-
A large-scale study of performance and equity of commercial remote identity verification technologies across demographics
Authors:
Kaniz Fatima,
Michael Schuckers,
Gerardo Cruz-Ortiz,
Daqing Hou,
Sandip Purnapatra,
Tiffany Andrews,
Ambuj Neupane,
Brandeis Marshall,
Stephanie Schuckers
Abstract:
As more types of transactions move online, there is an increasing need to verify someone's identity remotely. Remote identity verification (RIdV) technologies have emerged to fill this need. RIdV solutions typically use a smart device to validate an identity document like a driver's license by comparing a face selfie to the face photo on the document. Recent research has been focused on ensuring t…
▽ More
As more types of transactions move online, there is an increasing need to verify someone's identity remotely. Remote identity verification (RIdV) technologies have emerged to fill this need. RIdV solutions typically use a smart device to validate an identity document like a driver's license by comparing a face selfie to the face photo on the document. Recent research has been focused on ensuring that biometric systems work fairly across demographic groups. This study assesses five commercial RIdV solutions for equity across age, gender, race/ethnicity, and skin tone across 3,991 test subjects. This paper employs statistical methods to discern whether the RIdV result across demographic groups is statistically distinguishable. Two of the RIdV solutions were equitable across all demographics, while two RIdV solutions had at least one demographic that was inequitable. For example, the results for one technology had a false negative rate of 10.5% +/- 4.5% and its performance for each demographic category was within the error bounds, and, hence, were equitable. The other technologies saw either poor overall performance or inequitable performance. For one of these, participants of the race Black/African American (B/AA) as well as those with darker skin tones (Monk scale 7/8/9/10) experienced higher false rejections. Finally, one technology demonstrated more favorable but inequitable performance for the Asian American and Pacific Islander (AAPI) demographic. This study confirms that it is necessary to evaluate products across demographic groups to fully understand the performance of remote identity verification technologies.
△ Less
Submitted 18 September, 2024;
originally announced September 2024.
-
Designing Behavior Trees from Goal-Oriented LTLf Formulas
Authors:
Aadesh Neupane,
Eric G Mercer,
Michael A. Goodrich
Abstract:
Temporal logic can be used to formally specify autonomous agent goals, but synthesizing planners that guarantee goal satisfaction can be computationally prohibitive. This paper shows how to turn goals specified using a subset of finite trace Linear Temporal Logic (LTL) into a behavior tree (BT) that guarantees that successful traces satisfy the LTL goal. Useful LTL formulas for achievement goals c…
▽ More
Temporal logic can be used to formally specify autonomous agent goals, but synthesizing planners that guarantee goal satisfaction can be computationally prohibitive. This paper shows how to turn goals specified using a subset of finite trace Linear Temporal Logic (LTL) into a behavior tree (BT) that guarantees that successful traces satisfy the LTL goal. Useful LTL formulas for achievement goals can be derived using achievement-oriented task mission grammars, leading to missions made up of tasks combined using LTL operators. Constructing BTs from LTL formulas leads to a relaxed behavior synthesis problem in which a wide range of planners can implement the action nodes in the BT. Importantly, any successful trace induced by the planners satisfies the corresponding LTL formula. The usefulness of the approach is demonstrated in two ways: a) exploring the alignment between two planners and LTL goals, and b) solving a sequential key-door problem for a Fetch robot.
△ Less
Submitted 19 December, 2023; v1 submitted 12 July, 2023;
originally announced July 2023.
-
Users really do respond to smishing
Authors:
Muhammad Lutfor Rahman,
Daniel Timko,
Hamid Wali,
Ajaya Neupane
Abstract:
Text phish messages, referred to as Smishing is a type of social engineering attack where fake text messages are created, and used to lure users into responding to those messages. These messages aim to obtain user credentials, install malware on the phones, or launch smishing attacks. They ask users to reply to their message, click on a URL that redirects them to a phishing website, or call the pr…
▽ More
Text phish messages, referred to as Smishing is a type of social engineering attack where fake text messages are created, and used to lure users into responding to those messages. These messages aim to obtain user credentials, install malware on the phones, or launch smishing attacks. They ask users to reply to their message, click on a URL that redirects them to a phishing website, or call the provided number. Thousands of mobile users are affected by smishing attacks daily. Drawing inspiration by the works of Tu et al. (USENIX Security, 2019) on Robocalls and Tischer et al. (IEEE Symposium on Security and Privacy, 2016) on USB drives, this paper investigates why smishing works. Accordingly, we designed smishing experiments and sent phishing SMSes to 265 users to measure the efficacy of smishing attacks. We sent eight fake text messages to participants and recorded their CLICK, REPLY, and CALL responses along with their feedback in a post-test survey. Our results reveal that 16.92% of our participants had potentially fallen for our smishing attack. To test repeat phishing, we subjected a set of randomly selected participants to a second round of smishing attacks with a different message than the one they received in the first round. As a result, we observed that 12.82% potentially fell for the attack again. Using logistic regression, we observed that a combination of user REPLY and CLICK actions increased the odds that a user would respond to our smishing message when compared to CLICK. Additionally, we found a similar statistically significant increase when comparing Facebook and Walmart entity scenario to our IRS baseline.
△ Less
Submitted 26 December, 2022;
originally announced December 2022.
-
Efficiently Evolving Swarm Behaviors Using Grammatical Evolution With PPA-style Behavior Trees
Authors:
Aadesh Neupane,
Michael A. Goodrich
Abstract:
Evolving swarm behaviors with artificial agents is computationally expensive and challenging. Because reward structures are often sparse in swarm problems, only a few simulations among hundreds evolve successful swarm behaviors. Additionally, swarm evolutionary algorithms typically rely on ad hoc fitness structures, and novel fitness functions need to be designed for each swarm task. This paper ev…
▽ More
Evolving swarm behaviors with artificial agents is computationally expensive and challenging. Because reward structures are often sparse in swarm problems, only a few simulations among hundreds evolve successful swarm behaviors. Additionally, swarm evolutionary algorithms typically rely on ad hoc fitness structures, and novel fitness functions need to be designed for each swarm task. This paper evolves swarm behaviors by systematically combining Postcondition-Precondition-Action (PPA) canonical Behavior Trees (BT) with a Grammatical Evolution. The PPA structure replaces ad hoc reward structures with systematic postcondition checks, which allows a common grammar to learn solutions to different tasks using only environmental cues and BT feedback. The static performance of learned behaviors is poor because no agent learns all necessary subtasks, but performance while evolving is excellent because agents can quickly change behaviors in new contexts. The evolving algorithm succeeded in 75\% of learning trials for both foraging and nest maintenance tasks, an eight-fold improvement over prior work.
△ Less
Submitted 29 March, 2022;
originally announced March 2022.
-
Using PPP Information to Implement a Global Real-Time Virtual Network DGNSS Approach
Authors:
Wang Hu,
Ashim Neupane,
Jay A. Farrell
Abstract:
Differential GNSS (DGNSS) has been demonstrated to provide reliable, high-quality range correction information enabling real-time navigation with centimeter to sub-meter accuracy, which is required for applications such as connected and autonomous vehicles. However, DGNSS requires a local reference station near each user. For a continental or global scale implementation, this information dissemina…
▽ More
Differential GNSS (DGNSS) has been demonstrated to provide reliable, high-quality range correction information enabling real-time navigation with centimeter to sub-meter accuracy, which is required for applications such as connected and autonomous vehicles. However, DGNSS requires a local reference station near each user. For a continental or global scale implementation, this information dissemination approach would require a dense network of reference stations whose construction and maintenance would be prohibitively expensive. Precise Point Positioning affords more flexibility as a public service for GNSS receivers, but its State Space Representation format is not supported by most receivers in the field or on the market. This article proposes a novel Virtual Network DGNSS (VN-DGNSS) approach and an optimization algorithm that is key to its implementation. The approach capitalizes on the existing PPP infrastructure without the need for new physical reference stations. By connecting to public GNSS SSR data services, a VN-DGNSS server maintains current information about common-mode errors. Construction of the RTCM Observation Space Representation messages from this SSR information requires both the signal time-of-transmission and the satellite position at that time which are consistent with the time-of-reception for each client. This article presents an algorithm to determine these quantities. The results of real-time stationary and moving platform evaluations are included, using u-blox M8P and ZED-F9P receivers. The performance surpasses the SAE specification (68% of horizontal error <= 1.5 m and vertical error <= 3 m) and shows significantly better horizontal performance than GNSS Open Service. The moving tests also show better horizontal performance than the ZED-F9P receiver with SBAS enabled and achieve the lane-level accuracy (95% of horizontal errors less than 1 meter).
△ Less
Submitted 28 June, 2022; v1 submitted 22 September, 2021;
originally announced October 2021.
-
A brief history on Homomorphic learning: A privacy-focused approach to machine learning
Authors:
Aadesh Neupane
Abstract:
Cryptography and data science research grew exponential with the internet boom. Legacy encryption techniques force users to make a trade-off between usability, convenience, and security. Encryption makes valuable data inaccessible, as it needs to be decrypted each time to perform any operation. Billions of dollars could be saved, and millions of people could benefit from cryptography methods that…
▽ More
Cryptography and data science research grew exponential with the internet boom. Legacy encryption techniques force users to make a trade-off between usability, convenience, and security. Encryption makes valuable data inaccessible, as it needs to be decrypted each time to perform any operation. Billions of dollars could be saved, and millions of people could benefit from cryptography methods that don't compromise between usability, convenience, and security. Homomorphic encryption is one such paradigm that allows running arbitrary operations on encrypted data. It enables us to run any sophisticated machine learning algorithm without access to the underlying raw data. Thus, homomorphic learning provides the ability to gain insights from sensitive data that has been neglected due to various governmental and organization privacy rules.
In this paper, we trace back the ideas of homomorphic learning formally posed by Ronald L. Rivest and Len Alderman as "Can we compute upon encrypted data?" in their 1978 paper. Then we gradually follow the ideas sprouting in the brilliant minds of Shafi Goldwasser, Kristin Lauter, Dan Bonch, Tomas Sander, Donald Beaver, and Craig Gentry to address that vital question. It took more than 30 years of collective effort to finally find the answer "yes" to that important question.
△ Less
Submitted 10 September, 2020; v1 submitted 9 September, 2020;
originally announced September 2020.
-
Slogatron: Advanced Wealthiness Generator
Authors:
Bryant Chandler,
Aadesh Neupane
Abstract:
Creating catchy slogans is a demanding and clearly creative job for ad agencies. The process of slogan creation by humans involves finding key concepts of the company and its products, and developing a memorable short phrase to describe the key concept. We attempt to follow the same sequence, but with an evolutionary algorithm. A user inputs a paragraph describing describing the company or product…
▽ More
Creating catchy slogans is a demanding and clearly creative job for ad agencies. The process of slogan creation by humans involves finding key concepts of the company and its products, and developing a memorable short phrase to describe the key concept. We attempt to follow the same sequence, but with an evolutionary algorithm. A user inputs a paragraph describing describing the company or product to be promoted. The system randomly samples initial slogans from a corpus of existing slogans. The initial slogans are then iteratively mutated and improved using an evolutionary algorithm. Mutation randomly replaces words in an individual with words from the input paragraphs. Internal evaluation measures a combination of grammatical correctness, and semantic similarity to the input paragraphs. Subjective analysis of output slogans leads to the conclusion that the algorithm certainly outputs valuable slogans. External evaluation found that the slogans were somewhat successful in conveying a message, because humans were generally able to select the correct promoted item given a slogan.
△ Less
Submitted 9 August, 2018;
originally announced September 2018.
-
Adversarial Perturbations Against Real-Time Video Classification Systems
Authors:
Shasha Li,
Ajaya Neupane,
Sujoy Paul,
Chengyu Song,
Srikanth V. Krishnamurthy,
Amit K. Roy Chowdhury,
Ananthram Swami
Abstract:
Recent research has demonstrated the brittleness of machine learning systems to adversarial perturbations. However, the studies have been mostly limited to perturbations on images and more generally, classification that does not deal with temporally varying inputs. In this paper we ask "Are adversarial perturbations possible in real-time video classification systems and if so, what properties must…
▽ More
Recent research has demonstrated the brittleness of machine learning systems to adversarial perturbations. However, the studies have been mostly limited to perturbations on images and more generally, classification that does not deal with temporally varying inputs. In this paper we ask "Are adversarial perturbations possible in real-time video classification systems and if so, what properties must they satisfy?" Such systems find application in surveillance applications, smart vehicles, and smart elderly care and thus, misclassification could be particularly harmful (e.g., a mishap at an elderly care facility may be missed). We show that accounting for temporal structure is key to generating adversarial examples in such systems. We exploit recent advances in generative adversarial network (GAN) architectures to account for temporal correlations and generate adversarial samples that can cause misclassification rates of over 80% for targeted activities. More importantly, the samples also leave other activities largely unaffected making them extremely stealthy. Finally, we also surprisingly find that in many scenarios, the same perturbation can be applied to every frame in a video clip that makes the adversary's ability to achieve misclassification relatively easy.
△ Less
Submitted 2 July, 2018;
originally announced July 2018.
