
NSF Org: |
CNS Division Of Computer and Network Systems |
Recipient: |
|
Initial Amendment Date: | August 15, 2017 |
Latest Amendment Date: | May 25, 2022 |
Award Number: | 1718375 |
Award Instrument: | Standard Grant |
Program Manager: |
Jeremy Epstein
CNS Division Of Computer and Network Systems CSE Directorate for Computer and Information Science and Engineering |
Start Date: | September 1, 2017 |
End Date: | August 31, 2022 (Estimated) |
Total Intended Award Amount: | $294,582.00 |
Total Awarded Amount to Date: | $394,582.00 |
Funds Obligated to Date: |
FY 2018 = $16,000.00 FY 2019 = $16,000.00 FY 2020 = $16,000.00 FY 2021 = $36,000.00 FY 2022 = $16,000.00 |
History of Investigator: |
|
Recipient Sponsored Research Office: |
520 LEE ENTRANCE STE 211 AMHERST NY US 14228-2577 (716)645-2634 |
Sponsor Congressional District: |
|
Primary Place of Performance: |
NY US 14260-2500 |
Primary Place of
Performance Congressional District: |
|
Unique Entity Identifier (UEI): |
|
Parent UEI: |
|
NSF Program(s): |
Special Projects - CNS, Secure &Trustworthy Cyberspace |
Primary Program Source: |
01001718DB NSF RESEARCH & RELATED ACTIVIT 01001819DB NSF RESEARCH & RELATED ACTIVIT 01001920DB NSF RESEARCH & RELATED ACTIVIT 01002021DB NSF RESEARCH & RELATED ACTIVIT 01002122DB NSF RESEARCH & RELATED ACTIVIT |
Program Reference Code(s): |
|
Program Element Code(s): |
|
Award Agency Code: | 4900 |
Fund Agency Code: | 4900 |
Assistance Listing Number(s): | 47.070 |
ABSTRACT
Most traditional security systems authenticate a user only at the initial log-in session. As a result, it is possible for another user, authorized or unauthorized, to access the system information, with or without the permission of the signed-on user, until the initial user logs out. This could be a critical security flaw even for high-security systems. Traditional one-time (e.g., password) or two-factor (e.g., password with fingerprint) authentication methods are no longer sufficient. Continuous authentication is a form of dynamic, risk-based authentication that changes the perspective of authentication from an event to a process, and has the potential to address the vulnerability of existing security systems by continuously verifying the user's identity during the session use. This interdisciplinary team explores a novel continuous authentication through a transformative non-contact heart-based biometrics. This project could transform the understanding of non-volatile components in cardiac motion, and convert this new knowledge and related technologies into improved security in increasingly vulnerable cyberspace. The project establishes a unique inter university research and education program on cyber security, which involves both K-12, undergraduate students, and underrepresented populations.
The Cardiac Password project investigates a holistic hardware/software solution to secure and trustworthy continuous authentication via non-contact cardiac motion sensing. The new authentication system can recognize humans in a non-contact, unobtrusive and even non-line-of-sight fashion. Towards this goal, the project has three thrusts. First, the team develops a high-fidelity non-contact cardiac motion sensing device. Second, the team investigates invariant cardiac descriptors and propose continuous authentication methodologies. Third, the team assesses the performance, usability, and vulnerability of the proposed Cardiac Password system. The outcome of this research can advance state-of-the-art heart-based biometrics in user authentication, and provide insights on developing more undeceivable, disclosure-resistant and user-friendly biometric solutions. The investigators will disseminate the results of the project through publications, talks, and demos, and integrate the research results into education curricula.
PUBLICATIONS PRODUCED AS A RESULT OF THIS RESEARCH
Note:
When clicking on a Digital Object Identifier (DOI) number, you will be taken to an external
site maintained by the publisher. Some full text articles may not yet be available without a
charge during the embargo (administrative interval).
Some links on this page may take you to non-federal websites. Their policies may differ from
this site.
PROJECT OUTCOMES REPORT
Disclaimer
This Project Outcomes Report for the General Public is displayed verbatim as submitted by the Principal Investigator (PI) for this award. Any opinions, findings, and conclusions or recommendations expressed in this Report are those of the PI and do not necessarily reflect the views of the National Science Foundation; NSF has not approved or endorsed its content.
Most traditional security systems authenticate a user only at the initial log-in session. As a result, it is possible for another user, authorized or unauthorized, to access the system information, with or without the permission of the signed-on user, until the initial user logs out. This could be a critical security flaw even for high-security systems. Traditional one-time (e.g., password) or two-factor (e.g., password with fingerprint) authentication methods are no longer sufficient. Continuous authentication is a form of dynamic, risk-based authentication that changes the perspective of authentication from an event to a process and has the potential to address the vulnerability of existing security systems by continuously verifying the user's identity during the session use.
In this project, an interdisciplinary team has explored a novel continuous authentication based on a transformative noncontact detection of heart-based biometrics using electromagnetic waves. Radio-frequency devices operating at 5.8 GHz, 24 GHz and 120 GHz have been developed for noncontact cardiac motion sensing. The devices send out a low-power electromagnetic wave and analyze the signal scattered from human subjects, which enables the extraction of the cardiac motion information from the participant. Advanced signal pre-conditioning methods based on analog circuit design and digital signal processing have been developed to achieve high sensitivity and low distortion in the detected cardiac motion. To reliably detect the subtle changes in heart activity, a software tool, namely, CardiacWave, has been investigated to provide a full spectrum of Electrocardiogram (ECG)-like heart activities. The CardiacWave design consists of a noise-resistant sensing scheme to interrogate a cardiac activity profiling module for extracting cardiac electrical activities from the interrogation response. Experiments have shown that the CardiacWave-induced ECG measures can be correlated with the heart activity ground truth, which was measured from a medical-grade instrument.
This project could transform the understanding of non-volatile components in cardiac motion and convert new knowledge and related technologies into improved security in increasingly vulnerable cyberspace. Based on collaboration between Electrical Engineers at Texas Tech University and Computer Scientists at the University of Buffalo, the project has established a unique inter-university research and education program on cyber security, which involved both K-12 undergraduate students, and underrepresented populations.
Last Modified: 12/17/2022
Modified by: Wenyao Xu
Please report errors in award information by writing to: awardsearch@nsf.gov.