Velody

Research Overview

Successful attacks on “static” biometrics such as fingerprints have been reported where an adversary acquires users’ biometrics stealthily and compromises non-resilient biometrics. To mitigate the vulnerabilities of static biometrics, we leverage the unique and nonlinear hand-surface vibration response and design a system called Velody. Velody relies on two major properties in hand-surface vibration responses: uniqueness of human hands, and nonlinearity, preventing attackers from predicting an unseen response. Velody employs a challenge-response protocol with low-effort enrollment and authentication, stopping both replay and synthesis attacks.

We build a prototype to verify its usability and security. Our results show that Velody demonstrates both strong security and long-term consistency with a low equal error rate (EER) of 5.8% against impersonation attack while correctly rejecting all other attacks.

 

System and Threat Model

The authenticator service (S) grants permission for the user (U) to use smart devices (D). U requests authentication from S through the Velody terminal (V). V generates a vibration challenge assigned by S and collects the response for S. We assume a secure training for S . For each authentication request, S randomly selects one disposable challenge and verifies the claimed identity U. Once U is verified and authenticated, the authorized contents will be distributed to D.

We aim to defend against a strong attacker (A) who can overhear the communication between V and S during authentication and impersonate U or inject response by replaying or prediction.

Challenge Design and Response Processing

For each challenge, we allocate:

  • 1 frequency chirp: evokes broadband user-distinct frequency response
  • 20 sine waves of random frequencies: evokes complex nonlinear effects along with the frequency chirp

In the experiment, we generate 100 different challenge-response pairs (CRPs) with random frequencies. The statistical features of responses’ cepstrum are extracted. For each CRP, we train one one-class k-nearest neighbor classifier without the knowledge for other users’ data for privacy.

System Prototype

The prototype of Velody consists:

  • 1 vibration speaker to play the vibration challenge
  • 1 copper surface as vibration propagation medium
  • 2 accelerometers for collecting vibration responses

The challenges and responses are played and collected via a PC, and this setup can be further optimized and scaled in more real-world settings.

Evaluation

We conduct a user study of 15 users across one and a half months to verify the security and usability of Velody. The setup for security and usability evaluation is:

Security: (1) zero-effort (zero) (2) impersonation (imp.) (3) replay (raw) (4) synthesis (TF-E, TF-O, NI-E, NI-O, FT)

Usability: (1) intraday (30 mins apart but within one day) (2) interday (>5 days apart)

The equal error rate (EER) between false negative rate (FNR) of interday sessions and false positive rate of impersonation is as low as 5.8%, at which all other attacks are stopped.

Publication

Velody: Nonlinear Vibration Challenge-Response for Resilient User Authentication
Jingjie Li, Kassem Fawaz, Younghyun Kim
ACM Conference on Computer and Communications Security (CCS), 2019
paper

@inproceedings{li2019velody,
  title={Velody: Nonlinear Vibration Challenge-Response for Resilient User Authentication},
  author={Li, Jingjie and Fawaz, Kassem and Kim, Younghyun},
  booktitle={Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security},
  pages={1201--1213},
  year={2019},
  organization={ACM}
}