Tesina Sobri

835 views
754 views

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
835
On SlideShare
0
From Embeds
0
Number of Embeds
28
Actions
Shares
0
Downloads
14
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Tesina Sobri

  1. 1. REVERSE ENGINEERING AND MALWARE THREAT IN DISTRIBUTED BIOMETRIC SYSTEMS Proyecto fin de carrera Autor: Benxamín Porto Domínguez Tutores: Carmen García Mateo Claus Vielhauer
  2. 2. Contents <ul><li>Introduction </li></ul><ul><li>Malware </li></ul><ul><li>Reverse Engineering </li></ul><ul><li>Conclusions </li></ul><ul><li>Question time </li></ul>
  3. 3. Introduction <ul><li>Biometrics refers to the processing of biometrics signals in order to verify an user’s identity or identify within a group of possibilities </li></ul><ul><li>The most used biometric traits are based on: voice, face, fingerprint, signature, etc. </li></ul>INTRODUCTION
  4. 4. Objectives <ul><li>Analysis of the possible vulnerabilities that can be found in distributed biometric systems due to Malware or Reverse Engineering attacks </li></ul><ul><li>Check the results shown by these attacks </li></ul><ul><li>Find alternative implementations that can counter these types of attacks or at least minimize them </li></ul>INTRODUCTION INTRODUCTION
  5. 5. The system <ul><li>The system used is a prototype developed in Universidad de Vigo </li></ul><ul><li>It is called BioWebAuth </li></ul><ul><li>It is a distributed authentication system that uses biometrics to authenticate users on the internet </li></ul><ul><li>It is based on a Client-Server architecture </li></ul>INTRODUCTION INTRODUCTION
  6. 6. INTRODUCTION INTRODUCTION Sensor Feature Extraction Matcher Decision Template Database Client Server Internet
  7. 7. BioWebAuth INTRODUCTION INTRODUCTION
  8. 8. BioWebAuth (II) INTRODUCTION
  9. 9. Procedure <ul><li>Not use of knowledge unavailable for the attacker </li></ul><ul><li>Use of diverse hacking tools to emulate Malware </li></ul><ul><li>Seek for the reverse engineering processes of the biometric modalities </li></ul><ul><li>Use of the reversed samples to test the system </li></ul>INTRODUCTION
  10. 10. Malware
  11. 11. Malware <ul><li>Set of instructions that run in one computer and make that system do something that an attacker wants it to do </li></ul><ul><li>It can be found in any platform and in any computer language </li></ul><ul><li>Growing problem in today’s Internet security </li></ul>MALWARE
  12. 12. Methodology <ul><li>Study the different types of existent Malware </li></ul><ul><li>Find possible techniques against distributed biometric systems </li></ul><ul><li>Create a threat level list reagarding the sucess possibilities of the different types of Malware </li></ul>MALWARE
  13. 13. Malware Types <ul><li>Malicious mobile code </li></ul><ul><li>Virus </li></ul><ul><li>Worms </li></ul><ul><li>Trojan Horses </li></ul><ul><li>Backdoors </li></ul><ul><li>User and Kernel level RootKits </li></ul><ul><li>Combo Malware </li></ul>MALWARE
  14. 14. Malware level threat <ul><li>Malicious mobile code: low </li></ul><ul><li>Virus: low </li></ul><ul><li>Worms: medium </li></ul><ul><li>Trojan Horses: medium </li></ul><ul><li>Backdoors: high </li></ul><ul><li>User and Kernel RootKits: very High </li></ul><ul><li>Combo Malware: the highest </li></ul>MALWARE + level threat |
  15. 15. Techniques <ul><li>Keylogger: </li></ul><ul><li>Password recovery: </li></ul>MALWARE
  16. 16. Techniques (II) MALWARE
  17. 17. Techniques (III) <ul><li>Vulnerabilities scanning </li></ul>MALWARE
  18. 18. Techniques (IV) <ul><li>Cookie stealing </li></ul>MALWARE
  19. 19. Reverse Engineering
  20. 20. Reserve Engineering <ul><li>Process of analyzing a subject system to identify the system's components and their interrelationships and create representations of the system in another form or a higher level of abstraction </li></ul><ul><li>Used for reconstruction of an input sample </li></ul><ul><li>Grey box model is chosen in this work </li></ul>REVERSE ENGINEERING
  21. 21. REVERSE ENGINEERING Sensor Feature Extraction Matcher Decision Template Database Client Server Internet Reverse Engineering
  22. 22. Methodology <ul><li>Study of the data distribution of templates </li></ul><ul><li>Find information about the algorithms </li></ul><ul><li>Create a reverse algorithm through the inversion of Gabor Jets </li></ul><ul><li>Bypass the system with the use of these samples </li></ul>REVERSE ENGINEERING
  23. 23. Data Distribution Study REVERSE ENGINEERING
  24. 24. Reverse Algorithm Creation REVERSE ENGINEERING
  25. 25. System Attack REVERSE ENGINEERING
  26. 26. Results <ul><li>The system was bypassed in all the matchings between the spoofed image and the template where it came from </li></ul><ul><li>Correlated tests between different templates images of the same subject showed a 10% of success </li></ul>REVERSE ENGINEERING
  27. 27. Conclusions
  28. 28. Conclusions <ul><li>Reverse engineering of the system is a serious threat due to the possibility of acquiring an user’s sample </li></ul><ul><li>Malware can give an attacker important information about the user </li></ul><ul><li>Malware can modify the input devices and thus invalidate the whole process </li></ul><ul><li>Biometric templates have to be stored using encryption techniques or, at least, methods for obscuring the identification of different patterns </li></ul>CONCLUSIONS
  29. 29. Conclusions (II) <ul><li>System have to advise all the users against social engineering attacks </li></ul><ul><li>Use of liveness detection techniques is highly recommended, although they do not ensure full protection against Malware </li></ul>CONCLUSIONS
  30. 30. Question time Thanks for your time I hope you enjoyed

×