=Paper=
{{Paper
|id=Vol-3188/paper9
|storemode=property
|title=Behavioral Biometry as a Cyber Security Tool
|pdfUrl=https://ceur-ws.org/Vol-3188/paper9.pdf
|volume=Vol-3188
|authors=Maryna Chyzhevska,Nataliia Romanovska,Andrii Ramskyi,Vitalii Venger,Mykola Obushnyi
|dblpUrl=https://dblp.org/rec/conf/cpits/ChyzhevskaRRVO21
}}
==Behavioral Biometry as a Cyber Security Tool==
https://ceur-ws.org/Vol-3188/paper9.pdf
Behavioral Biometry as a Cyber Security Tool
Maryna Chyzhevska1, Nataliia Romanovska2, Andrii Ramskyi3, Vitalii Venger2,
and Mykola Obushnyi4
1
National University “Yuri Kondratyuk Poltava Polytechnic,” 24 Pervomaiskyi ave., Poltava, 36011, Ukraine
2
State Institution “Institute for Economics and Forecasting, NAS of Ukraine,” 26 Panasa Myrnoho str., Kyiv,
01011, Ukraine
3
Borys Grinchenko Kyiv University, 18/2 Bulvarno-Kudriavska str., Kyiv, 04053, Ukraine
4
Taras Shevchenko National University of Kyiv, 60 Volodymyrska str., Kyiv, 01033, Ukraine
Abstract
With the intensification of digitalization of all processes and activities, the issue of information
protection and increasing the level of cyber security is becoming important. Particular attention
in this aspect should be focused on the field of queuing. The article provides a brief overview
of digital transformation and data protection, which shows that the largest share is occupied by
accidents of server equipment, infrastructure / network equipment, applications, data storage
system equipment and cyber attacks. The authors focus on key aspects and trends related to the
cyber threat landscape; argued the need to introduce new tools for biometric identification and
authentication, the most promising of which is behavioral biometrics. The proposed
comparative characteristic of types of behavioral biometrics allowed to define spheres of their
application and to reveal the drawbacks and advantages.
Keywords 1
Cybers security, cyber attack, cyber threats, identification, authentication, digitalization,
behavioral biometrics.
1. Introduction
The last two years have been significant for the whole world in the paradigm shift of public
communications, which has led to the intensification of their digitalization. Despite the fact that traffic
in certain industries and activities has decreased, the number of fraudsters remains the same or even
increases. This makes the security situation much more complex and dynamic, as new threats become
much larger than before. There is a need to develop new approaches to effective technical solutions and
take into account the problem of cyber security. In addition, the global COVID-19 pandemic and the
resulting quarantine restrictions have changed the global communication landscape and approaches to
the use of digital services. Businesses and consumers around the world are forced to respond quickly to
changing realities.
2. Digital Transformation and Data Protection
2.1. The Main Problems of Cyber Security
Following the landmark attacks on SolarWinds in December 2020 and Microsoft Exchange in
January 2021, new attempts have been made in recent months. The operators of the extortionist
programs carried out incidents with high consequences - at Colonial Pipeline and JBS Foods, at Quanta,
Acer and Kaseya - and demanded ever higher ransoms.
CPITS-II-2021: Cybersecurity Providing in Information and Telecommunication Systems, October 26, 2021, Kyiv, Ukraine
EMAIL: marfin.poltava@gmail.com (M. Chyzhevska); romnatalina@gmail.com (N. Romanovska); a.ramskyi@kubg.edu.ua (A. Ramskyi);
vengerv@ukr.net (V. Venger); mobushnyy@gmail.com (M. Obushnyi)
ORCID: 0000-0003-1637-9564 (M. Chyzhevska); 0000-0002-1377-7551 (N. Romanovska); 0000-0001-7368-697X (A. Ramskyi); 0000-
0003-1018-0909 (V. Venger); 0000-0002-9121-5095 (M. Obushnyi)
©️ 2022 Copyright for this paper by its authors.
Use permitted under Creative Commons License Attribution 4.0 International (CC BY 4.0).
CEUR Workshop Proceedings (CEUR-WS.org)
88
� For industrial organizations, the number of attacks by extortionist programs increased by 500% in
the period from 2018 to 2021, and another 116% - only in the period from January to May 2021 [1].
A total of 20120074547 records were broken. In early 2021, Veeam conducted extensive research
on data protection. Based on the results, the Veeam Data Protection Report-2021 was written (Table 1).
The data show that the largest share is occupied by accidents of server equipment, infrastructure /
network equipment, applications, storage system equipment and cyber attacks. According to Forbes, in
2020, 1120 leaks and cyber attacks were recorded. Most of these incidents have been reported by the
world's leading media.
Table 1
Causes of equipment failure and disconnection of services, %
Indicator Causes of The most The most
accidents important for 2020 important for 2021
Server equipment failure 57 13 12
Infrastructure / network equipment 57 8 16
failure
Application crash 56 6 11
Data storage system hardware failure 51 15 8
Cyber attacks 51 7 16
Operating system failure 50 22 9
Administrator error in settings 46 6 6
Public cloud failure 45 10 8
Accidental deletion, overwriting or 44 3 8
data corruption
Intentional actions by the 37 8 5
administrator or user
2.2. Cyber Threats During the COVID-19 Pandemic
Countries, organizations and citizens have been greatly affected by the COVID-19 pandemic, which
has changed the conditions of activity, the activity itself and even life as a whole. Note that most cyber
attacks are usually not publicized due to reputational risks, and therefore it is extremely difficult to
calculate the exact number of threats, even for organizations involved in investigating incidents and
analyzing the actions of hacker groups. Most of these studies aim to draw the attention of organizations
and ordinary citizens who are interested in the current state of information security, to the most relevant
methods and motives of cyber attacks as well as to identify major trends in the change of the landscape
of cyber threats [2].
Let’s highlight key aspects and trends related to the cyber threat landscape [3–5]:
during the COVID-19 pandemic, the number of fake websites for online shopping and
fraudulent online sellers increased. From copies of popular brand websites to fraudulent services
that never supply the product, the corona virus has identified weaknesses in the trust model used in
online stores;
with the COVID-19 pandemic, the number of cyber bullying and extortion cases has also
increased. The introduction of mobile technologies and subscriptions to digital platforms make both
the younger generation and the elderly more vulnerable to these types of threats;
fraudsters use social media platforms to increase the effectiveness of targeted attacks, and
financial rewards are still the main motivation for most cyber attacks;
clearly targeted and ongoing attacks on valuable data, such as intellectual property and state
secrets, are carefully planned and often carried out by state-funded entities. Massive attacks with a
short duration and wide impact are used for various purposes, such as, for example, theft of
credentials;
89
� the number of phishing victims in the EU continues to rise when criminals use the COVID-19
theme to lure “customers.” COVID-19-themed attacks include messages and file attachments that
contain malicious links to redirect users to phishing sites or malware;
business e-mail manipulation and attacks are used in cyber fraud, resulting in the loss of
millions of Euros for EU citizens and corporations. European small and medium-sized enterprises
have also fallen victim to these threats;
many cases of cyber security still go unnoticed or are detected over time. The number of
potential threats in the virtual or physical environment continues to expand as a new phase of digital
transformation emerges.
Organized crime groups are taking advantage of the situation, uncertainty and doubts caused by
COVID-19 and inventing new ways to pose threats to IT and cyber security. In turn, businesses and
people want to have more information and support and be protected. Consumers want more control
over personal information and guarantees about its security in terms of content and secrecy from third
parties [6–9].
3. Biometric Information Protection
3.1. Biometric Authentication Technologies
In these conditions the use of biometrics as an effective means of confirming the correctness of
identification is important in solving queuing problems. It is quite attractive for an organization to
control any access, as biometrics provides a high level of authentication and can be integrated into any
access control system with different keys and passwords [10].
Threats to biometric systems can occur in the form of fictitious data transmission, when an attempt
is made to undermine the principles of system security by providing natural biometric characteristics or
artifacts that contain copied or forged characteristics in the middle.
Control access systems can be divided into three classes according to what a person has to present:
what he or she knows; what he or she owns; what is part of himself/ herself.
Biometrics uses scientifically justified methods to describe and measure the characteristics of the
body of living beings [11]. In relation to automatic identification systems, the term “biometric” means
that these systems and methods are based on the use of unique qualities of the human body for
identification and authentication.
Biometric identification is often called real authentication because it is based on a person's personal
characteristics, not on virtual keys or passwords. A feature of biometric identification is the large size
of biometric databases: each of the samples is compared with all available records in the database. For
use in real life, such a system requires a high speed comparison of biometric characteristics.
Two methods of authentication are used in biometrics:
1. Verification:
measurement data are compared with one record offered by an external identifier (nickname,
password or other identifier) from the database of registered users;
2. Identification:
the measurement data is compared with all entries in the database of registered users, and not
only with one of them, selected on the basis of the identifier.
The main purpose of biometrics is to create a registration system that rarely denies access to
legitimate users and at the same time completely eliminates the possibility of authorization of attackers.
3.2. Features of Application of Behavioral Biometrics
Modern authentication technology is behavioral biometrics, which involves the collection of a
variety of data [12,13]. For example, a smart phone that collects behavioral information may obtain
multiple measurement points to estimate the likelihood of fraudulent activity, while static biometrics
provides less raw data [14]. The combination of behavioral characteristics in different mathematical
algorithms makes it possible to obtain a more multifaceted user profile, which allows you to weed out
fraudsters. Its value lies in the fact that it can detect fraud at an early stage before the cyber attack.
90
� Behavioral biometrics can be adapted to a variety of devices, including smart phone operating
systems as a whole, not just applications. Each person has unique features of interaction with their
digital devices: the speed of typing on the keyboard, the force of pressing or the angle at which the
fingers move across the screen. It is almost impossible to reproduce such behavior by any another
person.
While behavioral biometrics is most commonly used by banks and financial institutions today,
experts are expected to use it in e-commerce, online services, healthcare, government and in many more
spheres in the near future [15].
Of course, as in any promising technology, there are pros and cons. Among the first are: inaccuracies
in identification due to the fact that user behavior is not always constant, which is associated with, for
example, fatigue, intoxication, malaise or haste, as well as the availability of many personal data to
determine standard behavior of a user. The positive features include the fact that each user has their
own unique set of behavioral characteristics that are analyzed; to perform the identification does not
require a change in the script intended for the user: the method of seamless integration; increased
recognition accuracy in multifactor identification systems [16].
There are several methods of behavioral biometrics [17]. Their comparative characteristics are
presented in Table 2.
Table 2
Methods of behavioral biometrics
Security
Usage
Industry level /
Method Description scenarios or Pros Cons
leaders accurac
scope
y level
Keystroke Brings Typing DNA, ID Device user High/hig No special The rhythm
dynamics standard Control, identification, h equipment of typing may
passwords to BehavioSec part of required; change due
a new level by multifactor speed and to fatigue,
tracking the authenticatio safety; illness,
rhythm of n, is used for difficult to exposure to
their input. surveillance copy by drugs or
Such sensors observation alcohol,
can respond changes in
to the time the keyboard;
required to it is not
press each possible to
key, the delay identify the
between the same person
keys, the using
number of different
characters keyboard
entered per layouts
minute, etc.
Keyboard
templates
work with
passwords
and PINs to
increase
security.
Signature A pen and a Aerial, Redrock Verification High/ It is almost High error
recognitio special tablet Biometrics, and average impossible rate until the
n connected to Sense, Oxford authorization to forge; user gets
a computer University, of documents, Widesprea used to the
are used to identification d in notebook for
91
� compare and Mobbeel in the banking business signing; hand
check sector practice; injuries can
patterns. A fast and affect the
high-quality safe; recognition
tablet can ease of accuracy
capture integration
behavioral
characteristic
s such as
speed,
pressure, and
time spent
signing. At the
registration
stage, a
person must
sign up
several times
on a tablet to
collect data.
Then,
signature
recognition
algorithms
extract
unique
characteristic
s such as
time,
pressure,
speed,
direction of
impact,
important
points on the
signature
path, and
signature size.
The algorithm
assigns
different
degrees of
importance to
these points
Recognitio The user must Apple Inc, Telephone High/low Ease of Sensitivity of
n of the say the word Microsoft, and Internet integration; technology to
speaker or phrase into Google LLC transactions, fast quality of a
the audio recognition microphone
microphone. signatures for time; and noise;
This is digital contactless risk of
necessary to documents, scanning counterfeitin
obtain a online g
sample of education
human systems,
language. The emergency
electrical services
signal of the
92
� microphone
will be
converted to
digital using
an analog-to-
digital
converter. It
is written to
computer
memory in
the form of a
digitized
sample. The
computer
then
compares and
tries to
compare the
voice of the
person
speaking with
the stored
digitized
sample and
identifies the
person.
Speaker
recognition
focuses on
the context of
the phrase
said by the
user, not on
the
recognition of
his voice
Voice Voice Nuance Online High/low Ease of Risk of
recognitio recognition Communication banking integration; counterfeitin
n function s, Google LLC, sector, fast g; inability to
compares a Amazon.com, emergency recognition reduce
spoken Apple Inc. services, call time; external
phrase to a center contactless noise;
digital recognition, scanning. problems
pattern. It is high demand . with
used as a for voice recognition
means of recognition in accuracy
identification healthcare
and
authenticatio
n in security
systems such
as access
control and
timekeeping.
The system
creates digital
93
� templates
with a very
high
probability of
correct
interpretation
. Each
person's voice
includes
physiological
and
behavioral
characteristic
s.
Physiological
aspects
depend on
the size and
shape of the
mouth,
throat, larynx,
nasal cavity,
body weight
and other
factors.
Behavioral
traits depend
on language,
level of
education
and place of
residence,
which can
lead to
certain
intonations,
accents and
dialects
Recognitio Stroke SFootBD, Medicine and Low/low Contactless Not as
n on the biometrics Watrix, Cometa criminology scanning; reliable as
go captures step Srl possibility other
patterns using to cover a biometric
video and large area; methods;
then converts fast clothing and
the mapped recognition footwear can
data into a time. affect the
mathematical Technology accuracy of
equation. This is evolving recognition
type of rapidly
biometrics is
invisible,
making it
ideal for mass
crowd
monitoring.
Another
94
� advantage is
that these
systems can
quickly
identify
people at a
long distance
Movement Lip Hong Kong Can be used High/low Contactless The
of lips` recognition is Baptist to improve scanning; technology is
recognitio one of the University, security fast being refined
n newest forms AimBrain, Liopa systems and recognition
of biometric complement time;
verification. biometrics increases
Just as a deaf such as face the
person can recognition, accuracy of
track the retina recognition
movement of scanning, and in
the fingerprinting combinatio
interlocutor's n with
lips, biometric other forms
systems of
record the biometrics
activity of the
muscles
around the
mouth,
forming a
pattern of
movement.
Biometric
sensors of
this type
often require
the user to
repeat the
password to
determine
the
appropriate
lip
movements,
and then
allow or deny
access based
on a
comparison
with the
recorded
sample.
Biometric data can be stored on different media depending on the type and specific biometric
technology. Data can be stored on a biometric database server as part of public infrastructure or can be
physically distributed to private companies. Biometric data can also be stored on smart phones that use
fingerprint and face recognition technology.
None of the above personal characteristics of an individual can be compared in reliability of
recognition with the genetic code of a person. However, practical methods of identification that use the
95
�unique features of fragments of the genetic code are currently rarely used due to their complexity and
high cost.
4. Conclusions
Thus, the identification of the individual as the consumer of information is becoming increasingly
important. It explains the huge interest in biometric technologies and the role of information, and hence
its protection from unauthorized access. They are quite attractive for the organization in charge of
access, as they provide a high level of authentication, can be integrated into any access control system
simultaneously with different keys and passwords.
5. References
[1] Dangerous extortionist programs attack: how not to become the next victim.
https://eset.ua/ua/news/view/903/opasnyye-programmy-vymogateli-atakuyut-kak-ne-stat-
sleduyushchey-zhertvoy
[2] M.TajDini, et al., Wireless Sensors for Brain Activity—A Survey. In Electronics, Vol. 9, Issue 12,
2092. MDPI AG., 2020. https://doi.org/10.3390/electronics9122092
[3] Z. B. Hu, et al., Authentication System by Human Brainwaves Using Machine Learning and
Artificial Intelligence. In Advances in Computer Science for Engineering and Education IV, 374–
388, 2021. https://doi.org/10.1007/978-3-030-80472-5_31
[4] H. Shevchenko, et al., Information security risk analysis SWOT, in: Workshop on Cybersecurity
Providing in Information and Telecommunication Systems, CPITS, vol. 2923, 309–317, 2021.
[5] The threat of cyberattacks is growing due to the pandemic: EU report. https://yur-
gazeta.com/golovna/zagroza-kiberatak-zrostae-cherez-pandemiyu-zvit-es.html
[6] V. Buriachok, V. Sokolov, P. Skladannyi, Security rating metrics for distributed wireless systems,
in: Workshop of the 8th International Conference on "Mathematics. Information Technologies.
Education": Modern Machine Learning Technologies and Data Science (MoMLeT and DS), vol.
2386, 222–233, 2019.
[7] D. Berestov, et al., Analysis of features and prospects of application of dynamic iterative
assessment of information security risks, in: Workshop on Cybersecurity Providing in Information
and Telecommunication Systems (CPITS), vol. 2923, 329–335, 2021.
[8] F. Kipchuk, et al. Investigation of Availability of Wireless Access Points based on Embedded
Systems. 2019 IEEE International Scientific-Practical Conference Problems of
Infocommunications, Science and Technology (PIC S&T), 2019.
https://doi.org/10.1109/picst47496.2019.9061551
[9] V. Astapenya, et al., Analysis of Ways and Methods of Increasing the Availability of Information
in Distributed Information Systems. In 2021 IEEE 8th International Conference on Problems of
Infocommunications, Science and Technology (PICST), 2021. IEEE.
https://doi.org/10.1109/picst54195.2021.9772161
[10] L. Banga, S. Pillai, Impact of Behavioural Biometrics on Mobile Banking System, Journal of
Physics: Conference Series, Vol. 1964, 2021. https://iopscience.iop.org/article/10.1088/1742-
6596/1964/6/062109/pdf
[11] M. Shopon; S.N. Tumpa; Y. Bhatia; K.N. Pavan Kumar; M.L. Gavrilova. Biometric Systems De-
Identification: Current Advancements and Future Directions. J. Cybersecur. Priv. 2021, 1, 470–
495.
[12] A. Dantcheva; P. Elia; A. Ross. What else does your biometric data reveal? A survey on soft
biometrics. IEEE Trans. Inf. Forensics Secur. 2015, 11, 441–467.
[13] M. Sultana; P.P. Paul; M. Gavrilova. Social behavioral biometrics: An emerging trend. Int. J.
Pattern Recognit. Artif. Intell. 2015, 29, 1556013.
[14] S.N. Tumpa; K.P. Kumar; M. Sultana; G.S.J. Hsu; O. Yadid-Pecht; S. Yanushkevich;
M.L. Gavrilova. Social Behavioral Biometrics in Smart Societies. In Advancements in Computer
Vision Applications in Intelligent Systems and Multimedia Technologies; IGI Global: Hershey,
PA, USA, 2020; pp. 1–24.
96
�[15] F. Bahmaninezhad; C. Zhang; J.H. Hansen. Convolutional Neural Network Based Speaker De-
Identification. Odyssey, 2018, 255–260. https://www.semanticscholar.org/paper/Convolutional-
Neural-Network-Based-SpeakerBahmaninezhad-
Zhang/f2cd2f81b188166058ea04b454a4c59135d744a5
[16] Y.R. Vampolskiy, V. Govindaraju. Behavioural biometrics: a survey and classification, Int. J.
Biometrics, 2008, Vol. 1, No. 1, 81–113.
[17] A.K. Anil, K. Jain, Biometrics of Next Generation—An Overview. http://biometrics.cse.msu.edu/
Publications/GeneralBiometrics/JainKumarNextGenBiometrics_BookChap10.pdf
97
�