Recommended
Recommended
More Related Content
Similar to Thumprint: Socially-Inclusive Local Group Authentication Through Shared Secret Knocks
Similar to Thumprint: Socially-Inclusive Local Group Authentication Through Shared Secret Knocks (20)
More from Sauvik Das
More from Sauvik Das (8)
Recently uploaded
Recently uploaded (20)
Thumprint: Socially-Inclusive Local Group Authentication Through Shared Secret Knocks
- 1. 1 Thumprint Socially-Inclusive Local Group Authentication Through Shared Secret Knocks Sauvik Das Gierad Laput Chris Harrison Jason Hong CMU HCII
- 2. 2 Socially-inclusive group authentication and member identification through shared secret knocks.
- 3. 3 Families Game consoles Nest Work Teams Kitchenettes Meeting rooms Classrooms Storage Tablets Small, local groups who collectively own and share resources.
- 4. 4 Divisive authentication requiring individual secrets is not ideal. But neither is authentication with non-identifying shared secrets. Creates social friction, security only as strong as “weakest link”. Precludes personalization, parental controls, audit logs.
- 5. Key Motivation Create an inclusive group authenticator that identifies individuals. 5
- 6. 6 Design Inspiration: Speakeasy secret knocks
- 7. Thumprint Overview 7 Users enter secret knocks on a sensor surface. Extract features that represent sensor signals. Learn individual and group knock expressions. Regulate access control through an end-point.
- 8. Registration 8 Each group member enters secret knock up to 10x on the sensor surface. Feature vectors extracted.
- 9. Supervised Feature Selection 9 f1: Zero-crossing rate f2: RMS f3: Total energy f4: FFT bins f5: Dominant frequency f6: Spectral flatness f7: Spectral centroid f8: D4 Wavelet coefficients … fn: Total Power fx fy
- 11. Training 11 Learn individual thumprint expressions by clustering each candidates attempts. Member 1 Member 2 Member 3 Less recent More recent
- 12. Authentication 12 Determine if unlabeled attempt is similar enough to candidate group member expressions. Member 1 Member 2 Member 3 Less recent More recent Unlabeled attempt
- 13. Evaluation 13 Can people enter thumprints consistently over time? Can casual but motivated adversaries be detected? Can individual group members be distinguished?
- 14. 14 3 groups of 5 participants in a 2-day study. Day 1: Participants watched recordings of a group- specific thumprint. Each asked to replicate 10x.
- 15. Token X Sound Only X Video + Wrong Token X X Video + Correct Token X X X Correct Token Sound File Video File Day 2: Participants independently replicated group thumprint from memory. Then asked to “break” other thumprints as one of four adversaries:
- 16. Procedure 16 Trained on data collected from the first day. Tested on data collected from the second day.
- 17. MeanClosestCluster Distance 0.0 0.2 0.4 0.6 0.8 Correct Member Wrong Member Video + wrong Sound only Token only Video + correct At a 0.45 threshold 12% EER <5% misidentification
- 18. Evaluation 18 Yes * Mostly * Can people enter thumprints consistently over time? Can casual but motivated adversaries be detected? Can individual group members be distinguished? Yes * * Should get better with more training data.
- 19. 19 Thumprint is an inclusive group authenticator that identifies individuals.
- 20. 20 Thumprint is a promising first step towards a future of socially-intelligent cybersecurity systems …but it is just a first step.
- 21. As computing melds with our physical worlds, security continues to interfere with our social lives.
- 22. How can we close the gap between the social requirements and the technical capabilities of interactive cybersecurity systems? Social Requirements Technical Capabilities
- 23. 23 Thumprint Socially-Inclusive Local Group Authentication Through Shared Secret Knocks Sauvik Das Gierad Laput Chris Harrison Jason Hong sauvik@cmu.edu