-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathbackground.tex
18 lines (13 loc) · 4.43 KB
/
background.tex
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
\section{Background}
\subsection{Facial Expression}
Facial expression is driven by a series of muscles movements beneath the skin of the face. These movements convey the individual's emotion status so that facial expressions are a form of nonverbal language to convey information in social interaction. Studies have discovered that there are at least 21 kinds of facial expressions including six basic expressions~\cite{Ekman1972} and compound expressions consisted of the six basic expressions~\cite{Du2014Compound}. Psychologist stated that almost 55\% volume of information are conveyed through facial expression in communication~\cite{Lebow2009Communication}. Thus, facial expressions carry a large amount of information in daily communication. Facial expression is pervasively used in human centered interfaces such as virtual reality~\cite{Bekele2013Understanding}, user profiling~\cite{Arapakis2009Integrating} and mental health~\cite{Acharya2012Impact} as it can present the individual's mental status. Unlike previous applications, in this paper, we discover that facial expressions also can be applied in recognize individual's identity because they are motivated by both individual's unique facial physiological structure and psychological activity. To the best of our knowledge, this is the first work to explore facial expressions as a biometrics on the smartphone.
\subsection{Adversary Model}
In adversary model, we assume an adversary wants to steal some sensitive information from or to install malware on victim's device. And we also assume that the adversary have the following abilities: (1) he can physically access to the target device for a short period of time; (2) he has the ability of impersonating the legitimate user for authenticating to the target device and (3) he is able to filmed the authentication process from a concealed angle
since the authentication process can be observed in terms of the frequent use of smartphone.
\noindent \textbf{Potential Attacks} Given the above abilities that the adversary owns, we focus on two types of attack approaches that the adversary is able to perform:
\begin{itemize}
\item \emph{Impersonation Attack} The adversary can mimic victim's expression to gain the access authority to the smartphone after temporary accessing to the target device. This is common attacks and is effective for some authentication methods such as keystroke~\cite{Phoha2012Hidden} and touch gestures~\cite{de2012touch}. This attack can evaluate the robustness of biometric authentication system by calculating the Equal Error Rates (EER), which we further discussed in Section XX.
\item \emph{Replay Attack} Since the frequent use of smartphone, the adversary can record the entire authentication process from an unnoticeable position and replay the recorded authentication attempt to the authentication system. This poses a serious threat to current facial recognition system~\cite{GoldenEye2012Hegde}. Our authentication system can effectively immune to this type of attack by detecting the facial deformation features, which is further detailed introduces in Section XX.
\end{itemize}
We believe the assumption that the attacker is able to access to legitimate user's authentication process is reasonable. This is because we are living in an age of interconnection and surrounded by many wireless or wired sensors so that it is possible to record our daily behaviors such as entire authentication process. However, most existing static biometric-based authentications such as iris and face recognition~\cite{Boehm2013SAFE}, are not secure under such assumptions. Our approach, in some extent, can prevent this this type of replay attack, which is one of the major strengths.
\noindent \textbf{Limitations} We do not consider the adversary is able to record the entire authentication process from the same view angle as the target device front camera. We believe this assumption is reasonable because it would arouse suspicion that recording the video from the right front view of users. Another potential threat to dynamic facial authentication system is that the attacker is able to compound facial expressions by construct 3D facial models~\cite{Xu2016VirtualU}. However, this cannot pose threat to our authentication system as the compound facial expressions are not driven by user's real emotion statue so that the facial deformation features are not the same as real ones.