Investigation of 'cognitive fingerprints' to bolster computer passwords

Sep 10, 2012

(Phys.org)—It won't make passwords passé, but a team led by Southwest Research Institute (SwRI) intends to use "cognitive fingerprints" to make sure you are you, and not an imposter.

Even the strongest password can be used freely once it has been compromised by a . However, a novel software-based authentication tool called covert-conditioned biometrics will attempt to use a unique sequence of problem-solving moves to distinguish between a legitimate user and an identity thief. Research in support of the system is sponsored by the (DARPA).

Covert-conditioned biometrics will incorporate principles of , behavior modification and game theory to capture and discriminate aspects of the cognitive fingerprint that authenticate a user's identity.

"It will deploy covert games, mimicking ordinary human computer interactions. Authenticated users are likely to unknowingly develop strategies for playing the games, even if the games are imperceptible," said Jenifer Wheeler, a senior instructional specialist in the Learning Sciences and Systems Department of SwRI's Aerospace Electronics, Systems Engineering and Training Division.

"While legitimate users will unconsciously learn how to overcome the anomalies, imposters who have never seen the anomalies will respond differently, triggering an alert within the ," Wheeler explained.

SwRI has teamed with Sentier Strategic Resources LLC to combine SwRI's experience in behavioral modeling, educational software development and with Sentier's experience in and human-subjects testing. The team will use adaptive learning system principles to design the two major components of the system: a user model to represent a user's game strategies, and an assessment model to deploy varied games based on user model data and user behavior.

The nine-month project comprises four major phases: collecting behavioral information related to computer use and developing a persona of a typical user; design and development, determining which types of covert game-like interactions best authenticate users with minimal disruption; developing prototype user and assessment models; and final evaluation by testing the efficacy of the system with a large group of volunteer participants.

Explore further: Britain threatens Internet 'trolls' with two years in jail

add to favorites email to friend print save as pdf

Related Stories

Individual typing style gives key to user authentication

May 16, 2012

Your typing style is as individual as your fingerprints. Being able to use typing style to identify a change in users could be a vital security and forensic support for organisations such as banks, the military ...

Neuroscience joins cryptography

Jul 19, 2012

(Phys.org) -- Security experts are turning to cognitive psychology for fresh ideas on authentication. Hristo Bojinov of Stanford University and others on his team have a new authentication design based on ...

Who goes there? Verifying identity online

Feb 17, 2012

We are all used to logging into networks where we have a unique identity, verified by the network server and associated with our account for other members of the network to see. Such an identity-based network system is useful ...

Recommended for you

New iPad cellular models have Apple SIM flexibility

19 hours ago

Cellular-enabled iPad models are under a new paradigm, said AppleInsider, regarding the Apple SIM. Apple's newest iPad models with cellular connectivity use a SIM card which tech sites said could eventually ...

MasterCard, Zwipe announce fingerprint-sensor card

Oct 18, 2014

On Friday, MasterCard and Oslo, Norway-based Zwipe announced the launch of a contactless payment card featuring an integrated fingerprint sensor. Say goodbye to PINs. This card, they said, is the world's ...

User comments : 0