Cognitive Fingerprints, the new frontier of authentication

DARPA is working on Cognitive Fingerprints authentication process to validate the user identity through the use of software based biometrics.

Security plays a crucial role in today’s world. Whether it is a multi-billion organization or a single person with a computer, security is important for all. One of the pillars for cyber security is the Authentication. People want an easy way to deal with authentication, but currently the only available technique is to remember and manage long cumbersome passwords.

Even this form of authentication is compromised now and then, because of the growing threat to the security domain as well as humans being the weakest link.

DARPA (Defense Advanced Research Projects Agency) has come up with an innovative approach to solve the difficulties faced during authentication with the help of a concept termed as Cognitive Fingerprints also called “Active Authentication.” This is a multi-million dollar contract to produce a new identity verification system based on users’ behavior.

“This program focuses on the behavioral traits that can be observed through how we interact with the world.  Just as when you touch something your finger you leave behind a fingerprint, when you interact with technology you do so in a pattern based on how your mind processes information, leaving behind a “cognitive fingerprint.“ reads a blog post on the “ACTIVE AUTHENTICATION” published by the DARPA. 

The logic behind this concept is to uniquely identify human patterns and use these parameters as the base for authentication. Fingerprints and retina scans are being used to authenticate the user but this technology demands setting up physical hardware which incurs huge costs.

 

DARPA’s vision is to eliminate these costs and, develop more robust and stable way of authentication. In our personal views this may completely replace the password-based authentication in near future. The project of “Cognitive Fingerprints” is divided into multiple phases, in a first phase the expert will focus their efforts into searching for biometrics that do not require the installation of additional hardware sensors, these could include how the user interacts with the machine or the way user uses the mouse or other system components. It may also include how user searches for some information, how user opens and reads documents or emails, and many more parameters.

“The first phase of the program will focus on researching biometrics that do not require the installation of additional hardware sensors, rather the program will look for research on biometrics that can be captured through the technology we already use looking for aspects of this “cognitive fingerprint”.

Subsequently, the experts from DARPA working on Cognitive Fingerprints will develop a solution to implement an authentication platform that implements the results of their research.

 “The later phases of the program will focus on developing a solution that integrates any available biometrics using a new authentication platform suitable for deployment on a standard Department of Defense desktop or laptop.” wrote the DARPA .

Cognitive Fingerprints have huge advantages as it will eliminate two crucial hurdles, the need of biometric based hardware and the need to remember complex long passwords.
In our personal view, this concept may face some hurdles as mentioned below. Though these are hypothetical issues but its worth to mention.

  • Compromise – Passwords can be changed or modified, if compromised. What will be the solution to Cognitive Fingerprints if in case these are compromised or masqueraded. Though this seems hypothetical, but giving a thought to this will make it more secure.
  • Behavioral Analysis – Robustness. The technology needs to be the most robust in tracking the behavior of a user. If it leads to false positives, then this active authentication technology may fail drastically.
  • Behavioral Changes. According to DARPA, this technology will authenticate users based on its behavioral parameters but what will be the outcome if the behavioral patterns of the same user are changed in the due courses of time. The crucial question remains is “How will the cognitive fingerprints technology adapt itself to such changes?”

The Cognitive Fingerprints seems promising and will solve many problems of authentication to a much greater extent.

All are waiting to get a glance of this technology soon.

About the Author Shivang Desai

Shivang Desai is a security researcher and certified security professional from India. He likes to research on recent security threats and landscapes, and write about the researches to make people aware about security domain” Follow him on Twitter.

Edited by Pierluigi Paganini

(Security Affairs –  Authentication, Cognitive Fingerprints)

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Recent Posts

American fast-fashion firm Hot Topic hit by credential stuffing attacks

Hot Topic suffered credential stuffing attacks that exposed customers' personal information and partial payment data.…

1 hour ago

Cisco addressed high-severity flaws in IOS and IOS XE software

Cisco addressed multiple vulnerabilities in IOS and IOS XE software that can be exploited to…

15 hours ago

Google: China dominates government exploitation of zero-day vulnerabilities in 2023

Google's Threat Analysis Group (TAG) and Mandiant reported a surge in the number of actively…

22 hours ago

Google addressed 2 Chrome zero-days demonstrated at Pwn2Own 2024

Google addressed two zero-day vulnerabilities in the Chrome web browser that have been demonstrated during…

1 day ago

INC Ransom stole 3TB of data from the National Health Service (NHS) of Scotland

The INC Ransom extortion group hacked the National Health Service (NHS) of Scotland and is threatening…

2 days ago

CISA adds Microsoft SharePoint bug disclosed at Pwn2Own to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft SharePoint vulnerability disclosed at the…

2 days ago

This website uses cookies.