Hiding Your Signals: A Security Analysis of PPG-Based Biometric Authentication

Lin Li; Chao Chen; Lei Pan; Yonghang Tai; Jun Zhang; Yang Xiang

doi:10.1007/978-3-031-51479-1_10

Back

Hiding Your Signals: A Security Analysis of PPG-Based Biometric Authentication

Conference proceeding

Peer reviewed

Hiding Your Signals: A Security Analysis of PPG-Based Biometric Authentication

Lin Li, Chao Chen, Lei Pan, Yonghang Tai, Jun Zhang and Yang Xiang

Computer Security - ESORICS 2023, PT III, Vol.14346, pp.183-202

Lecture Notes in Computer Science

European Symposium on Research in Computer Security (The Hague, The Netherland, 25/09/2023 - 29/09/2023)

01/01/2024

DOI: https://doi.org/10.1007/978-3-031-51479-1_10

Appears in Recent Faculty of Science and Engineering Publications

Metrics

1 Record Views

Abstract

Computer Science

Computer Science, Artificial Intelligence

Computer Science, Theory & Methods

Science & Technology

Technology

Telecommunications

Recently, physiological signal-based biometric systems have received wide attention. Photoplethysmogram (PPG) signal is easy to measure, making it more attractive than many other physiological signals for biometric authentication. However, with the advent of remote PPG, unobservability has been challenged when the attacker can remotely steal the PPG signals by monitoring the victim's face, subsequently posing a threat to PPG-based biometrics. In this paper, we firstly analyze the security of PPG-based biometrics, including user authentication and communication protocols. We evaluate the signal waveforms and interpulse-interval information extracted by five rPPG methods. Our empirical studies on five datasets show that rPPG poses a serious threat to the authentication system. The success rate of the rPPG signal spoofing attack in the user authentication system reached 35%. The bit hit rate is 60% in inter-pulse-interval-based security protocols. Further, we propose an active defence strategy to hide the physiological signals of the face to resist the attack. It reduces the success rate of rPPG spoofing attacks in user authentication to 5%. The bit hit rate was reduced to 50%, which is at the level of a random guess. Our strategy effectively prevents the exposure of PPG signals to protect users' sensitive physiological data.

Details

Title: Hiding Your Signals: A Security Analysis of PPG-Based Biometric Authentication
Creators: Lin Li - Swinburne University of Technology
Chao Chen - RMIT University
Lei Pan - Deakin University
Yonghang Tai - Yunnan Normal University
Jun Zhang - Swinburne University of Technology
Yang Xiang - Swinburne University of Technology
Contributors: G Tsudik (Editor)
M Conti (Editor)
K Liang (Editor)
G Smaragdakis (Editor)
Publication Details: Computer Security - ESORICS 2023, PT III, Vol.14346, pp.183-202
Conference: European Symposium on Research in Computer Security (The Hague, The Netherland, 25/09/2023 - 29/09/2023)
Series: Lecture Notes in Computer Science
Publisher: Springer Nature
Number of pages: 20
Identifiers: 991013225624702368
Academic Unit: Faculty of Science and Engineering
Language: English
Resource Type: Conference proceeding

Hiding Your Signals: A Security Analysis of PPG-Based Biometric Authentication

Related links

Metrics

Abstract

Details

Southern Cross University Social media