透過特徵排名剔除弱特徵以防止智慧型手機的行為生物身分認證 系統受到模擬攻擊;Weak Features Removal Via Feature Ranking to Prevent Impersonation Attack on Smartphone Behavior Biometric System

NCUIR > College of Electrical Engineering & Computer Science > Graduate Institute of Computer Science and Information Engineering > Electronic Thesis & Dissertation > Item 987654321/89976

Please use this identifier to cite or link to this item: http://ir.lib.ncu.edu.tw/handle/987654321/89976

Title:	透過特徵排名剔除弱特徵以防止智慧型手機的行為生物身分認證系統受到模擬攻擊;Weak Features Removal Via Feature Ranking to Prevent Impersonation Attack on Smartphone Behavior Biometric System
Authors:	阿伊夫;Falakh, Afif Izzul
Contributors:	資訊工程學系
Keywords:	生物行為特徵;身份認證;SVM;假冒攻擊;弱特徵;behavioral biometrics;authentication;SVM;impersonation;weak features
Date:	2022-08-20
Issue Date:	2022-10-04 12:06:19 (UTC+8)
Publisher:	國立中央大學
Abstract:	人們對智慧型手機和網路的依賴為許多線上服務的帶來了許多成長的機會，而在這些線上服務中，某些服務甚至需要處理個人的私密以及敏感訊息，如網路銀行、電子錢包等。因此，採用多重的安全措施可以使系統的安全性更佳的完善。而近期越來越受到研究人員關注的一種安全措施是基於生物行為特徵的身分認證系統（Behavioral Biometrics System，BBS），特別是採用操作智慧型手機的行為作為特徵。然而，一些研究指出存在冒充使用者行為的攻擊方式，這類的攻擊會為了騙過身分認證系統而試圖去模仿使用者的行為。因此，本研究提出了在三種情境下是否存在使用者弱特徵的判別方法：個體弱特徵（Individual Weak Features，IWF）、共同弱特徵（Common Weak Features，CWF）和總體弱特徵（General Weak Features，GWF）。首先，我們會進行假冒攻擊，也就是模仿使用者操作手機的行為，接者將這些攻擊者資料輸入進SVM 模型中，並與未受到攻擊的基本SVM 模型進行比較，以辨認出弱特徵。本研究實驗了四種演算法來識別弱特徵，分別為基本特徵排名法（Baseline Feature Rank，BFR）、反向特徵消去法（ Backward Feature Elimination，BFE）、增強特徵排名法（Enhanced Feature Rank， EFR）和多模型遞迴特徵消去法（Multi Model Recursive Feature Elimination， MMRFE）。透過假設測試出的結果，可以證明IWF、CWF 和 GWF 皆可使模型可靠度維持在一定的程度；而相對於 MMRFE、BFR 和 EFR，使用 BFE 可以得到最好的結果。;Our dependence of smartphone and internet has brought many opportunities for the growth of smartphone based online services. Some of these services are even deal with private and sensitive information such as mobile banking, electronic wallet, and the likes. Since that, multiple security measures are implemented to have the system as secure as possible. One of the security method which is getting more attention from researcher is behavioral biometrics system (BBS), especially the one based on smartphone swipe and handling behavior. This type of security system provide non-intrusive continuous authentication of the user which can protect the user in-between primary authentication system. However, some research shows the existence of impersonation attack, where an attacker is trying to mimic the user behavior to fool the system. Thus, this research proposed a method to identify the existence of weak features in several scopes: Individual Weak Features (IWF), Common Weak Features (CWF), and General Weak Features (GWF). First, a simulated attack is carried out. Then, the effect on these attack to the augmented Support Vector Machine (SVM) model is compared with the base SVM model is analysed to identify the weak features. Several algorithms are implemented to identify the weak features, namely Baseline Feature Rank (BFR), Backward Feature Elimination (BFE), Enhanced Feature Rank (EFR), and Multi Model Recursive Feature Elimination (MMRFE). By hypothesis testing the IWF, CWF, and GWF is proven to maintain reliability of the model to certain level. With the best one using BFE followed by MMRFE, BFR, and EFR.
Appears in Collections:	[Graduate Institute of Computer Science and Information Engineering] Electronic Thesis & Dissertation

Files in This Item:

File	Description	Size	Format
index.html		0Kb	HTML	38	View/Open

社群 sharing

Loading...