Elusive Metrics: Quantifying Security of Behavioural Biometrics Against Adversarial Attacks

dc.contributor.advisorKhan, Hassan
dc.contributor.authorStegman, Jonah
dc.date.accessioned2023-04-28T18:47:56Z
dc.date.available2023-04-28T18:47:56Z
dc.date.copyright2023-04
dc.date.created2023-04-19
dc.degree.departmentSchool of Computer Scienceen_US
dc.degree.grantorUniversity of Guelphen
dc.degree.nameMaster of Scienceen_US
dc.degree.programmeComputer Scienceen_US
dc.description.abstractBehavioural biometrics is gaining popularity as the interaction with smartphones and other smart technologies increases. Behaviour biometrics, such as voice or how a person types, are used to authenticate users through binary classification using machine learning classifiers. Our research investigates the limitations of widely used metrics to evaluate these biometric authentication systems. We show that the contemporary metrics provide misleading results for five diverse biometric authentication systems including gait, mouse, keystroke, swipe, and voice biometrics. For instance, when we evaluate the voice biometric on a dataset of 22 users using mean Accuracy and Equal Error Rate metrics, the results are quite promising, with a mean Accuracy score of 95% and mean Equal Error Rate of 0.04. However, a deeper analysis reveals that only four samples are required to bypass the whole population of 22 users using a simple bruteforce attack. Our deeper analysis of ten metrics across five behavioural biometrics show that these metrics provide misleading results. To better quantify the security of these biometrics, we propose four new metrics. These metrics include Bypass Rate of a Sample, Minimum Samples to Bypass N- Population, Coverage of Most Potent Sample, and Victims Successfully Bypassed by an Attacker. We revisit the security provided by behavioural biometrics using the proposed metrics and show that the proposed metrics provide much-needed clarity in terms of the performance of these metrics against adversarial attacks. We perform experiments to show that these metrics perform well for different dataset sizes. Future evaluations of behavioural biometrics should consider reporting these new metrics to provide insights into the security of the biometrics.en_US
dc.identifier.urihttps://hdl.handle.net/10214/27513
dc.language.isoenen_US
dc.publisherUniversity of Guelphen
dc.rights.licenseAll items in the Atrium are protected by copyright with all rights reserved unless otherwise indicated.
dc.subjectBehavioural Biometricsen_US
dc.subjectSecurityen_US
dc.subjectMachine Learningen_US
dc.subjectAdversarial Attacksen_US
dc.subjectMetricsen_US
dc.titleElusive Metrics: Quantifying Security of Behavioural Biometrics Against Adversarial Attacksen_US
dc.typeThesisen

Files

Original bundle
Now showing 1 - 1 of 1
Loading...
Thumbnail Image
Name:
Stegman_Jonah_202304_MSc.pdf
Size:
1.44 MB
Format:
Adobe Portable Document Format
Description: