The world’s leading publication for data science, AI, and ML professionals.

The Most Common Authentication Systems Explained

A novel approach to integrating speech recognition into authentication systems Part 1

AI APPLICATIONS

Photo by Ray Hennessy from Unsplash
Photo by Ray Hennessy from Unsplash

In the past decades, solutions for passwords and Authentication systems have witnessed significant development; however, current solutions have been hacked regularly and proved to be vulnerable in some ways. The most ubiquitous authentication approaches are text-based, graphic-based, and biometric-based, and each has its merits and demerits. As a machine learning researcher, I’m going to talk about how to combine AI with authentication systems. Before that, let’s understand more about the existing authentication systems to generate more ideas for future research.

You can regard this series of posts as a literature review in the authentication systems, focusing on EEG and Voice-Print. And in the last part of the series, I also present a novel idea to use speech recognition in the authentication system to achieve more security and resist attacks. For anyone interested in doing more research on this topic or turning this idea into a research paper, feel free to use the idea but please mention the origin and tell me about how it goes:)

With all that being said, let’s get started!


This series of blogs will focus on three parts:

  1. Comparing the above three common authentication categories.
  2. Analyzing electroencephalogram (EEG)-based biometric authentication systems in detail.
  3. Analyzing voice-based biometric authentication systems in detail and proposing a new idea for the Voice-based authentication systems using Machine Learning.

1. Text-based passwords

The most commonly used authentication method is textual Passwords; however, the most significant drawback is the trade-off between memorability and usability. The passwords that are hard to guess or to attack are usually hard to remember.

Textual passwords can be user-created or system-assigned. For user-created passwords, users tend to use their familiar words, such as the name of their pets, superheroes, or cities, in a combination of their date of birth. However, these kinds of passwords are easy to attack for attackers if they can get the associated information. For system-assigned passwords, for example, when you use Chrome and log in, attempting to create an account on a platform, you usually can choose the password Google created for you; however, this password will be way too tricky to remember because it contains random characters, symbols and numbers. The good thing is Google will save it for you for later use. The bad thing is that as long as attackers can hack your computer, they have access to your account.

2. Graphic-based passwords

Graphical passwords have begun to be used in authentication systems because people can remember images better than texts. Still, they are easy to steal from others, thus providing a poor defence against shoulder-surfing attacks [1], which means obtaining confidential data such as passwords by looking over the victim’s shoulder. There are breakthroughs for graphic passwords schemes that are resistant to shoulder surfing. For example, users can draw a curve across their password images in a specific order rather than click directly on them. In the authentication process, users are displayed with de-graded images; the starting and the ending images are random to confuse the attackers.

3. Biometric-based passwords

Compared to other passwords, biometric-based passwords are harder to replicate and unique to individuals. Traditional biometric authentication modalities have been widely studied in the past decades, but each has its limitations. Fingerprints and facial recognition can be easily forged using simple spoof attacks [2]; the iris scan is not widely used in the industry because of the expensive implementation cost. Therefore, attention has been drawn to cognitive biometrics **** since the inherence of low cost. They are also confidential and secret to individuals; adversaries cannot steal or forge, and it is more robust to spoof and shoulder-surfing attacks.

3.1 Cognitive biometrics

Traditional authentication schemes[32-15717-2_10)]rely on EEG, electrocardiogram (ECG), and electrodermal response (EDR) as inputs. Thanks to the advances in biomedical instrumentation, the EEG signals can easily be measured using portal devices with dry electrodes; hence they are more acceptable for commercial and experimental usage. EEG signals are typically used in the medical environment. Still, in the recent era, they have widely been researched in other areas, including brain-computer interface [4], biometrics authentication [5], and brain-machine interface [6].

3.2 Voice recognition

Voice recognition has been more popular in industries. Applications such as Google Assistant and Apple Siri can interpret human words and communicate with people; some platforms can even be used to identify individuals, such as Microsoft Speaker recognition [7], Bob [8], and Dejavu [9].

For the next part of the series, I will delve deeper into the literature on EEG-based authentication and voice-based authentication systems. In the last part, I will propose a novel approach to combine speech recognition with authentication.

Stay tuned and welcome to leave a comment and connect with me on Linkedin.

Fangyi Yu – Mentor – DeepLearning.AI | LinkedIn

References:

[1] S. Wiedenbeck, J. Waters, J.-C. Birget, A. Brodskiy, and N. Memon, "Authentication using graphical passwords: Effects of tolerance and image choice," in Proceedings of the 2005 symposium on Usable privacy and security, 2005, pp. 1–12.

[2] K. A. Nixon, V. Aimale, and R. K. Rowe, "Spoof detection schemes," in Handbook of biometrics. Springer, 2008, pp. 403–423.

[3] K. Revett and S. T. de Magalhaes, "Cognitive biometrics: Challenges for the future," International Conference on Global Security, Safety, and Sustainability. Springer, 2010, pp. 79–86.

[4] T. O. Zander and C. Kothe, "Towards passive brain-computer interfaces: applying brain-computer interface technology to human-machine systems in general," Journal of neural engineering, vol. 8, no. 2, p. 025005,2011.

[5] S. Marcel and J. d. R. Mill ́an, "Person authentication using brainwaves(EEG) and maximum a posteriori model adaptation," IEEE transactions on pattern analysis and machine intelligence, vol. 29, no. 4, pp. 743–752, 2007.

[6] R. A. Andersen, S. Musallam, and B. Pesaran, "Selecting the signals for a brain-machine interface," Current opinion in neurobiology, vol. 14, no. 6, pp. 720–726, 2004.

[7] W. Xiong, L. Wu, F. Alleva, J. Droppo, X. Huang, and A. Stolcke, "The Microsoft 2017 conversational speech recognition system," in 2018 IEEE international conference on acoustics, speech and signal processing(ICASSP). IEEE, 2018, pp. 5934–5938.

[8] "Spear: A speaker recognition toolkit based on bob." [Online].

[9] "Dejavu: A audio fingerprinting and recognition algorithm implemented in python." [Online].


Related Articles