移除弱特徵以抵禦基於行為身份驗證系統上的偽造攻擊

以作者查詢圖書館館藏

、以作者查詢臺灣博碩士

、以作者查詢全國書目

、勘誤回報

、線上人數：16

、訪客IP：3.144.83.68

姓名

蘇敬渝(Jin-Yu Su) 查詢紙本館藏

畢業系所

資訊工程學系

論文名稱

移除弱特徵以抵禦基於行為身份驗證系統上的偽造攻擊
(Weak Features Removal Mechanism to Prevent Impersonation Attack on Behavior Biometric System)

相關論文

★ 基於OpenPose特徵的行人分心偵測	★ 建構深度學習CNN模型以正確分類傳統AOI模型之偵測結果
★ 一種結合循序向後選擇法與回歸樹分析的瑕疵肇因關鍵因子擷取方法與系統－以紡織製程為例	★ 融合生成對抗網路及領域知識的分層式影像擴增
★ 針織布異常偵測方法研究	★ 應用增量式學習於多種農作物判釋之研究
★ 農業影像二元分類：坵塊分離的檢測	★ 應用遷移學習於胚布瑕疵檢測
★ 基於網頁 MCES 分析系統的分析過程加速	★ 使用一台智能手錶在有限的數據下檢測方向盤位置
★ 在基於操作行為之智慧型手機身分驗證系統上的使用者偽造攻擊研究

檔案

[Endnote RIS 格式]

[Bibtex 格式]

[相關文章]

[文章引用]

[完整記錄]

[館藏目錄]

至系統瀏覽論文 (2026-6-30以後開放)

摘要(中)

隨著科技的成長，人們越來越依賴智慧型手機與網路所帶來的便利性；然而與此發展的同時，一些如行動銀行等包含個人敏感資訊的應用程式造成資料外洩的風險也在持續上升。為此，採用多重的安全措施更能完善系統的安全性。而近年來其中一種備受研究人員關注的身份驗證系統即是基於行為特徵的生物驗證(Behavioral Biometrics)，特別是基於操作智慧型手機的行為特徵所建立的身份驗證系統。然而，部分研究也指出，這一類的系統會受到其對抗性攻擊(Adversarial Attack)：偽造攻擊(Impersonation Attack)，造成系統的穩健性(Robustness)下降。過往，研究團隊曾針對不同的情境，提出識別使用者弱特徵並將其移除之解決方法；然而團隊認為，針對單一使用者與多位攻擊者、多位使用者與多位攻擊者兩種情境的實驗結果仍有進步的空間。因此，本論文將針對單一使用者與多位攻擊者之情境提出識別共同弱特徵(Common Weak Features，CWF)之兩種方法：基本特徵排名法(Baseline Feature Rank, BFR)、反向特徵消去法(Backward Feature Elimination, BFE)，並透過移除共同弱特徵的資料擊重新訓練出具有抵禦機制的模型。同時，本論文也將針對多位使用者與多位攻擊者之情境，嘗試透過對CWF投票篩選出總體弱特徵(General Weak Features, GWF)，並移除GWF以建立適用所有使用者的通用(General)抵禦模型。除此之外，本論文也考量到使用者間的多樣型，提出了另一種基於預測試(Pretesting)與分群(Clustering)架構的方法，並在初步實驗透過使用者的共同弱特徵衡量使用者間的相似度(Similarity)，並為使用者進行分群，以證實該架構的可行性，為研究團隊提供了一個基礎架構，供其進一步建立和改進。

摘要(英)

With the development of technology, people are increasingly relying on the convenience brought by smart phones and the Internet. However, some applications such as mobile banking that contain sensitive personal information cause data leakage risks is continuing to rise at the same time. For this reason, multiple security measures are implemented to have the system as secure as possible. In recent years, one of the authentication systems that getting more attention from researchers is behavioral biometrics, especially the touch interaction of operating smart phones. However, some studies also pointed out that those systems are attacked by its adversarial attack: impersonation attack, resulting in a decrease in the robustness of the system. Our research team has proposed different solutions to identify weak features in different scenarios of users and remove them for rebuild the defense model in the past, but the results of some scenarios still have room for improvement. Therefore, this thesis will propose two methods: Baseline Feature Rank (BFR) and Backward Feature Elimination (BFE) for identifying Common Weak Features (CWF) in the scenario of 1 user versus multiple attackers. The defense model will be trained by data that remove with CWF. Additionally, this thesis also aims to address scenarios involving multiple users and multiple attackers. It attempts to identify the General Weak Features (GWF) by applying voting to the CWF and subsequently removing the GWF to build the general defense model applicable to all users. Furthermore, considering the diversity among users, this thesis also proposes an alternative approach based on the pretesting and clustering framework. In our initial experiments, the similarity between users is measured through their CWF, and clustering is performed to validate the feasibility of this framework. This provides a foundational structure for research teams to further develop and improve upon.

關鍵字(中)

★ 行為生物識別
★ 對抗性攻擊
★ 偽造攻擊
★ 弱特徵

關鍵字(英)

★ Behavioral Biometrics
★ Adversarial Attack
★ Impersonation Attack
★ Weak Features

論文目次

目錄
一、緒論 1
1.1 研究背景 1
1.2 研究動機 2
1.3 研究目的 4
1.4 問題定義 4
1.5 研究貢獻 4
1.6 論文架構 4
二、相關文獻 6
2.1 生物行為辨識系統(Behavioral Biometric System) 6
2.2 基於行為的直方圖(Histogram)特徵表示法 6
2.3 對抗性攻擊 6
2.3.1 有關物件偵測(Object Detection)的對抗性攻擊 8
2.3.2 基於生理生物特徵辨識系統的對抗性攻擊 8
2.3.3 基於行為生物特徵辨識系統的對抗性攻擊 9
2.4 針對不同情境的弱特徵(Weak Features, WF)研究 10
2.5 支援向量機(Support Vector Machine, SVM) 11
2.5.1 線性SVM(Linear SVM)之超參數調整 11
2.6 生物識別系統之效能指標 13
三、研究方法 14
3.1 資料前處理 14
3.2 基準模型(Baseline Model)訓練 19
3.3 共同弱特徵之情境調整 21
3.4 共同弱特徵篩選演算法 21
3.5 建立具有抵禦Impersonation Attack能力的模型 24
3.6 總體弱特徵的篩選與對應的抵禦模型建立方法 24
3.7 基於預測試與群集的總體架構 25
四、實驗設計與結果分析 27
4.1 實驗設計 27
4.1.1 為單一受害者建立可以抵禦多位攻擊者的模型M0j* 30
4.1.2 為所有受害者建立可以抵禦所有攻擊者的模型M0jg 31
4.1.3 初步的群集實驗 31
4.2 實驗結果分析 32
4.2.1 為單一受害者建立可以抵禦多位攻擊者的模型M0j* 32
4.2.2 為所有受害者建立可以抵禦所有攻擊者的模型M0jg 36
4.2.3 初步的群集實驗 40
五、結論與未來展望 42
5.1 結論 42
5.2 未來展望 42
參考文獻 43

參考文獻

[1] Statista, Number of smartphone users worldwide 2013-2028, Published by J. Degenhard, Jun 1, 2023, https://www.statista.com/forecasts/1143723/smartphone-users-in-the-world
[2] I. I. Androulidakis, “Confidentiality, Integrity, and Availability Threats in Mobille Phones”, in Mobile Phone Security and Forensics, 2nd edition, Springer, 2012, pp. 1-12
[3] J. Galbally, I. Coisel, and I. Sanchez, “A New Multimodal Approach for Password Strength Estimation Part I: Theory and Algorithms,” IEEE Trans. on Information Forensics and Security, vol. 12, pp. 2829–2844, 2017
[4] Arash Habibi Lashkari, Samaneh Farmand, Dr. Omar Bin Zakaria, Dr. Rosli Saleh, ” Shoulder Surfing attack in graphical password authentication”, International Journal of Computer Science and Information Security, IJCSIS, Vol. 6, No. 2, pp. 145-154, November 2009, USA
[5] M. Rees, “Behavioral Biometrics: A Complete Guide,” Expert Insights, Dec. 13, 2021. https://expertinsights.com/insights/a-guide-to-behavioral-biometrics/ (accessed Jun. 16, 2022)
[6] M. Frank, et al, “Touchalytics: On the Applicability of Touchscreen Input as a Behavioral Biometric for Continuous Authentication,” IEEE Trans on Inf. Forensic Security, vol. 8, no. 1, pp. 136-148, January 2013
[7] Tim G. J. Rudner, Helen Toner, “Key Concepts in AI Safety: Robustness and Adversarial Examples CSET Issue Brief”, Center for Security and Emerging Technology, March 2021
[8] Ian J. Goodfellow, Jonathon Shlens, Christian Szegedy, “Explaining and Harnessing Adversarial Examples”, arXiv:1412.6572
[9] L.-X. Lin, “Impersonation Attack on Touch-Based Behavioral Smartphone Authentication,” Thesis, CSIE, NCU, Taoyaun, 2021. Available: https://etd.lib.nctu.edu.tw/cgibin/gs32/ncugsweb.cgi/ccd=yezwX1/record?r1=1&h1=0#XXXX
[10] Yili Hong, Jiayi Lian, Li Xu, Jie Min, Yueyao Wang, Laura J. Freeman, Xinwei Deng, “Statistical Perspectives on Reliability of Artificial Intelligence Systems”, arXiv:2111.05391
[11] A. Mahfouz, T. M. Mahmoud, and A. S. Eldin, “A survey on behavioral biometric authentication on smartphones,” Journal of Information Security and Applications, vol. 37, pp. 28–37, Dec. 2017, doi: 10.1016/j.jisa.2017.10.002.
[12] Ali, Tariq Emad, Yung-Wey Chong, and Selvakumar Manickam. 2023. "Machine Learning Techniques to Detect a DDoS Attack in SDN: A Systematic Review" Applied Sciences 13, no. 5: 3183. https://doi.org/10.3390/app13053183
[13] Afif.(2022) , “Weak Features Removal Via Feature Ranking to Prevent Impersonation Attack on Smartphone Behavior Biometric System,” Thesis, CSIE, NCU, Taoyaun, 2022. Available: http://ir.lib.ncu.edu.tw:88/thesis/view_etd.asp?URN=110522612
[14] R. Das, The Science of Biometrics: Security Technology for Identity Verification. Routledge, 2018.
[15] C.-C. Lin, C.-C. Chang, and D. Liang, “An Approach for Authenticating Smartphone Users Based on Histogram Features,” in 2015 IEEE International Conference on Software Quality, Reliability and Security, Aug. 2015, pp. 125–130. doi: 10.1109/QRS.2015.27.
[16] H. Wu, H. Han, X. Wang and S. Sun, "Research on Artificial Intelligence Enhancing Internet of Things Security: A Survey," in IEEE Access, vol. 8, pp. 153826-153848, 2020, doi:10.1109/ACCESS.2020.3018170
[17] Battista Biggio, Blaine Nelson, Pavel Laskov, “Poisoning attacks against support vector machines”, In International Conference on Machine Learning (ICML), pages 1467–1474, 2012
[18] Ian J. Goodfellow, Jonathon Shlens, and Christian Szegedy, “Explaining and Harnessing Adversarial Examples,” International Conference on Learning Representations, Vol. 3, San Diego, CA, USA, May 7-9, 2015
[19] Jianyi Liu, Yu Tian, Ru Zhang, Youqiang Sun, Chan Wang, ”A Two-Stage Generative Adversarial Networks With Semantic Content Constraints for Adversarial Example Generation “, 2020 Journal IEEE Access Vol: 8
[20] Keji Han, Yun Li, and Bin Xia, “A Cascade Model-Aware Generative Adversarial Example Detection Method”, Tsinghua Science and Technology, Volume 26, No. 6, December 2021, pp. 800–812
[21] Heng Li, ShiYao Zhou, “Adversarial-Example Attacks Toward Android Malware Detection System”, IEEE Systems Journal PP(99):1-4, April 2019
[22] W. Yuan, Y. Jiang, H. Li and M. Cai, "A Lightweight On-Device Detection Method for Android Malware," in IEEE Transactions on Systems, Man, and Cybernetics: Systems, vol. 51, no. 9, pp. 5600-5611, Sept. 2021, doi: 10.1109/TSMC.2019.2958382.
[23] Donghua Wang, Li Dong, Rangding Wang, Diqun Yan, “Targeted Speech Adversarial Example Generation With Generative Adversarial Network”, IEEE Access, PP(99):1-1, June 2020
[24] Seok-Hwan Choi, Jin-Myeong Shin, Peng Liu and Yoon-Ho Choi, “ARGAN: Adversarially Robust Generative Adversarial Networks for Deep Neural Networks Against Adversarial Examples”, 2022 Journal IEEE Access, Vol. 10
[25] Meng Shen, Hao Yu, Liehuang Zhu, Ke Xu, Qi Li, Jiankun Hu, “Effective and Robust Physical-World Attacks on Deep Learning Face Recognition Systems”, IEEE Transactions on Information Forensics and Security PP(99):1-1, August 2021
[26] Yaoyao Zhong, Weihong Deng, “Towards Transferable Adversarial Attack against Deep Face Recognition”, https://www.researchgate.net/publication/340618305_Towards_Transferable_Adversarial_Attack_against_Deep_Face_Recognition
[27] avrondzhon Gafurov, Einar Snekkenes, Member, IEEE, and Patrick Bours. Spoof Attacks on Gait Authentication System. IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, VOL. 2, NO. 3, SEPTEMBER 2007.
[28] I. Syarif, A. Prugel-Bennett, and G. Wills, “SVM Parameter Optimization using Grid Search and Genetic Algorithm to Improve Classification Performance,” TELKOMNIKA (Telecommunication Computing Electronics and Control), vol. 14, p. 1502, Dec. 2016, doi: 10.12928/telkomnika.v14i4.3956.
[29] Ashfaque Maat, Johar & Iqbal, Amer. (2019). Introduction to Support Vector Machines and Kernel Methods.
[30] U. Gawande and Y. Golhar, “Biometric security system: A rigorous review of unimodal and multimodal biometrics techniques,” International Journal of Biometrics, vol. 10, p. 142, Jan. 2018, doi: 10.1504/IJBM.2018.091629.

指導教授

梁德容張欽圳(Deron Liang Chin-Chun Chang)

審核日期

2023-8-8

推文