Authors:
Md Morshedul Islam
and
Reihaneh Safavi-Naini
Affiliation:
Department of Computer Science, University of Calgary, Calgary, AB., Canada
Keyword(s):
Behavioral Authentication System, Substitute Classifier, Inverse Classifier, Impersonation Attack.
Abstract:
A Behavioral Authentication (BA) system uses behavioral characteristics of a user that is stored in their behavioral profile, to verify their future identity claims. BA profiles are widely used as a second factor to strengthen password based authentication systems. A BA verification algorithm takes the claimed identity of the user together with their presented verification data, and by comparing the data with the profile of the claimed identity it decides to accept or reject the claim. An efficient and highly accurate verification algorithms can be constructed by training a Deep Neural Network (DNN) on the users’ profiles. The trained DNN classifies the presented verification data and if the classification matches the claimed identity, accepts the claim, else reject it. This is a very attractive approach because it removes the need to maintain the profile database that is security and privacy sensitive. In this paper we show that query access to the DNN verification algorithm allows
an attacker to break security of the authentication system by constructing the profile of a user in the original training database and succeed in impersonation attack. We show how to construct an inverse classifier when the attacker has black-box access to the DNN’s output prediction vectors, truncated to a single component (highest probability value). We use a substitute classifier to approximate the unknown components of the prediction vectors, and use the recovered vectors to train the inverse classifier and construct the profile of a user in the database. We implemented our approach on two existing BA systems and achieved the average success probability of 29.89% and 45.0%, respectively. Our approach is general and can be used in other DNN based BA systems.
(More)