Advertisement

Augmented Cognition for Continuous Authentication

  • Nancy MogireEmail author
  • Michael-Brian Ogawa
  • Brent Auernheimer
  • Martha E. Crosby
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10284)

Abstract

Authentication serves the gatekeeping function in computing systems. Methods used in authentication fall into three major paradigms: ‘what you know’, ‘who you are’ and ‘what you have’ of which the first is still the most commonly applied in the form of passwords authentication. Recall and recognition are the cognitive functions central to the ‘what you know’ authentication paradigm. Studies have shown that more secure passwords are harder to recall and this often leads to habits that facilitate recollection at the expense of security. Combining the uniqueness of physiological measures, such as brainwave patterns, with memorable augmented passwords shows the promise of providing a secure and memorable authentication process. In this paper, we discuss authentication and related problems and considerations in literature. We then test a password system designed to make use of character property transformations such as color and font to minimize the need for complex passwords while not compromising security. The findings from this study suggest that applying transformations to passwords facilitates memorability. We then discuss a study to combine an augmented password system with physiological measures that can provide a more secure model for continuous authentication.

Keywords

Authentication Password authentication Brainwave based authentication Recall and recognition Password memory Physiological measures 

References

  1. 1.
    Bayliss, J.D., Auernheimer, B.: Using a brain-computer interface in virtual and real world. Proc. Ninth Int. Conf. Hum.-Comput. Interact. 1, 312–316 (2001)Google Scholar
  2. 2.
    Bhattacharyya, R., Coffman, B.A., Choe, J., Phillips, M.E.: Does neurotechnology produce a better brain? Computer 50(2), 48–58 (2017). doi: 10.1109/mc.2017.49 CrossRefGoogle Scholar
  3. 3.
    Cabeza, R., Kapur, S., Craik, F.I.M., McIntosh, A.R., Houle, S., Tulving, E.: Functional neuroanatomy of recall and recognition: a pet study of episodic memory. J. Cogn. Neurosci. 9(2), 254–265 (1997). doi: 10.1162/jocn.1997.9.2.254 CrossRefGoogle Scholar
  4. 4.
    Chen, L., Pearson, S., Vamvakas, A.: A trusted biometric system - PDF. http://docplayer.net, http://docplayer.net/33351165-A-trusted-biometric-system.html. Accessed 18 Feb 2017
  5. 5.
    Chuang, J., Nguyen, H., Wang, C., Johnson, B.: I think, therefore i am: usability and security of authentication using brainwaves. In: Proceedings of the Workshop on Usable Security, USEC 2013 (2013)Google Scholar
  6. 6.
    Florencio, D., Herley, C.: A large-scale study of web password habits. ACM, New York (2007). doi: 10.1145/1242572.1242661. ©2008
  7. 7.
    Forget, A., Chiasson, S., Biddle, R.: Lessons from brain age on password memorability. ACM, New York (2008). doi: 10.1145/1496984.1497044. ©2008
  8. 8.
    Gonzalez, R., Berman, M.G.: The value of brain imaging in psychological research. Acta Psychol. Sin. 42(1), 111–119 (2010). doi: 10.3724/SP.J.1041.2010.00111 Google Scholar
  9. 9.
    Gupta, C.N., Palaniappan, R., Paramesran, R.: Exploiting the P300 paradigm for cognitive biometrics. Int. J. Cogn. Biometrics 1(1), 26–28 (2012). doi: 10.1504/IJCB.2012.046513 CrossRefGoogle Scholar
  10. 10.
    Ikehara, C.S., Crosby, M.E.: Physiological measures used for identification of cognitive states and continuous authentication. In: CHI 2010 (2010)Google Scholar
  11. 11.
    Kiljan, S., Simoens, K., Cock, D.D., Eekelen, M.V., Vranken, H.: A survey of authentication and communications security in online banking. ACM Comput. Surv. 49(4), 1–35 (2016). doi: 10.1145/3002170 CrossRefGoogle Scholar
  12. 12.
    Khandelwal, R.J., Mahajan, J.D., Bombatkar, U.P., Badhe, S.G.: Analysis of EEG signals for deception detection. Int. J. Adv. Res. Elect. Electron. Inst. Eng. 5(2) (2016). doi: 10.15662/IJAREEIE.2016.0502038
  13. 13.
    Klein, D.V.: Foiling the cracker: a survey of, and improvements to, password security. In: Proceedings of the 2nd USENIX Security Workshop (1990)Google Scholar
  14. 14.
    Kumari, P., Vaish, A.: Brainwave based authentication system: research issues and challenges. Int. J. Comput. Eng. Appl. IV, I & II (2014). ISSN: 2321 - 3469Google Scholar
  15. 15.
    Martinovic, I., Davies, D., Frank, M., Perito, D., Ros, T., Song, D.: On the feasibility of side-channel attacks with brain-computer interfaces. In: The Proceedings of the 21st USENIX Conference on Security Symposium (2012)Google Scholar
  16. 16.
    Meijer, E.H., Smulders, F.T.Y., Wolf, A.: The contribution of mere recognition to the P300 effect in a concealed information test. Appl. Psychophysiol. Biofeedback (2009). doi: 10.1007/s10484-009-9099-9 Google Scholar
  17. 17.
    Melby-Lervåg, M., Hulme, C.: Is working memory training effective? A meta-analytic review. Dev. Psychol. 49(2), 270–291 (2013). doi: 10.1037/a0028228 CrossRefGoogle Scholar
  18. 18.
    Merzagora, A.C., Bunce, S., Izzetoglu, M., Onaral, B.: Wavelet analysis for EEG feature extraction in deception detection. In: 2006 International Conference of the IEEE Engineering in Medicine and Biology Society (2006). doi: 10.1109/iembs.2006.260247
  19. 19.
    Picard, R.W.: Automating the recognition of stress and emotion: from lab to real-world impact. IEEE Multimedia 23(3), 3–7 (2016). doi: 10.1109/MMUL.2016.38 CrossRefGoogle Scholar
  20. 20.
    Safont, G., Salazar, A., Soriano, A., Vergara, L.: Combination of multiple detectors for EEG based biometric identification/authentication. In: 2012 IEEE International Carnahan Conference on Security Technology (ICCST) (2012). doi: 10.1109/ccst.2012.6393564
  21. 21.
    Thorpe, J., van Oorschot, P.C., Somayaji, A.: Pass-thoughts: authenticating with our minds. ACM, New York (2005). doi: 10.1145/1146269.1146282. ©2005

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  • Nancy Mogire
    • 1
    Email author
  • Michael-Brian Ogawa
    • 1
  • Brent Auernheimer
    • 2
  • Martha E. Crosby
    • 1
  1. 1.Department of Information and Computer SciencesUniversity of Hawaii at ManoaHonoluluUSA
  2. 2.Computer Science DepartmentCalifornia State UniversityFresnoUSA

Personalised recommendations