Using Reflexive Eye Movements for Fast Challenge-Response Authentication

Eye tracking devices have recently become increasingly popular as an interface between people and consumer-grade electronic devices. Due to the fact that human eyes are fast, responsive, and carry information unique to an individual, analyzing person's gaze is particularly attractive for effortless biometric authentication. Unfortunately, previous proposals for gaze-based authentication systems either suffer from high error rates, or require long authentication times. We build upon the fact that some eye movements can be reflexively and predictably triggered, and develop an interactive visual stimulus for elicitation of reflexive eye movements that supports the extraction of reliable biometric features in a matter of seconds, without requiring any memorization or cognitive effort on the part of the user. As an important benefit, our stimulus can be made unique for every authentication attempt and thus incorporated in a challenge-response biometric authentication system. This allows us to prevent replay attacks, which are possibly the most applicable attack vectors against biometric authentication. Using a gaze tracking device, we build a prototype of our system and perform a series of systematic user experiments with 30 participants from the general public. We investigate the performance and security guarantees under several different attack scenarios and show that our system surpasses existing gaze-based authentication methods both in achieved equal error rates (6.3\%) and significantly lower authentication times (5 seconds).

[1]  Michele Nappi,et al.  GANT: Gaze analysis technique for human identification , 2015, Pattern Recognit..

[2]  Corinna Cortes,et al.  Support-Vector Networks , 1995, Machine Learning.

[3]  Tal Garfinkel,et al.  Reducing shoulder-surfing by using gaze-based password entry , 2007, SOUPS '07.

[4]  G. Gonzales,et al.  Information Technologies , 2019, Encyclopedia of Education and Information Technologies.

[5]  Katarzyna Harezlak,et al.  The Second Eye Movements Verification and Identification Competition , 2014, IEEE International Joint Conference on Biometrics.

[6]  John M Henderson,et al.  Stable individual differences across images in human saccadic eye movements. , 2008, Canadian journal of experimental psychology = Revue canadienne de psychologie experimentale.

[7]  L. Stark,et al.  The main sequence, a tool for studying human eye movements , 1975 .

[8]  Tomasz Kocejko,et al.  Gaze Pattern Lock for Elders and Disabled , 2012, ITIB.

[9]  Michael F. Land,et al.  Oculomotor behaviour in vertebrates and invertebrates , 2011 .

[10]  Heinrich Hußmann,et al.  Look into my Eyes! Can you guess my Password? , 2009 .

[11]  I E Lazarev,et al.  [Effect of eye dominance on saccade characteristics and slow EEG potentials]. , 2008, Fiziologiia cheloveka.

[12]  Oleg V. Komogortsev,et al.  Biometric identification via eye movement scanpaths in reading , 2011, 2011 International Joint Conference on Biometrics (IJCB).

[13]  W W Abbott,et al.  Ultra-low-cost 3D gaze estimation: an intuitive high information throughput compliment to direct brain–machine interfaces , 2012, Journal of neural engineering.

[14]  Ioannis Rigas,et al.  Biometric identification based on the eye movements and graph matching techniques , 2012, Pattern Recognit. Lett..

[15]  Oleg V. Komogortsev,et al.  Complex eye movement pattern biometrics: Analyzing fixations and saccades , 2013, 2013 International Conference on Biometrics (ICB).

[16]  Gerhard Rigoll,et al.  Gaze-based interaction on multiple displays in an automotive environment , 2011, 2011 IEEE International Conference on Systems, Man, and Cybernetics.

[17]  Donatella Spinelli,et al.  Fixation stability and saccadic latency in élite shooters , 2003, Vision Research.

[18]  Blase Ur,et al.  Can long passwords be secure and usable? , 2014, CHI.

[19]  Oleg V. Komogortsev,et al.  Ieee Transactions on Information Forensics and Security 1 , 2022 .

[20]  R A Abrams,et al.  Speed and accuracy of saccadic eye movements: characteristics of impulse variability in the oculomotor system. , 1989, Journal of experimental psychology. Human perception and performance.

[21]  Alan Kennedy,et al.  Book Review: Eye Tracking: A Comprehensive Guide to Methods and Measures , 2016, Quarterly journal of experimental psychology.

[22]  Cecilia R. Aragon,et al.  Biometric identification via an oculomotor plant mathematical model , 2010, ETRA.

[23]  Ivan Martinovic,et al.  Preventing Lunchtime Attacks: Fighting Insider Threats With Eye Movement Biometrics , 2015, NDSS.

[24]  Petroc Sumner,et al.  Determinants of saccade latency , 2011 .

[25]  Lazarev Ie,et al.  Effect of eye dominance on saccade characteristics and slow EEG potentials , 2008 .

[26]  Emiliano Miluzzo,et al.  EyePhone: activating mobile phones with your eyes , 2010, MobiHeld '10.

[27]  M. Fillmore,et al.  Age-group differences in saccadic interference. , 2007, The journals of gerontology. Series B, Psychological sciences and social sciences.

[28]  Martti Juhola,et al.  Biometric verification of a subject with eye movements, with special reference to temporal variability in saccades between a subject's measurements , 2014, Int. J. Biom..

[29]  Albrecht Schmidt,et al.  Increasing the security of gaze-based cued-recall graphical passwords using saliency masks , 2012, CHI.

[30]  Marcus Nyström,et al.  An adaptive algorithm for fixation, saccade, and glissade detection in eyetracking data , 2010, Behavior research methods.

[31]  Ioannis Rigas,et al.  Ieee Transactions on Information Forensics and Security This Is a Pre-print Only 1 , 2022 .

[32]  Pawel Kasprowski,et al.  First eye movement verification and identification competition at BTAS 2012 , 2012, 2012 IEEE Fifth International Conference on Biometrics: Theory, Applications and Systems (BTAS).

[33]  Michele Nappi,et al.  A New Gaze Analysis Based Soft-Biometric , 2013, MCPR.

[34]  A. Bahill,et al.  Why can't batters keep their eyes on the ball? , 1984 .

[35]  Yun Zhang,et al.  An Analysis of Eye Movement Based Authentication Systems , 2011 .

[36]  F. Volkmar,et al.  Visual fixation patterns during viewing of naturalistic social situations as predictors of social competence in individuals with autism. , 2002, Archives of general psychiatry.

[37]  Bogdan Hoanca,et al.  Gaze-based password authentication through automatic clustering of gaze points , 2011, 2011 IEEE International Conference on Systems, Man, and Cybernetics.

[38]  Jennie E. S. Choi,et al.  Vigor of Movements and the Cost of Time in Decision Making , 2014, The Journal of Neuroscience.

[39]  Ling Huang,et al.  SAFE: Secure authentication with Face and Eyes , 2013, 2013 International Conference on Privacy and Security in Mobile Systems (PRISMS).

[40]  Robin Walker,et al.  Control of voluntary and reflexive saccades , 2000, Experimental Brain Research.

[41]  O. V. Kolesnikova,et al.  Effects of Visual Environment Complexity on Saccade Performance in Humans with Different Functional Asymmetry Profiles , 2010, Neuroscience and Behavioral Physiology.

[42]  Pawel Kasprowski,et al.  Eye Movements in Biometrics , 2004, ECCV Workshop BioAW.

[43]  Usman Saeed Eye movements during scene understanding for biometric identification , 2016, Pattern Recognit. Lett..