Delusio - Plausible Deniability For Face Recognition
Article No.: 249, Pages 1 - 13
Abstract
We developed an Android phone unlock mechanism utilizing facial recognition and specific mimics to access a specially secured portion of the device, designed for plausible deniability. The widespread adoption of biometric authentication methods, such as fingerprint and facial recognition, has revolutionized mobile device security, offering enhanced protection against shoulder-surfing attacks and improving user convenience compared to traditional passwords. However, a downside is the potential for third-party coercion to unlock the device. While text-based authentication allows users to reveal a hidden system by entering a special password, this is challenging with face authentication. We evaluated our approach in a role-playing user study involving 50 participants, with one participant acting as the attacker and the other as the suspect. Suspects successfully accessed the secured area, mostly without detection. They further expressed interest in this feature on their personal phones. We also discuss open challenges and opportunities in implementing such authentication mechanisms.
References
[1]
Abdulaziz Alzubaidi and Jugal Kalita. 2016. Authentication of smartphone users using behavioral biometrics. IEEE Communications Surveys & Tutorials 18, 3 (2016), 1998--2026.
[2]
Elia Anzuoni and Tommaso Gagliardoni. 2023. Shufflecake: Plausible Deniability for Multiple Hidden Filesystems on Linux. In Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security. 3033--3047.
[3]
Adam J Aviv, John T Davin, Flynn Wolf, and Ravi Kuber. 2017. Towards baselines for shoulder surfing on mobile authentication. In Proceedings of the 33rd Annual Computer Security Applications Conference. 486--498.
[4]
Adam J Aviv, Katherine Gibson, Evan Mossop, Matt Blaze, and Jonathan M Smith. 2010. Smudge attacks on smartphone touch screens. In 4th USENIX Workshop on Offensive Technologies (WOOT 10).
[5]
Attaullah Buriro, Bruno Crispo, Filippo Delfrari, and KonradWrona. 2016. Hold and sign: A novel behavioral biometrics for smartphone user authentication. In 2016 IEEE security and privacy workshops (SPW). IEEE, 276--285.
[6]
Ángel Alexander Cabrera, Will Epperson, Fred Hohman, Minsuk Kahng, Jamie Morgenstern, and Duen Horng Chau. 2019. FairVis: Visual analytics for discovering intersectional bias in machine learning. In 2019 IEEE Conference on Visual Analytics Science and Technology (VAST). IEEE, 46--56.
[7]
Anrin Chakraborti, Darius Suciu, and Radu Sion. 2023. Wink: deniable secure messaging. In 32nd USENIX Security Symposium (USENIX Security 23). 1271--1288.
[8]
Bing Chang, Yao Cheng, Bo Chen, Fengwei Zhang, Wen-Tao Zhu, Yingjiu Li, and Zhan Wang. 2018. User-friendly deniable storage for mobile devices. computers & security 72 (2018), 163--174.
[9]
Bing Chang, Zhan Wang, Bo Chen, and Fengwei Zhang. 2015. Mobipluto: File system friendly deniable storage for mobile devices. In Proceedings of the 31st annual computer security applications conference. 381--390.
[10]
Bing Chang, Fengwei Zhang, Bo Chen, Yingjiu Li, Wen-Tao Zhu, Yangguang Tian, Zhan Wang, and Albert Ching. 2018. Mobiceal: Towards secure and practical plausibly deniable encryption on mobile devices. In 2018 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN). IEEE, 454--465.
[11]
Bo Chen. 2020. Towards Designing A Secure Plausibly Deniable System for Mobile Devices against Multi-snapshot Adversaries--A Preliminary Design. arXiv preprint arXiv:2002.02379 (2020).
[12]
Niusen Chen, Bo Chen, and Weisong Shi. 2021. MobiWear: a plausibly deniable encryption system for wearable mobile devices. In EAI International Conference on Applied Cryptography in Computer and Communications. Springer, 138--154.
[13]
Sara Clayton. 2020. Rethinking the design of the race and ethnicity question on surveys. Retrieved January 13, 2023 from https://uxdesign.cc/rethinking-the-design-of-the-race-and-ethnicity-question-on-surveys-6f9066c69392
[14]
Mario Frank, Ralf Biedert, Eugene Ma, Ivan Martinovic, and Dawn Song. 2012. Touchalytics: On the applicability of touchscreen input as a behavioral biometric for continuous authentication. IEEE transactions on information forensics and security 8, 1 (2012), 136--148.
[15]
Bernhard Gründling. 2020. App-based (Im) plausible Deniability for Android. Ph.D. Dissertation. Master Thesis. Johannes Kepler University Linz.
[16]
Shuangxi Hong, Chuanchang Liu, Bingfei Ren, Yuze Huang, and Junliang Chen. 2017. Personal privacy protection framework based on hidden technology for smartphones. IEEE Access 5 (2017), 6515--6526.
[17]
Anil Jain, Ruud Bolle, and Sharath Pankanti. 1996. Introduction to biometrics. Springer.
[18]
A.K. Jain, S. Prabhakar, and Lin Hong. 1999. A multichannel approach to fingerprint classification. IEEE Transactions on Pattern Analysis and Machine Intelligence 21, 4 (1999), 348--359. https://doi.org/10.1109/34.761265
[19]
Teoh joo Fong, Azween Abdullah, NZ Jhanjhi, and Mahadevan Supramaniam. 2019. The coin passcode: A shouldersurfing proof graphical password authentication model for mobile devices. International Journal of Advanced Computer Science and Applications 10, 1 (2019).
[20]
Sung-Hwan Kim, Jong-Woo Kim, Seon-Yeong Kim, and Hwan-Gue Cho. 2011. A new shoulder-surfing resistant password for mobile environments. In Proceedings of the 5th International Conference on Ubiquitous Information Management and Communication. 1--8.
[21]
Diogo Marques, Tiago Guerreiro, Luis Carriço, Ivan Beschastnikh, and Konstantin Beznosov. 2019. Vulnerability & blame: Making sense of unauthorized access to smartphones. In Proceedings of the 2019 chi conference on human factors in computing systems. 1--13.
[22]
Michael Poznansky. 2022. Revisiting plausible deniability. Journal of Strategic Studies 45, 4 (2022), 511--533.
[23]
Praveen Kumar Rayani and Suvamoy Changder. 2023. Continuous user authentication on smartphone via behavioral biometrics: a survey. Multimedia Tools and Applications 82, 2 (2023), 1633--1667.
[24]
Chris Riley, Kathy Buckner, Graham Johnson, and David Benyon. 2009. Culture & biometrics: regional differences in the perception of biometric authentication technologies. AI & society 24 (2009), 295--306.
[25]
Adam Skillen and Mohammad Mannan. 2013. Mobiflage: Deniable storage encryptionfor mobile devices. IEEE Transactions on Dependable and Secure Computing 11, 3 (2013), 224--237.
[26]
Ioannis C Stylios, Olga Thanou, Iosif Androulidakis, and Elena Zaitseva. 2016. A review of continuous authentication using behavioral biometrics. In Proceedings of the SouthEast European Design Automation, Computer Engineering, Computer Networks and Social Media Conference. 72--79.
[27]
Mehreen Sumra, Sohail Asghar, Khalid S Khan, Juan M Fernández-Luna, Juan F Huete, and Aurora Bueno-Cavanillas. 2023. Smartphone apps for domestic violence prevention: a systematic review. International journal of environmental research and public health 20, 7 (2023), 5246.
[28]
Hung-Min Sun, Shiuan-Tung Chen, Jyh-Haw Yeh, and Chia-Yun Cheng. 2016. A shoulder surfing resistant graphical authentication system. IEEE Transactions on Dependable and Secure Computing 15, 2 (2016), 180--193.
[29]
Matthew Turk and Alex Pentland. 1991. Eigenfaces for recognition. Journal of cognitive neuroscience 3, 1 (1991), 71--86.
[30]
Esteban Vazquez-Fernandez and Daniel Gonzalez-Jimenez. 2016. Face recognition for authentication on mobile devices. Image and Vision Computing 55 (2016), 31--33. https://doi.org/10.1016/j.imavis.2016.03.018
[31]
Tarun Kumar Yadav, Devashish Gosain, and Kent Seamons. 2023. Cryptographic deniability: a multi-perspective study of user perceptions and expectations. In 32nd USENIX Security Symposium (USENIX Security 23). 3637--3654.
[32]
Adrienne Yapo and Joseph Weiss. 2018. Ethical implications of bias in machine learning. In Proceedings of the 51st Hawaii International Conference on System Sciences.
[33]
Xingjie Yu, Bo Chen, ZhanWang, Bing Chang,Wen Tao Zhu, and Jiwu Jing. 2014. Mobihydra: Pragmatic and multi-level plausibly deniable encryption storage for mobile devices. In Information Security: 17th International Conference, ISC 2014, Hong Kong, China, October 12--14, 2014. Proceedings 17. Springer, 555--567.
Index Terms
- Delusio - Plausible Deniability For Face Recognition
Recommendations
3-D face recognition: features, databases, algorithms and challenges
Face recognition is being widely accepted as a biometric technique because of its non-intrusive nature. Despite extensive research on 2-D face recognition, it suffers from poor recognition rate due to pose, illumination, expression, ageing, makeup ...
A bi-modal face recognition framework integrating facial expression with facial appearance
Among many biometric characteristics, the facial biometric is considered to be the least intrusive technology that can be deployed in the real-world visual surveillance environment. However, in facial biometric, little research attention has been paid ...
3D-2D face recognition with pose and illumination normalization
Highlights- Describes a conceptual framework for 3D-2D (or 2D-3D) face recognition.
- ...
AbstractIn this paper, we propose a 3D-2D framework for face recognition that is more practical than 3D-3D, yet more accurate than 2D-2D. For 3D-2D face recognition, the gallery data comprises of 3D shape and 2D texture data and the probes are ...
Comments
Please enable JavaScript to view thecomments powered by Disqus.Information & Contributors
Information
Published In
September 2024
1136 pages
Copyright © 2024 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 24 September 2024
Published in PACMHCI Volume 8, Issue MHCI
Check for updates
Author Tags
Qualifiers
- Research-article
Funding Sources
- dtec.bw ? Digitalization and Technology Research Center of the Bundeswehr
- German Research Foundation (DFG)
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 64Total Downloads
- Downloads (Last 12 months)64
- Downloads (Last 6 weeks)7
Reflects downloads up to 12 Dec 2024
Other Metrics
Citations
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in