Skip to main content
SpringerLink
Log in

User Authentication Using Human Cognitive Abilities

  • Conference paper
  • First Online:
Book cover Financial Cryptography and Data Security (FC 2015)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 8975))

Included in the following conference series:

Abstract

We present a novel approach to user authentication in which biometric data related to human cognitive processes, in particular visual search, working memory and priming effect on automatic processing, are captured and used to identify users. Our proposed system uses a carefully designed Cognitive Task (CT) that is presented to the user as a game, in order to capture a “cognitive signature” of the user. Our empirical results support the hypothesis that the captured cognitive signatures can identify users across different platforms. Our system provides a proof-of-concept for cognitive-based biometric authentication. We validate the robustness of our system against impersonation attack by experienced users, and show that it is hard to reproduce the cognitive signature by mimicking users’ gameplay.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Galotti, K.M.: Cognitive Psychology In and Out of the Laboratory. SAGE Publications Inc., Thousand Oaks (2013)

    Google Scholar 

  2. Sternberg, R.J.: Cognitive Psychology. Cengage Learning (2011)

    Google Scholar 

  3. Amazon mechanical turk. https://www.mturk.com/mturk/welcome. Accessed on 12/12/2014

  4. Gamboa, H., Fred, A.: A behavioral biometric system based on human-computer interaction. Proc. SPIE 5404, 381–392 (2004)

    Article  Google Scholar 

  5. Ahmed, A., Traore, I.: A new biometric technology based on mouse dynamics. IEEE Trans. Dependable Secure Comput. 4(3), 165–179 (2007)

    Article  Google Scholar 

  6. Zheng, N., Paloski, A., Wang, H.: An efficient user verification system via mouse movements. In: Proceedings of the 18th ACM Conference on Computer and Communications Security CCS 2011, pp. 139–150. ACM, New York (2011)

    Google Scholar 

  7. Frank, M., Biedert, R., Ma, E., Martinovic, I., Song, D.: Touchalytics: on the applicability of touchscreen input as a behavioral biometric for continuous authentication. IEEE Trans. Inf. Forensics Secur. 8(1), 136–148 (2013)

    Article  Google Scholar 

  8. Wickens, C.D., Lee, J.D., Liu, Y., Gordon-Becker, S.: Introduction to Human Factors Engineering, 2nd edn. Pearson, Upper Saddle River (2003)

    Google Scholar 

  9. Van Zandt, T., Townsend, J.T.: Self-terminating versus exhaustive processes in rapid visual and memory search: an evaluative review. Percept. Psychophys. 53(5), 563–580 (1993)

    Article  Google Scholar 

  10. Bargh, J.A., Chen, M., Burrows, L.: Automaticity of social behavior: direct effects of trait construct and stereotype activation on action. J. Pers. Soc. Psychol. 71(2), 230 (1996)

    Article  Google Scholar 

  11. Sala Della, S., Gray, C., Baddeley, A., Allamano, N., Wilson, L.: Pattern span: a tool for unwelding visuo-spatial memory. Neuropsychologia 37(10), 1189–1199 (1999)

    Article  Google Scholar 

  12. Adams, J.A.: Human Factors Engineering. Macmillan Publishing Co Inc., New York (1989)

    Google Scholar 

  13. Hick, W.E.: On the rate of gain of information. Q. J. Exp. Psychol. 4(1), 11–26 (1952)

    Article  Google Scholar 

  14. Wand, M.P., Jones, M.C.: Kernel Smoothing, vol. 60. CRC Press, Boca Raton (1994)

    Google Scholar 

  15. Zucchini, W., Berzel, A., Nenadic, O.: Applied smoothing techniques (2003)

    Google Scholar 

  16. Rudemo, M.: Empirical choice of histograms and kernel density estimators. Scand. J. Stat. 9, 65–78 (1982)

    MathSciNet  MATH  Google Scholar 

  17. Bowman, A.W.: An alternative method of cross-validation for the smoothing of density estimates. Biometrika 71(2), 353–360 (1984)

    Article  MathSciNet  Google Scholar 

  18. Jones, M.C., Marron, J.S., Sheather, S.J.: A brief survey of bandwidth selection for density estimation. J. Am. Stat. Assoc. 91(433), 401–407 (1996)

    Article  MathSciNet  MATH  Google Scholar 

  19. Bolle, R.: Guide to Biometrics. Springer, New York (2004)

    Book  Google Scholar 

  20. Brooke, J.: SUS-a quick and dirty usability scale. In: Jordan, J.W., Thomas, B., Weerdmester, B.A., McClelland, I.L. (eds.) Usability Evaluation in Industry, pp. 189–194. Taylor & Francis, London (1996)

    Google Scholar 

  21. Hamdy, O., Traoré, I.: Homogeneous physio-behavioral visual and mouse-based biometric. ACM Trans. Comput. -Hum. Interact. (TOCHI) 18(3), 12 (2011)

    Article  Google Scholar 

  22. Gaines, R.S., Lisowski, W., Press, S.J., Shapiro, N.: Authentication by keystroke timing: Some preliminary results. Technical report, DTIC Document (1980)

    Google Scholar 

  23. Villani, M., Tappert, C., Ngo, G., Simone, J., Fort, H.S., Cha, S.H.: Keystroke biometric recognition studies on long-text input under ideal and application-oriented conditions. In: Conference on Computer Vision and Pattern Recognition Workshop, 2006. CVPRW 2006, pp. 39–39. IEEE (2006)

    Google Scholar 

  24. Kung, S.Y., Mak, M.W., Lin, S.H.: Biometric Authentication: A Machine Learning Approach. Prentice Hall Professional Technical Reference, Upper Saddle River (2005)

    Google Scholar 

  25. Bojinov, H., Sanchez, D., Reber, P., Boneh, D., Lincoln, P.: Neuroscience meets cryptography: designing crypto primitives secure against rubber hose attacks. In: Proceedings of the 21st USENIX Security Symposium (2012)

    Google Scholar 

  26. Lewis, J.R., Sauro, J.: The factor structure of the system usability scale. In: Kurosu, M. (ed.) HCD 2009. LNCS, vol. 5619, pp. 94–103. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  27. Chiang, A., Atkinson, R.C.: Individual differences and interrelationships among a select set of cognitive skills. Mem. Cogn. 4(6), 661–672 (1976)

    Article  Google Scholar 

  28. Jensen, A.R.: Individual Differences in the Hick Paradigm. Ablex Publishing, Norwood (1987)

    Google Scholar 

  29. Dovidio, J.F., Gaertner, S.L.: Stereotyping, prejudice, and discrimination: Spontaneous and deliberative processes. Paper presented at the meeting of the Society of Experimental Social Psychology, Washington, DC., October 1995

    Google Scholar 

Download references

Acknowledgments

This research is in part supported by Alberta Innovates Technology Futures and Telus Mobility Canada.

Author information

Authors and Affiliations

  1. University of Calgary, Calgary, Canada

    Asadullah Al Galib & Reihaneh Safavi-Naini

Authors
  1. Asadullah Al Galib
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Reihaneh Safavi-Naini
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Asadullah Al Galib .

Editor information

Editors and Affiliations

  1. University of Innsbruck, Innsbruck, Austria

    Rainer Böhme

  2. NTT Laboratories, Tokyo, Japan

    Tatsuaki Okamoto

A Related Work

A Related Work

The work closest to ours, although it is a combination of mouse dynamics and cognitive factors, is that of Hamdy and Traore [21]. The authors combine visual search and short-term memory effect with mouse dynamics. Their system requires the user to search for letters on a shuffled virtual keyboard. However, it is highly likely that the exposure of the same virtual keyboard and the string of letters have affected the visual search process. The work in [25] uses the concept of implicit learning from cognitive psychology whereby the user is trained on a fixed sequence which can later be used during authentication. Our system does not rely on implicit learning and uses a random challenge sequence and so the user does not repeat the same sequence of activities. Individual differences in visual search task and information processing speed are evident from recent works [27, 28]. Individual differences in automatic processing due to priming are evident from [29].

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Al Galib, A., Safavi-Naini, R. (2015). User Authentication Using Human Cognitive Abilities. In: Böhme, R., Okamoto, T. (eds) Financial Cryptography and Data Security. FC 2015. Lecture Notes in Computer Science(), vol 8975. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-47854-7_16

Download citation

  • DOI: https://doi.org/10.1007/978-3-662-47854-7_16

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-662-47853-0

  • Online ISBN: 978-3-662-47854-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation