Abstract
The photo response non-uniformity of a smartphone camera is a reliable hardware fingerprint that can be used to authenticate the smartphone owner. This type of camera-based authentication is convenient and of low cost since it requires only pictures taken by a smartphone. However, as shown in this paper, existing camera-based authentication systems are either impractical or subject to fingerprint forgery attacks, in which an adversary intentionally submits forged pictures with fake fingerprints. We propose Camera in Motion (CIM), a practical and reliable camera-based smartphone authentication system. In CIM , a user is asked to move his/her smartphone along a specific route, take pictures of QR codes displayed on the verifier’s interface in burst mode , and submit particular burst pictures to the verifier for authentication. We find that, because burst images are captured in rapid succession, the random noise components of a captured image can be partially preserved across multiple images that are captured in a row. The preserved noise forms a forgery-sensitive noisechain embedded in burst images. We also find that there exists various correlations between the movement of the camera and the noise components of the captured images. The noisechain and these correlations are then explored for forgery detection. We performed extensive experiments with 22 smartphones of 5 different models. Our experiment results show that CIM can achieve 100% true acceptance rate at 0% false acceptance rate in both fingerprint matching and forgery detection.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
More From: IEEE Transactions on Information Forensics and Security
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.