Broken Heart: Privacy Leakage Analysis on ECG-Based Authentication Schemes

Authentications using biometrics, such as fingerprint recognition and electrocardiogram (ECG), have been actively used in various applications. Unlike traditional authentication methods, such as passwords or PINs, biometric-based authentication has an advantage in terms of security owing to its capa...

Full description

Saved in:
Bibliographic Details
Published in:Security and communication networks 2022-09, Vol.2022, p.1-14
Main Authors: Noh, Seungil, Kim, Jaehan, Lee, Seokmin, Kang, Youngshin, Park, Cheolsoo, Shin, Youngjoo
Format: Article
Language:English
Subjects:
Accuracy
Age
Algorithms
Authentication
Biometric recognition systems
Biometrics
Classification
Deep learning
Electrocardiography
Facial recognition technology
Fingerprint verification
Gender
Heart
Leakage
Machine learning
Methods
Muscle contraction
Personal information
Physiology
Privacy
Sensors
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Authentications using biometrics, such as fingerprint recognition and electrocardiogram (ECG), have been actively used in various applications. Unlike traditional authentication methods, such as passwords or PINs, biometric-based authentication has an advantage in terms of security owing to its capability of liveness detection. Among the various types of biometrics, ECG-based authentication is widely utilized in many fields. Because of the inherent characteristics of ECG, however, the incautious design of ECG-based authentication may result in serious leakage of personal private information. In this paper, we extensively investigate ECG-based authentication schemes previously proposed in the literature and analyze possible privacy leakages by employing machine learning and deep learning techniques. We found that most schemes suffer from vulnerabilities that lead to the leakage of personal information, such as gender, age, and even diseases. We also identified some privacy-insensitive ECG fiducial points by utilizing feature selection algorithms. Based on these features, we present a privacy-preserving ECG-based authentication scheme.
ISSN:1939-0114
1939-0122
DOI:10.1155/2022/7997509