Welcome to NUS Face Group!

Home

People

Projects

Publication

Continuous Authentication

For most computer systems, once the identity of the user has been verified at login, the system resources are typically made available to the user until the user exits the system. This may be appropriate for low-security environments but can lead to session “hijacking” in which an attacker targets a post-authenticated session. In high risk environments or where the cost of unauthorized use of a computer is high, continuous verification, if it can be realized efficiently is important to reduce this window of vulnerability. By this we mean that biometric verification is not merely used to authenticate a session on startup, but that it is used in a loop throughout the session to continuously authenticate the presence/particapation of the user. Examples where continuous verification is desirable include the usage of computers for airline cockpit controls, in defense establishments, and in other processing that affects the security and safety of human lives. In such situations, the desirable default action might be to render the computer system ineffective when the authorized user is not the one controlling it.

One way to realize (an approximation of) continuous verification is to use passive but accurate biometric verification. However, a single biometric may be inadequate for passive verification either because of noise in data samples or because of unavailability of a sample at a given time. For example, face verification cannot work when frontal face detection fails because the user presents a non-frontal pose. To overcome this limitation, we propose to use multiple biometric modalities (eg. fingerprint + face). This not only increases verification accuracy, but also makes it harder for an imposter to attack the system.

We have implemented such a basic system in the Linux 2.4 kernel, as well as in Windows XP Pro. For a quick overview, please click on the poster or video demo below. In the near future, we plan to release the source code of our work, in order to encourage other researchers to experiment with this idea, and to make improvements. Please watch this page!

Poster on WACV 2005 [PDF]

We acknowledge the sponsorship of Microsoft Research Asia for this work, funded under project no. R 252-000-260-720.

Last Updated:

2007-06-11