I Can Think Like You! Towards Reaction Spoofing Attack on Brainwave-Based Authentication

Wei Yang Chiu, Weizhi Meng, Wenjuan Li

Research output: Chapter in book / Conference proceedingConference article published in proceeding or bookAcademic researchpeer-review

2 Citations (Scopus)

Abstract

In the coming period of Internet of Things (IoT), user authentication is one important and essential security mechanism to protect assets from unauthorized access. Textual passwords are the most widely adopted authentication method, but have well-known limitations in the aspects of both security and usability. As an alternative, biometric authentication has attracted much attention, which can verify users based on their biometric features. With the fast development of EEG (electro-encephalography) sensors in current headsets and personal devices, user authentication based on brainwaves becomes feasible. Due to its potential adoption, there is an increasing need to secure such emerging authentication method. In this work, we focus on a brainwave-based computer-screen unlock mechanism, which can validate users based on their brainwave signals when seeing different images. Then, we analyze the security of such brainwave-based scheme and identify a kind of reaction spoofing attack where an attacker can try to imitate the mental reaction (either familiar or unfamiliar) of a legitimate user. In the user study, we show the feasibility and viability of such attack.

Original languageEnglish
Title of host publicationSecurity, Privacy, and Anonymity in Computation, Communication, and Storage - 13th International Conference, SpaCCS 2020, Proceedings
EditorsGuojun Wang, Bing Chen, Wei Li, Roberto Di Pietro, Xuefeng Yan, Hao Han
PublisherSpringer Science and Business Media Deutschland GmbH
Pages251-265
Number of pages15
ISBN (Print)9783030688509
DOIs
Publication statusPublished - Feb 2021
Event13th International Conference on Security, Privacy, and Anonymity in Computation, Communication, and Storage, SpaCCS 2020 - Nanjing, China
Duration: 18 Dec 202020 Dec 2020

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume12382 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference13th International Conference on Security, Privacy, and Anonymity in Computation, Communication, and Storage, SpaCCS 2020
Country/TerritoryChina
CityNanjing
Period18/12/2020/12/20

Keywords

  • Biometric authentication
  • Biometric security
  • Brainwave-based unlock
  • EEG
  • Reaction spoofing attack

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)

Fingerprint

Dive into the research topics of 'I Can Think Like You! Towards Reaction Spoofing Attack on Brainwave-Based Authentication'. Together they form a unique fingerprint.

Cite this