Biometric Authentication for the Mitigation of Human Risk on a Social Network

Abstract: The increasing reliance on digital systems in today's interconnected world has brought about a corresponding surge in cyber threats, making cybersecurity a critical concern. While technological advancements have bolstered the defense mechanisms, human factors remain a significant vulnerability. This paper explores the intersection of human factors and cybersecurity, focusing on how biometric authentication can serve as a potent mitigating strategy. The human element in cybersecurity encompasses a range of factors, including user behavior, cognitive biases, and susceptibility to social engineering attacks. Understanding and addressing these aspects is crucial for developing robust and effective cybersecurity measures. Traditional methods such as passwords and PINs, which heavily rely on user memory, are inherently vulnerable to human error, leading to weak access controls and unauthorized access. One key advantage of biometrics is the inherent difficulty in replicating or forging an individual's unique characteristics. Unlike passwords that can be forgotten, shared, or stolen, biometric traits are inherently tied to an individual, providing a more reliable means of authentication. Moreover, the seamless integration of biometrics into daily activities reduces the cognitive burden on users, potentially leading to increased compliance with security protocols.Biometric authentication presents a promising avenue for overcoming the limitations associated with traditional methods. By leveraging unique physiological characteristics, biometrics offer a more secure and user-friendly approach to identity verification. This paper proposes a one-time facial recognition system in conjunction with an online social network, where individuals belonging to the network have their own server participating in the WebID protocol. The WebID protocol enables control of individual identity and representing a network of individuals in a decentralized web of trust. A social network with the WebID protocol consists of trusted individuals, and acceptance can be done through a voting scheme where individuals must be able to vouch for a new member. Controlling the member population of a network can help to prevent against phishing attacks, by restricting communications to only members of the social network. However, this is not a perfect system, and biometrics can be used as an added layer of security to prevent successful attacks spurred on by human factors.Replacing traditional passwords with biometrics can help to mitigate social engineering attacks, though human privacy is still an important consideration for many individuals. Biometrics can compromise privacy, and we propose a scheme to represent biometrics in a one-time fashion that can still preserve a high recognition rate for accurate acceptance/rejection of individual verification. This is done using a combination of the Local Binary Patterns feature extraction technique with evolutionary computation techniques to evolve unique feature extractors (to be used one-time) that also maintain accurate recognition rates. Prior results have shown this technique to be effective on preliminary datasets, the work done in this paper will show the effectiveness of this technique in a social network combined with the WebID protocol to prevent successful cyber-attacks spawned from human error. Additionally, we’ll discuss ways privacy can be compromised, and how the one-time disposable biometrics system can preserve privacy.

Keywords: biometrics, social network, privacy, genetic algorithms, cyber security

DOI: 10.54941/ahfe1004763

Cite this paper:

​