• DocumentCode
    1126592
  • Title

    Forgery Quality and Its Implications for Behavioral Biometric Security

  • Author

    Ballard, Lucas ; Lopresti, Daniel ; Monrose, Fabian

  • Author_Institution
    Johns Hopkins Univ., Baltimore
  • Volume
    37
  • Issue
    5
  • fYear
    2007
  • Firstpage
    1107
  • Lastpage
    1118
  • Abstract
    Biometric security is a topic of rapidly growing importance in the areas of user authentication and cryptographic key generation. In this paper, we describe our steps toward developing evaluation methodologies for behavioral biometrics that take into account threat models that have been largely ignored. We argue that the pervasive assumption that forgers are minimally motivated (or, even worse, naive) is too optimistic and even dangerous. Taking handwriting as a case in point, we show through a series of experiments that some users are significantly better forgers than others, that such forgers can be trained in a relatively straightforward fashion to pose an even greater threat, that certain users are easy targets for forgers, and that most humans are a relatively poor judge of handwriting authenticity, and hence, their unaided instincts cannot be trusted. Additionally, to overcome current labor-intensive hurdles in performing more accurate assessments of system security, we present a generative attack model based on concatenative synthesis that can provide a rapid indication of the security afforded by the system. We show that our generative attacks match or exceed the effectiveness of forgeries rendered by the skilled humans we have encountered.
  • Keywords
    cryptography; handwriting recognition; psychology; behavioral biometric security; concatenative synthesis; cryptographic key generation; forgery quality; generative attack model; handwriting authenticity; signature verification; system security; user authentication; Authentication; Biometrics; Computer science; Cryptography; Fingerprint recognition; Forgery; Handwriting recognition; Humans; Performance evaluation; Security; Biometric security; forgery models; signature verification; Algorithms; Artificial Intelligence; Automatic Data Processing; Biometry; Computer Security; Fraud; Handwriting; Image Interpretation, Computer-Assisted; Information Storage and Retrieval; Pattern Recognition, Automated; Quality Control;
  • fLanguage
    English
  • Journal_Title
    Systems, Man, and Cybernetics, Part B: Cybernetics, IEEE Transactions on
  • Publisher
    ieee
  • ISSN
    1083-4419
  • Type

    jour

  • DOI
    10.1109/TSMCB.2007.903539
  • Filename
    4305263