Fuzzy logic-based implicit authentication for mobile access control

In order to address the increasing compromise of user privacy on mobile devices, a Fuzzy Logic based implicit authentication scheme is proposed in this paper. The proposed scheme computes an aggregate score based on selected features and a threshold in real-time based on current and historic data depicting user routine. The tuned fuzzy system is then applied to the aggregated score and the threshold to determine the trust level of the current user. The proposed fuzzy-integrated implicit authentication scheme is designed to: operate adaptively and completely in the background, require minimal training period, enable high system accuracy while provide timely detection of abnormal activity. In this paper, we explore Fuzzy Logic based authentication in depth. Gaussian and triangle-based membership functions are investigated and compared using real data over several weeks from different Android phone users. The presented results show that our proposed Fuzzy Logic approach is a highly effective, and viable scheme for lightweight real-time implicit authentication on mobile devices.

Investigation into DCT Feature Selection for Visual Lip-Based Biometric Authentication

This paper investigated using lip movements as a behavioural biometric for person authentication. The system was trained, evaluated and tested using the XM2VTS dataset, following the Lausanne Protocol configuration II. Features were selected from the DCT coefficients of the greyscale lip image. This paper investigated the number of DCT coefficients selected, the selection process, and static and dynamic feature combinations. Using a Gaussian Mixture Model - Universal Background Model framework an Equal Error Rate of 2.20% was achieved during evaluation and on an unseen test set a False Acceptance Rate of 1.7% and False Rejection Rate of 3.0% was achieved. This compares favourably with face authentication results on the same dataset whilst not being susceptible to spoofing attacks.

Fingerprint Volatile Organic Compounds (VOC) analysis in Goat’s Milk and Halloumi Cheese as Marker for Authentication of Region of Origin

Goats’ milk is responsible for unique traditional products such as Halloumi cheese. The characteristics of Halloumi depend on the original features of the milk and on the conditions under which the milk has been produced such as feeding regime of the animals or region of production. Using a range of milk (33) and Halloumi (33) samples collected over a year from three different locations in Cyprus (A, Anogyra; K, Kofinou; P, Paphos), the potential for fingerprint VOC analysis as marker to authenticate Halloumi was investigated. This unique set up consists of an in-injector thermo desorption (VOCtrap needle) and a chromatofocusing system based on mass spectrometry (VOCscanner). The mass spectra of all the analyzed samples are treated by multivariate analysis (Principle component analysis and Discriminant functions analysis). Results showed that the highland area of product (P) is clearly identified in milks produced (discriminant score 67%). It is interesting to note that the higher similitude found on milks from regions “A” and “K” (with P being distractive; discriminant score 80%) are not ‘carried over’ on the cheeses (higher similitude between regions “A” and “P”, with “K” distinctive). Data have been broken down into three seasons. Similarly, the seasonality differences observed in different milks are not necessarily reported on the produced cheeses. This is expected due to the different VOC signatures developed in cheeses as part of the numerous biochemical changes during its elaboration compared to milk. VOC however it is an additional analytical tool that can aid in the identification of region origin in dairy products.

Ultra-Compact and Robust FPGA-Based PUF Identification Generator

Physically Unclonable Functions (PUFs), exploit inherent manufacturing variations and present a promising solution for hardware security. They can be used for key storage, authentication and ID generations. Low power cryptographic design is also very important for security applications. However, research to date on digital PUF designs, such as Arbiter PUFs and RO PUFs, is not very efficient. These PUF designs are difficult to implement on Field Programmable Gate Arrays (FPGAs) or consume many FPGA hardware resources. In previous work, a new and efficient PUF identification generator was presented for FPGA. The PUF identification generator is designed to fit in a single slice per response bit by using a 1-bit PUF identification generator cell formed as a hard-macro. In this work, we propose an ultra-compact PUF identification generator design. It is implemented on ten low-cost Xilinx Spartan-6 FPGA LX9 microboards. The resource utilization is only 2.23%, which, to the best of the authors' knowledge, is the most compact and robust FPGA-based PUF identification generator design reported to date. This PUF identification generator delivers a stable range of uniqueness of around 50% and good reliability between 85% and 100%.

Event-driven implicit authentication for mobile access control

In order to protect user privacy on mobile devices, an event-driven implicit authentication scheme is proposed in this paper. Several methods of utilizing the scheme for recognizing legitimate user behavior are investigated. The investigated methods compute an aggregate score and a threshold in real-time to determine the trust level of the current user using real data derived from user interaction with the device. The proposed scheme is designed to: operate completely in the background, require minimal training period, enable high user recognition rate for implicit authentication, and prompt detection of abnormal activity that can be used to trigger explicitly authenticated access control. In this paper, we investigate threshold computation through standard deviation and EWMA (exponentially weighted moving average) based algorithms. The result of extensive experiments on user data collected over a period of several weeks from an Android phone indicates that our proposed approach is feasible and effective for lightweight real-time implicit authentication on mobile smartphones.