Utilizing Human Cognitive Abilities in User Identification and CAPTCHA
| atmire.migration.oldid | 2869 | |
| dc.contributor.advisor | Safavi-Naini, Reihaneh | |
| dc.contributor.author | Galib, Asadullah Al | |
| dc.date.accessioned | 2015-01-21T22:34:40Z | |
| dc.date.available | 2015-02-23T08:00:39Z | |
| dc.date.issued | 2015-01-21 | |
| dc.date.submitted | 2015 | en |
| dc.description.abstract | Secure authentication is necessary for everyday applications, such as logging in to a personal computer, making a financial transaction or boarding an aircraft. We present a novel approach to user authentication in which biometric data related to human cognitive processes, in particular visual search, working memory and priming effect on automatic processing, are captured and used to identify users. Our proposed system uses a carefully designed Cognitive Task (CT) that is presented to the user as a game, in order to capture a “cognitive signature” of the user. Our empirical results support the hypothesis that the captured cognitive signatures can identify users across different platforms. Our system provides a proof-of-concept for cognitive-based biometric authentication. We validate the robustness of our system against impersonation attack by experienced users, and show that it is hard to reproduce the cognitive signature by mimicking users' gameplay. Ensuring that the access to a system is performed only by a human rather than a computer program or bot is another important security concern in online services. We propose a new approach to Captcha which estimates human cognitive ability, in particular visual search ability, to differentiate humans from computers. We refer to this Captcha as Movtcha (Matching Objects by Visual Search To Tell Computers and Humans Apart). The design of Movtcha takes into account the analysis of human behavior to minimize noise during cognitive feature estimation. Our empirical results suggest that Movtcha can provide accuracy and usability comparable to other established Captchas. We show that Movtcha is resistant against random, automated, inference and static relay attacks. Our system is suitable for large scale applications since image selection, challenge generation and response evaluation are automated. Movtcha surpasses language and experience barriers by presenting both challenge and response in clear form and therefore can be used by people all across the world. | en_US |
| dc.identifier.citation | Galib, A. A. (2015). Utilizing Human Cognitive Abilities in User Identification and CAPTCHA (Master's thesis, University of Calgary, Calgary, Canada). Retrieved from https://prism.ucalgary.ca. doi:10.11575/PRISM/28624 | en_US |
| dc.identifier.doi | http://dx.doi.org/10.11575/PRISM/28624 | |
| dc.identifier.uri | http://hdl.handle.net/11023/2015 | |
| dc.language.iso | eng | |
| dc.publisher.faculty | Graduate Studies | |
| dc.publisher.institution | University of Calgary | en |
| dc.publisher.place | Calgary | en |
| dc.rights | University of Calgary graduate students retain copyright ownership and moral rights for their thesis. You may use this material in any way that is permitted by the Copyright Act or through licensing that has been assigned to the document. For uses that are not allowable under copyright legislation or licensing, you are required to seek permission. | |
| dc.subject | Computer Science | |
| dc.subject.classification | Authentication | en_US |
| dc.subject.classification | Captcha | en_US |
| dc.subject.classification | Security | en_US |
| dc.subject.classification | Biometrics | en_US |
| dc.title | Utilizing Human Cognitive Abilities in User Identification and CAPTCHA | |
| dc.type | master thesis | |
| thesis.degree.discipline | Computer Science | |
| thesis.degree.grantor | University of Calgary | |
| thesis.degree.name | Master of Science (MSc) | |
| ucalgary.item.requestcopy | true |