy, and Anonymity in Computation, Communication, and Storage10.1007/978-3-030-68851-6_18(251-265)Online publication date: 5-Feb-2021
https://doi.org/10.1007/978-3-030-68851-6_18

Index Terms

Poster: Towards a Framework for Assessing Vulnerabilities of Brainwave Authentication Systems
1. Security and privacy
  1. Security services
    1. Authentication
      1. Biometrics
  2. Systems security
    1. Vulnerability management

Recommendations

Hidden Biometric Security Implementation through Human Brain's Artificial Macro Structure

Biometrics are means for security but on the other side they are prone to forgery. For this hidden biometrics like veins, retina, etc. came into the picture. We have chosen hidden biometrics because of their characteristic of not being visible to ...
I Can Think Like You! Towards Reaction Spoofing Attack on Brainwave-Based Authentication
Security, Privacy, and Anonymity in Computation, Communication, and Storage
Abstract
In the coming period of Internet of Things (IoT), user authentication is one important and essential security mechanism to protect assets from unauthorized access. Textual passwords are the most widely adopted authentication method, but have well-...
Three measures for secure palmprint identification

Most previous research in the area of personal authentication using the palmprint as a biometric trait has concentrated on enhancing accuracy yet resistance to attacks is also a centrally important feature of any biometric security system. In this paper,...

Comments

Information & Contributors

Information

Published In

CCS '19: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security

November 2019

2755 pages

ISBN:9781450367479

DOI:10.1145/3319535

General Chairs:
Lorenzo Cavallaro
King's College London, UK
,
Johannes Kinder
Bundeswehr University Munich, Germany
,
Program Chairs:
XiaoFeng Wang
Indiana University, USA
,
Jonathan Katz
George Mason University, USA

Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for third-party components of this work must be honored. For all other uses, contact the Owner/Author.

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 06 November 2019

Check for updates

Author Tags

Qualifiers

Poster

Funding Sources

Alexander von Humboldt Foundation

Conference

CCS '19

Sponsor:

SIGSAC

CCS '19: 2019 ACM SIGSAC Conference on Computer and Communications Security

November 11 - 15, 2019

London, United Kingdom

Acceptance Rates

CCS '19 Paper Acceptance Rate 149 of 934 submissions, 16%;

Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

Upcoming Conference

CCS '24

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 14 - 18, 2024

Salt Lake City , UT , USA

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

2
Total Citations
View Citations
298
Total Downloads

Downloads (Last 12 months)12
Downloads (Last 6 weeks)1

Reflects downloads up to 11 Aug 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Meng WCai YYang LChiu W(2021)Hybrid Emotion-Aware Monitoring System Based on Brainwaves for Internet of Medical ThingsIEEE Internet of Things Journal10.1109/JIOT.2021.30794618:21(16014-16022)Online publication date: 1-Nov-2021
https://doi.org/10.1109/JIOT.2021.3079461
Chiu WMeng WLi W(2021)I Can Think Like You! Towards Reaction Spoofing Attack on Brainwave-Based AuthenticationSecurity, Privacy, and Anonymity in Computation, Communication, and Storage10.1007/978-3-030-68851-6_18(251-265)Online publication date: 5-Feb-2021
https://doi.org/10.1007/978-3-030-68851-6_18

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Index Terms

Recommendations

Hidden Biometric Security Implementation through Human Brain's Artificial Macro Structure

I Can Think Like You! Towards Reaction Spoofing Attack on Brainwave-Based Authentication

Three measures for secure palmprint identification