Want to keep learning?

This content is taken from the Newcastle University's online course, Cyber Security: Safety at Home, Online, in Life. Join the course to learn more.

Skip to 0 minutes and 15 seconds The way we are interacting with objects is constantly evolving. And we have now many different devices that can interact remotely or without any contact. So for instance, you can now set up your thermostat remotely, you can open your blinds, you can unlock your bike, or unlock your home door, and you can even purchase in shops without any contact. What we’re trying to do at Newcastle University is to assess and investigate this different type of interaction, which can bring exciting new ways of usability, but also a new types of security threat.

Skip to 0 minutes and 49 seconds And so I’m joined today with Arthur Demanuele, who is one of our top students in the Advanced MSc in Computer Science and who is working exactly on understanding the security issue in this context. So Arthur, can you tell us a bit more about your research project? I’m really interested in the problem of how to authenticate someone while they’re paying at a shop. And I’m hoping to use behavioural biometrics in order to authenticate them. So we’ve seen that authentication is the idea of verifying that the identity of a person or an object is the right one. Can you explain a bit more what is behavioural biometrics. First of all, let’s explain what biometrics are.

Skip to 1 minute and 29 seconds We can authenticate people generally using three different types of authentication. First is by something that the user knows, for example, a password. Second is by something that the user has, such as a smart card or a key. And thirdly, we can authenticate someone by something that the user is, for example, using their fingerprints. This last form of authentication is generally referred to as biometrics. And then that is split up into two different types. First, physiological biometrics, which analyses different physiological traits of a user’s body and use that for authentication. And the second type is behavioural biometrics in which a user’s behaviour is used for authentication, such as, for example, their signature or the way that they speak.

Skip to 2 minutes and 18 seconds So basically, the idea is that we use something that we always do to improve the security of when we pay in a shop. So how exactly do you plan to use this? So the idea came to me first when I was waiting in line at the shop. And I noticed how different people were waiting in line in different ways. Some people were using their phones, some had their arms folded, some had their hands in their pockets. And I thought it would be a good idea to use this behaviour in order to have an extra level of security while we’re paying at the counter.

Skip to 2 minutes and 53 seconds I’m hoping to use a Microsoft Kinect in order to read and record people performing these gestures and then use that for authenticating them. So basically I would enter the shop, the Kinect would track me, would track my movement. And so when I approached the counter and I want to pay, the counter somehow knows it’s me and not someone else who just tried to pretend to be me. Is that correct? Yes, exactly. However in this case, you’d need to register a behaviour somehow with the shop beforehand. In an ideal world, you wouldn’t need to use your card at all. You’d simply pay by using your gestures. However, we’re not quite there yet.

Skip to 3 minutes and 30 seconds Based on the research you’ve done and the different experiments you’ve conducted so far, do you think is it possible to use the Kinect? Can the Kinect distinguish between me and someone pretending to be me? So that’s exactly what we’re investigating. Currently, we’re trying to establish the false positive and false negative rates of such a system. False positive being when the system authenticates someone who is not you. And false negatives would be when the system does not recognise you entirely. We’re currently using a predefined set of gestures in order to test the system, such as for example, folding your arms or having your hands in your pockets.

Skip to 4 minutes and 6 seconds And we found that the Kinect is very good at identifying when a gesture is being performed. However, it may not be as good at differentiating between two different people performing the same gesture. Well, many thanks, Arthur. And good luck for your research. So what we’re trying to do in Newcastle University is not only to check whether a particular technique can be used or not, but to try to assess that technique against different sets of scientific metrics. So for instance, Arthur talked about false positive and false negative rate, which are the traditional way to talk about the trade-off between security and usability in biometrics.

Skip to 4 minutes and 46 seconds In the next video, we’ll talk about a particular piece of technology kit we’ve designed in Newcastle to allow students to conduct their own research experiments and to do their own assessments of new techniques for interacting between different objects.

Exploring security: biometric authentication

In this video Charles interviews Arthur Demanuele, and they discuss new ways of understanding contactless security.

Arthur introduces us to the concept of biometrics, explains what behavioural biometrics are and how he is researching behavourial biometrics using Microsoft Kinect to authenticate someone from their movements or gestures in a shop.

Share this video:

This video is from the free online course:

Cyber Security: Safety at Home, Online, in Life

Newcastle University

Get a taste of this course

Find out what this course is like by previewing some of the course steps before you join: