Share Email Print
cover

Proceedings Paper

BossPro: a biometrics-based obfuscation scheme for software protection
Author(s): Torben Kuseler; Ihsan A. Lami; Hisham Al-Assam
Format Member Price Non-Member Price
PDF $14.40 $18.00
cover GOOD NEWS! Your organization subscribes to the SPIE Digital Library. You may be able to download this paper for free. Check Access

Paper Abstract

This paper proposes to integrate biometric-based key generation into an obfuscated interpretation algorithm to protect authentication application software from illegitimate use or reverse-engineering. This is especially necessary for mCommerce because application programmes on mobile devices, such as Smartphones and Tablet-PCs are typically open for misuse by hackers. Therefore, the scheme proposed in this paper ensures that a correct interpretation / execution of the obfuscated program code of the authentication application requires a valid biometric generated key of the actual person to be authenticated, in real-time. Without this key, the real semantics of the program cannot be understood by an attacker even if he/she gains access to this application code. Furthermore, the security provided by this scheme can be a vital aspect in protecting any application running on mobile devices that are increasingly used to perform business/financial or other security related applications, but are easily lost or stolen. The scheme starts by creating a personalised copy of any application based on the biometric key generated during an enrolment process with the authenticator as well as a nuance created at the time of communication between the client and the authenticator. The obfuscated code is then shipped to the client’s mobile devise and integrated with real-time biometric extracted data of the client to form the unlocking key during execution. The novelty of this scheme is achieved by the close binding of this application program to the biometric key of the client, thus making this application unusable for others. Trials and experimental results on biometric key generation, based on client's faces, and an implemented scheme prototype, based on the Android emulator, prove the concept and novelty of this proposed scheme.

Paper Details

Date Published: 28 May 2013
PDF: 10 pages
Proc. SPIE 8755, Mobile Multimedia/Image Processing, Security, and Applications 2013, 87550T (28 May 2013); doi: 10.1117/12.2030766
Show Author Affiliations
Torben Kuseler, The Univ. of Buckingham (United Kingdom)
Ihsan A. Lami, The Univ. of Buckingham (United Kingdom)
Hisham Al-Assam, The Univ. of Buckingham (United Kingdom)


Published in SPIE Proceedings Vol. 8755:
Mobile Multimedia/Image Processing, Security, and Applications 2013
Sos S. Agaian; Sabah A. Jassim; Eliza Yingzi Du, Editor(s)

© SPIE. Terms of Use
Back to Top