The security of biometric fingerprint is a big
challenge now-a-days, as it has world-wide acceptance.
Compromised fingerprint templates may raise terrible threats
to its owner. Because of the vulnerabilities of fingerprint
authentication system, security issues about fingerprint have
been a matter of great concern. This study summarizes the
vulnerabilities of fingerprint authentication system and
highlights the type of securities available against those
challenges. It includes much classified knowledge about
security of fingerprint template. This work is an endeavor to
provide a compact knowledge to the research community
about the security issues regarding fingerprint authentication
system.
In the cyber world more and more cyber-attacks are being perpetrated. Hackers have now become the warriors of the internet. They attack and do harmful things to compromised system. This paper will show the methodology use by hackers to gained access to system and the different tools used by them and how they are group based on their skills. It will identify exploits that can be used to attack a system and find mitigation to those exploits. In addition, the paper discusses the actual implementation of the hacking phases with the virtual machines use in the process. The virtual machines specification is also listed. it will also provide means and insights on how to protect one system from being compromised.
In the cyber world more and more cyber-attacks are being perpetrated. Hackers have now become the
warriors of the internet. They attack and do harmful things to compromised system. This paper will show
the methodology use by hackers to gained access to system and the different tools used by them and how
they are group based on their skills. It will identify exploits that can be used to attack a system and find
mitigation to those exploits.
Adversarial Attacks and Defenses in Malware Classification: A SurveyCSCJournals
As malware continues to grow more sophisticated and more plentiful - traditional signature and heuristics-based defenses no longer cut it. Instead, the industry has recently turned to using machine learning for malicious file detection. The challenge with this approach is that machine learning itself comes with vulnerabilities - and if left unattended presents a new attack surface for attackers to exploit.
In this paper we present a survey of research in the area of machine learning-based malware classifiers, the attacks they encounter, and the defensive measures available. We start by reviewing recent advances in malware classification, including the most important works using deep learning. We then discuss in detail the field of adversarial machine learning and conduct an exhaustive review of adversarial attacks and defenses in the field of malware classification.
A BAYESIAN CLASSIFICATION ON ASSET VULNERABILITY FOR REAL TIME REDUCTION OF F...IJNSA Journal
IT assets connected on internetwill encounter alien protocols and few parameters of protocol process are exposed as vulnerabilities. Intrusion Detection Systems (IDS) are installed to alerton suspicious traffic or activity. IDS issuesfalse positives alerts, if any behavior construe for partial attack pattern or the IDS lacks environment knowledge. Continuous monitoring of alerts to evolve whether, an alert is false positive or not is a major concern. In this paper we present design of an external module to IDS,to identify false positive alertsbased on anomaly based adaptive learning model. The novel feature of this design is that the system updates behavior profile of assets and environment with adaptive learning process.A mixture model is used for behavior modeling from reference data. The design of the detection and learning process are based on normal behavior and of environment. The anomaly alert identification algorithm isbuiltonSparse Markov Transducers (SMT) based probability.The total process is presented using real-time data. The Experimental results are validated and presentedwith reference to lab environment.
Self Evolving Antivirus Based on Neuro-Fuzzy Inference SystemIJRES Journal
With today’s world filled with information and data, it is very important for one to know which information or data is harmless and which is harmful. Right from cellular phones to big MNCs and Server companies require a security system that is as competent and adaptive as its ever-updating and evolving viruses or malware. The paper talks about the development and implementation of a new idea Adaptive anti-virus based on Anfis logic. An adaptive anti-virus system that will catch up to the speed at which the viruses update and evolve.
An intrusion detection system plays a major role in network security. We
propose a model “DB-OLS: An Approach for IDS” which is a Deviation Based-Outlier
approach for Intrusion detection using Self Organizing Maps. In this model “Self
Organizing Map” approach is to be used for behavior learning and “Outlier mining”
approach, for detecting an intruder by calculating deviation from known user profile.
This model aims to improve the capability of detecting intruders.
Cyber security is a Major concern in the world. As a result of frequent and consistent daily cyber attack, this journal was written to enlighten viewers and readers on zero day attack prediction
In the cyber world more and more cyber-attacks are being perpetrated. Hackers have now become the warriors of the internet. They attack and do harmful things to compromised system. This paper will show the methodology use by hackers to gained access to system and the different tools used by them and how they are group based on their skills. It will identify exploits that can be used to attack a system and find mitigation to those exploits. In addition, the paper discusses the actual implementation of the hacking phases with the virtual machines use in the process. The virtual machines specification is also listed. it will also provide means and insights on how to protect one system from being compromised.
In the cyber world more and more cyber-attacks are being perpetrated. Hackers have now become the
warriors of the internet. They attack and do harmful things to compromised system. This paper will show
the methodology use by hackers to gained access to system and the different tools used by them and how
they are group based on their skills. It will identify exploits that can be used to attack a system and find
mitigation to those exploits.
Adversarial Attacks and Defenses in Malware Classification: A SurveyCSCJournals
As malware continues to grow more sophisticated and more plentiful - traditional signature and heuristics-based defenses no longer cut it. Instead, the industry has recently turned to using machine learning for malicious file detection. The challenge with this approach is that machine learning itself comes with vulnerabilities - and if left unattended presents a new attack surface for attackers to exploit.
In this paper we present a survey of research in the area of machine learning-based malware classifiers, the attacks they encounter, and the defensive measures available. We start by reviewing recent advances in malware classification, including the most important works using deep learning. We then discuss in detail the field of adversarial machine learning and conduct an exhaustive review of adversarial attacks and defenses in the field of malware classification.
A BAYESIAN CLASSIFICATION ON ASSET VULNERABILITY FOR REAL TIME REDUCTION OF F...IJNSA Journal
IT assets connected on internetwill encounter alien protocols and few parameters of protocol process are exposed as vulnerabilities. Intrusion Detection Systems (IDS) are installed to alerton suspicious traffic or activity. IDS issuesfalse positives alerts, if any behavior construe for partial attack pattern or the IDS lacks environment knowledge. Continuous monitoring of alerts to evolve whether, an alert is false positive or not is a major concern. In this paper we present design of an external module to IDS,to identify false positive alertsbased on anomaly based adaptive learning model. The novel feature of this design is that the system updates behavior profile of assets and environment with adaptive learning process.A mixture model is used for behavior modeling from reference data. The design of the detection and learning process are based on normal behavior and of environment. The anomaly alert identification algorithm isbuiltonSparse Markov Transducers (SMT) based probability.The total process is presented using real-time data. The Experimental results are validated and presentedwith reference to lab environment.
Self Evolving Antivirus Based on Neuro-Fuzzy Inference SystemIJRES Journal
With today’s world filled with information and data, it is very important for one to know which information or data is harmless and which is harmful. Right from cellular phones to big MNCs and Server companies require a security system that is as competent and adaptive as its ever-updating and evolving viruses or malware. The paper talks about the development and implementation of a new idea Adaptive anti-virus based on Anfis logic. An adaptive anti-virus system that will catch up to the speed at which the viruses update and evolve.
An intrusion detection system plays a major role in network security. We
propose a model “DB-OLS: An Approach for IDS” which is a Deviation Based-Outlier
approach for Intrusion detection using Self Organizing Maps. In this model “Self
Organizing Map” approach is to be used for behavior learning and “Outlier mining”
approach, for detecting an intruder by calculating deviation from known user profile.
This model aims to improve the capability of detecting intruders.
Cyber security is a Major concern in the world. As a result of frequent and consistent daily cyber attack, this journal was written to enlighten viewers and readers on zero day attack prediction
Managing Intrusion Detection Alerts Using Support Vector MachinesCSCJournals
In the computer network world Intrusion detection systems (IDS) are used to identify attacks
against computer systems. They produce security alerts when an attack is done by an intruder.
Since IDSs generate high amount of security alerts, analyzing them are time consuming and error
prone. To solve this problem IDS alert management techniques are introduced. They manage
generated alerts and handle true positive and false positive alerts. In this paper a new alert
management system is presented. It uses support vector machine (SVM) as a core component of
the system that classify generated alerts. The proposed algorithm achieves high accurate result
in false positives reduction and identifying type of true positives. Because of low classification
time per each alert, the system also could be used in active alert management systems.
Classification of Malware Attacks Using Machine Learning In Decision TreeCSCJournals
Predicting cyberattacks using machine learning has become imperative since cyberattacks have increased exponentially due to the stealthy and sophisticated nature of adversaries. To have situational awareness and achieve defence in depth, using machine learning for threat prediction has become a prerequisite for cyber threat intelligence gathering. Some approaches to mitigating malware attacks include the use of spam filters, firewalls, and IDS/IPS configurations to detect attacks. However, threat actors are deploying adversarial machine learning techniques to exploit vulnerabilities. This paper explores the viability of using machine learning methods to predict malware attacks and build a classifier to automatically detect and label an event as “Has Detection or No Detection”. The purpose is to predict the probability of malware penetration and the extent of manipulation on the network nodes for cyber threat intelligence. To demonstrate the applicability of our work, we use a decision tree (DT) algorithms to learn dataset for evaluation. The dataset was from Microsoft Malware threat prediction website Kaggle. We identify probably cyberattacks on smart grid, use attack scenarios to determine penetrations and manipulations. The results show that ML methods can be applied in smart grid cyber supply chain environment to detect cyberattacks and predict future trends.
The International Journal of Engineering and Science (The IJES)theijes
The International Journal of Engineering & Science is aimed at providing a platform for researchers, engineers, scientists, or educators to publish their original research results, to exchange new ideas, to disseminate information in innovative designs, engineering experiences and technological skills. It is also the Journal's objective to promote engineering and technology education. All papers submitted to the Journal will be blind peer-reviewed. Only original articles will be published.
Intrusion Detection System - False Positive Alert Reduction TechniqueIDES Editor
Intrusion Detection System (IDS) is the most
powerful system that can handle the intrusions of the computer
environments by triggering alerts to make the analysts take
actions to stop this intrusion, but the IDS is triggering alerts
for any suspicious activity which means thousand alerts that
the analysts should take care of it. IDS generate a large
number of alerts and most of them are false positive as the
behavior construe for partial attack pattern or lack of
environment knowledge. These Alerts has different severities
and most of them don’t require big attention because of the
huge number of the false alerts among them. Monitoring and
identifying risky alerts is a major concern to security
administrator. Deleting the false alerts or reducing the
amount of the alerts (false alerts or real alerts) from the
entire amount alerts lead the researchers to design an
operational model for minimization of false positive alarms,
including recurring alarms by security administrator. In this
paper we are proposing a method, which can reduce such kind
of false positive alarms.
Privacy with Secondary Use of Personal InformationSven Wohlgemuth
Secondary use of personal information is of essential importance for the Internet of Things. The main application is resilience. Biometrics is an example for support of resilience in times of a natural disaster. The primary use of biometrics is to identify people; a secondary use is to improve healthcare services for affected people. This requires information sharing with third parties. The challenge faced for reliable support of the Internet of Things is safety. Special cases of security systems achieve safety for information flow, but they don’t scale for secondary use. Their users lose control on their identity. With the aim of improving usability of security, this research-in-progress proposes a multilateral information flow control. This is privacy as understood with informational self-determination. The key is usage control with secure delegation of rights and a secondary use of personal security-related information as Open Data.
False positive reduction by combining svm and knn algoeSAT Journals
Abstract
With the growth of information technology. There emerges many intrusion detection problem such as cyber security. Intrusion detection system provides basic infrastructure to detect a number of attacks. This research work focuses on intrusion detection problem of network security. The main goal is to detect network behaviour as normal or abnormal. In this research work, two different machine learning algorithm have been combined together to reduce its weakness and takes positive feature of both algorithm. Its experimental results generates better result than other algorithm in terms of performance, accuracy and false positive rate. These combined algorithm has been applied on KDDCUP99 dataset to find better result by improving its performance, accuracy and reducing its false positive rate.
Keywords: Intrusion detection system, KDDCUP99 dataset, False positive rate.
Online Intrusion Alert Aggregation with Generative Data Stream ModelingIJMER
Online intrusion alert aggregation with generative data stream modeling is a approach which uses generative modeling. It also use a method called as probabilistic methods. It can be assume that instances of an attack is similar as a process may be a random process which is producing alerts. This paper aims at collecting and modeling these attacks on some similar parameters, so that attack from beginning to completion can be identified. This collected and modeled alerts is given to security
personnel to estimate conclusion and take relative action. With some data sets, we show that it is easy to
deduct number of alerts and count of missing meta alerts is also extremely low. Also we demonstrate that generation of meta alerts having delay of only few seconds even after
first alert is produced already.
A Survey On Genetic Algorithm For Intrusion Detection SystemIJARIIE JOURNAL
The Internet has become a part of daily life and an essential tool today. Internet has been used as an important component of
business models. Therefore, It is very important to maintain a high level security to ensure safe and trusted communication of
information between various organizations.
Intrusion Detection Systems have become a needful component in terms of computer and network security. Intrusion detection is
one of the important security constraints for maintaining the integrity of information. Intrusion detection systems are the tools
used for prevention and detection of threats to computer systems. Various approaches have been applied in past that are less
effective to curb the menace of intrusion.
In this paper, a survey on applications of genetic algorithms in intrusion detection systems is carried out.
Biometrics Security using SteganographyCSCJournals
A biometric system is at risk to a variety of attacks. These attacks are intended to either avoid the security afforded by the system or to put off the normal functioning of the system. Various risks have been discovered while using biometric system. Proper use of cryptography greatly reduces the risks in biometric systems as the hackers have to find both secret key and template. It is notified that still fraudrant goes on to some extent. Here in this paper a new idea is presented to make system more secure by use of steganography. Here the secret key (which is in the form of pixel intensities) will be merged in the picture itself while encoding, and at decoding end only the authentic user will be allowed to decode.
Design and Implementation of Artificial Immune System for Detecting Flooding ...Kent State University
Academic Paper: N. B. I. Al-Dabagh and I. A. Ali, "Design and implementation of artificial immune system for detecting flooding attacks," in High Performance Computing and Simulation (HPCS), 2011 International Conference on, 2011, pp. 381-390.
Machine learning are used for numerous functions like image processing, data mining, prediction analysis, online shopping, cybersecurity, digital forensics, network security etc. the aim of this research work is to explore on the research work that implement security system or provide a framework for system security using machine learning algorithms. Furthermore to explore other fields that applied machine learning algorithms to solve their problems. Stipulate the essential use of the technique, once an algorithm was trained on how to manipulate the provided data, the process of implementation remain automatic.
MACHINE LEARNING IN NETWORK SECURITY USING KNIME ANALYTICSIJNSA Journal
Machine learning has more and more effect on our every day’s life. This field keeps growing and expanding into new areas. Machine learning is based on the implementation of artificial intelligence that gives systems the capability to automatically learn and enhance from experiments without being explicitly programmed. Machine Learning algorithms apply mathematical equations to analyze datasets and predict values based on the dataset. In the field of cybersecurity, machine learning algorithms can be utilized to train and analyze the Intrusion Detection Systems (IDSs) on security-related datasets. In this paper, we tested different machine learning algorithms to analyze NSL-KDD dataset using KNIME analytics.
Machine learning in network security using knime analyticsIJNSA Journal
Machine learning has more and more effect on our every day’s life. This field keeps growing and expanding into new areas. Machine learning is based on the implementation of artificial intelligence that gives systems the capability to automatically learn and enhance from experiments without being explicitly
programmed. Machine Learning algorithms apply mathematical equations to analyze datasets and predict values based on the dataset. In the field of cybersecurity, machine learning algorithms can be utilized to train and analyze the Intrusion Detection Systems (IDSs) on security-related datasets. In this paper, we tested different machine learning algorithms to analyze NSL-KDD dataset using KNIME analytics.
7 multi biometric fake detection system using image quality based liveness de...INFOGAIN PUBLICATION
Biometric systems mostly popular in all over the world because of its user friendly and credible nature in security. In spite of this advantages, many attacks that done through synthetic , self manufactured, fake, reconstructed samples affected on the performance and accuracy of biometric system which becomes major problem in biometrics. Hence, new effective measures have to be taken to protect the biometric systems. In this paper, we propose novel software based multi-biometric fake detection system to detect various types of attacks. The main moto of this system is to enhance security level of biometric recognition systems through Image Quality Assessment (IQA) which is one of the liveness detection method.25 image quality measures calculated from test image which used to classify between real and fake trait using Linear Discriminative Analysis(LDA) classifier. The experimental results is done on the database of 2D face and fingerprint modalities, shows the proposed system is ease in implementation in real time application as complexities is very less because of one input image. Also this system is fast, user-friendly, non-intrusive which is more competitive with any other state of the art approaches, classifies between real and fake traits.
An SVM based Statistical Image Quality Assessment for Fake Biometric DetectionIJTET Journal
Abstract
A biometric system is a computer based system and is used to identify the person on their behavioral and logical characteristics such as (for example fingerprint, face, iris, keystroke, signature, voice, etc.).A typical biometric system consists of feature extraction and matching patterns. But nowadays biometric systems are attacked by using fake biometric samples. This paper described the fingerprint biometric techniques and also introduce the attack on that system and by using Image Quality Assessment for Liveness Detection to know how to protect the system from fake biometrics and also how the multi biometric system is more secure than uni-biometric system. Support Vector Machine (SVM) classification technique is used for training and testing the fingerprint images. The testing onput fingerprint image is resulted as real and fake fingerprint image by quality score matching with the training based real and fake fingerprint samples.
A Survey of Security of Multimodal Biometric SystemsIJERA Editor
A biometric system is essentially a pattern recognition system being used in adversarial environment. Since,
biometric system like any conventional security system is exposed to malicious adversaries, who can manipulate
data to make the system ineffective by compromising its integrity. Current theory and design methods of
biometric systems do not take into account the vulnerability to such adversary attacks. Therefore, evaluation of
classical design methods is an open problem to investigate whether they lead to design secure systems. In order
to make biometric systems secure it is necessary to understand and evaluate the threats and to thus develop
effective countermeasures and robust system designs, both technical and procedural, if necessary. Accordingly,
the extension of theory and design methods of biometric systems is mandatory to safeguard the security and
reliability of biometric systems in adversarial environments.
Managing Intrusion Detection Alerts Using Support Vector MachinesCSCJournals
In the computer network world Intrusion detection systems (IDS) are used to identify attacks
against computer systems. They produce security alerts when an attack is done by an intruder.
Since IDSs generate high amount of security alerts, analyzing them are time consuming and error
prone. To solve this problem IDS alert management techniques are introduced. They manage
generated alerts and handle true positive and false positive alerts. In this paper a new alert
management system is presented. It uses support vector machine (SVM) as a core component of
the system that classify generated alerts. The proposed algorithm achieves high accurate result
in false positives reduction and identifying type of true positives. Because of low classification
time per each alert, the system also could be used in active alert management systems.
Classification of Malware Attacks Using Machine Learning In Decision TreeCSCJournals
Predicting cyberattacks using machine learning has become imperative since cyberattacks have increased exponentially due to the stealthy and sophisticated nature of adversaries. To have situational awareness and achieve defence in depth, using machine learning for threat prediction has become a prerequisite for cyber threat intelligence gathering. Some approaches to mitigating malware attacks include the use of spam filters, firewalls, and IDS/IPS configurations to detect attacks. However, threat actors are deploying adversarial machine learning techniques to exploit vulnerabilities. This paper explores the viability of using machine learning methods to predict malware attacks and build a classifier to automatically detect and label an event as “Has Detection or No Detection”. The purpose is to predict the probability of malware penetration and the extent of manipulation on the network nodes for cyber threat intelligence. To demonstrate the applicability of our work, we use a decision tree (DT) algorithms to learn dataset for evaluation. The dataset was from Microsoft Malware threat prediction website Kaggle. We identify probably cyberattacks on smart grid, use attack scenarios to determine penetrations and manipulations. The results show that ML methods can be applied in smart grid cyber supply chain environment to detect cyberattacks and predict future trends.
The International Journal of Engineering and Science (The IJES)theijes
The International Journal of Engineering & Science is aimed at providing a platform for researchers, engineers, scientists, or educators to publish their original research results, to exchange new ideas, to disseminate information in innovative designs, engineering experiences and technological skills. It is also the Journal's objective to promote engineering and technology education. All papers submitted to the Journal will be blind peer-reviewed. Only original articles will be published.
Intrusion Detection System - False Positive Alert Reduction TechniqueIDES Editor
Intrusion Detection System (IDS) is the most
powerful system that can handle the intrusions of the computer
environments by triggering alerts to make the analysts take
actions to stop this intrusion, but the IDS is triggering alerts
for any suspicious activity which means thousand alerts that
the analysts should take care of it. IDS generate a large
number of alerts and most of them are false positive as the
behavior construe for partial attack pattern or lack of
environment knowledge. These Alerts has different severities
and most of them don’t require big attention because of the
huge number of the false alerts among them. Monitoring and
identifying risky alerts is a major concern to security
administrator. Deleting the false alerts or reducing the
amount of the alerts (false alerts or real alerts) from the
entire amount alerts lead the researchers to design an
operational model for minimization of false positive alarms,
including recurring alarms by security administrator. In this
paper we are proposing a method, which can reduce such kind
of false positive alarms.
Privacy with Secondary Use of Personal InformationSven Wohlgemuth
Secondary use of personal information is of essential importance for the Internet of Things. The main application is resilience. Biometrics is an example for support of resilience in times of a natural disaster. The primary use of biometrics is to identify people; a secondary use is to improve healthcare services for affected people. This requires information sharing with third parties. The challenge faced for reliable support of the Internet of Things is safety. Special cases of security systems achieve safety for information flow, but they don’t scale for secondary use. Their users lose control on their identity. With the aim of improving usability of security, this research-in-progress proposes a multilateral information flow control. This is privacy as understood with informational self-determination. The key is usage control with secure delegation of rights and a secondary use of personal security-related information as Open Data.
False positive reduction by combining svm and knn algoeSAT Journals
Abstract
With the growth of information technology. There emerges many intrusion detection problem such as cyber security. Intrusion detection system provides basic infrastructure to detect a number of attacks. This research work focuses on intrusion detection problem of network security. The main goal is to detect network behaviour as normal or abnormal. In this research work, two different machine learning algorithm have been combined together to reduce its weakness and takes positive feature of both algorithm. Its experimental results generates better result than other algorithm in terms of performance, accuracy and false positive rate. These combined algorithm has been applied on KDDCUP99 dataset to find better result by improving its performance, accuracy and reducing its false positive rate.
Keywords: Intrusion detection system, KDDCUP99 dataset, False positive rate.
Online Intrusion Alert Aggregation with Generative Data Stream ModelingIJMER
Online intrusion alert aggregation with generative data stream modeling is a approach which uses generative modeling. It also use a method called as probabilistic methods. It can be assume that instances of an attack is similar as a process may be a random process which is producing alerts. This paper aims at collecting and modeling these attacks on some similar parameters, so that attack from beginning to completion can be identified. This collected and modeled alerts is given to security
personnel to estimate conclusion and take relative action. With some data sets, we show that it is easy to
deduct number of alerts and count of missing meta alerts is also extremely low. Also we demonstrate that generation of meta alerts having delay of only few seconds even after
first alert is produced already.
A Survey On Genetic Algorithm For Intrusion Detection SystemIJARIIE JOURNAL
The Internet has become a part of daily life and an essential tool today. Internet has been used as an important component of
business models. Therefore, It is very important to maintain a high level security to ensure safe and trusted communication of
information between various organizations.
Intrusion Detection Systems have become a needful component in terms of computer and network security. Intrusion detection is
one of the important security constraints for maintaining the integrity of information. Intrusion detection systems are the tools
used for prevention and detection of threats to computer systems. Various approaches have been applied in past that are less
effective to curb the menace of intrusion.
In this paper, a survey on applications of genetic algorithms in intrusion detection systems is carried out.
Biometrics Security using SteganographyCSCJournals
A biometric system is at risk to a variety of attacks. These attacks are intended to either avoid the security afforded by the system or to put off the normal functioning of the system. Various risks have been discovered while using biometric system. Proper use of cryptography greatly reduces the risks in biometric systems as the hackers have to find both secret key and template. It is notified that still fraudrant goes on to some extent. Here in this paper a new idea is presented to make system more secure by use of steganography. Here the secret key (which is in the form of pixel intensities) will be merged in the picture itself while encoding, and at decoding end only the authentic user will be allowed to decode.
Design and Implementation of Artificial Immune System for Detecting Flooding ...Kent State University
Academic Paper: N. B. I. Al-Dabagh and I. A. Ali, "Design and implementation of artificial immune system for detecting flooding attacks," in High Performance Computing and Simulation (HPCS), 2011 International Conference on, 2011, pp. 381-390.
Machine learning are used for numerous functions like image processing, data mining, prediction analysis, online shopping, cybersecurity, digital forensics, network security etc. the aim of this research work is to explore on the research work that implement security system or provide a framework for system security using machine learning algorithms. Furthermore to explore other fields that applied machine learning algorithms to solve their problems. Stipulate the essential use of the technique, once an algorithm was trained on how to manipulate the provided data, the process of implementation remain automatic.
MACHINE LEARNING IN NETWORK SECURITY USING KNIME ANALYTICSIJNSA Journal
Machine learning has more and more effect on our every day’s life. This field keeps growing and expanding into new areas. Machine learning is based on the implementation of artificial intelligence that gives systems the capability to automatically learn and enhance from experiments without being explicitly programmed. Machine Learning algorithms apply mathematical equations to analyze datasets and predict values based on the dataset. In the field of cybersecurity, machine learning algorithms can be utilized to train and analyze the Intrusion Detection Systems (IDSs) on security-related datasets. In this paper, we tested different machine learning algorithms to analyze NSL-KDD dataset using KNIME analytics.
Machine learning in network security using knime analyticsIJNSA Journal
Machine learning has more and more effect on our every day’s life. This field keeps growing and expanding into new areas. Machine learning is based on the implementation of artificial intelligence that gives systems the capability to automatically learn and enhance from experiments without being explicitly
programmed. Machine Learning algorithms apply mathematical equations to analyze datasets and predict values based on the dataset. In the field of cybersecurity, machine learning algorithms can be utilized to train and analyze the Intrusion Detection Systems (IDSs) on security-related datasets. In this paper, we tested different machine learning algorithms to analyze NSL-KDD dataset using KNIME analytics.
7 multi biometric fake detection system using image quality based liveness de...INFOGAIN PUBLICATION
Biometric systems mostly popular in all over the world because of its user friendly and credible nature in security. In spite of this advantages, many attacks that done through synthetic , self manufactured, fake, reconstructed samples affected on the performance and accuracy of biometric system which becomes major problem in biometrics. Hence, new effective measures have to be taken to protect the biometric systems. In this paper, we propose novel software based multi-biometric fake detection system to detect various types of attacks. The main moto of this system is to enhance security level of biometric recognition systems through Image Quality Assessment (IQA) which is one of the liveness detection method.25 image quality measures calculated from test image which used to classify between real and fake trait using Linear Discriminative Analysis(LDA) classifier. The experimental results is done on the database of 2D face and fingerprint modalities, shows the proposed system is ease in implementation in real time application as complexities is very less because of one input image. Also this system is fast, user-friendly, non-intrusive which is more competitive with any other state of the art approaches, classifies between real and fake traits.
An SVM based Statistical Image Quality Assessment for Fake Biometric DetectionIJTET Journal
Abstract
A biometric system is a computer based system and is used to identify the person on their behavioral and logical characteristics such as (for example fingerprint, face, iris, keystroke, signature, voice, etc.).A typical biometric system consists of feature extraction and matching patterns. But nowadays biometric systems are attacked by using fake biometric samples. This paper described the fingerprint biometric techniques and also introduce the attack on that system and by using Image Quality Assessment for Liveness Detection to know how to protect the system from fake biometrics and also how the multi biometric system is more secure than uni-biometric system. Support Vector Machine (SVM) classification technique is used for training and testing the fingerprint images. The testing onput fingerprint image is resulted as real and fake fingerprint image by quality score matching with the training based real and fake fingerprint samples.
A Survey of Security of Multimodal Biometric SystemsIJERA Editor
A biometric system is essentially a pattern recognition system being used in adversarial environment. Since,
biometric system like any conventional security system is exposed to malicious adversaries, who can manipulate
data to make the system ineffective by compromising its integrity. Current theory and design methods of
biometric systems do not take into account the vulnerability to such adversary attacks. Therefore, evaluation of
classical design methods is an open problem to investigate whether they lead to design secure systems. In order
to make biometric systems secure it is necessary to understand and evaluate the threats and to thus develop
effective countermeasures and robust system designs, both technical and procedural, if necessary. Accordingly,
the extension of theory and design methods of biometric systems is mandatory to safeguard the security and
reliability of biometric systems in adversarial environments.
Synthesis of Polyurethane Solution (Castor oil based polyol for polyurethane)IJARIIE JOURNAL
Around 160 million hector unused is available in India. India is the world’s largest producer of castor oil,
producing over 75% of the total world’s supply. There are over a hundred companies in India-small and
medium-that are into castor oil production, producing a variety of the basic grades o castor oil. All the above
factors make it imperative that the India industry relooks at the castor oil sector in order to devise suitable
strategies to derive the most benefits from such an attractive confluence of factors. Castor oil is unique owing to
its exceptional diversity of application. The oil and its derivatives are used in over 100 different applications in
diverse industries such as paints, lubricants, pharma, cosmetics, paper, rubber and more. Recent developments
have successfully derived polyol from natural oils and synthesized range of PU product from them. However,
making flexible solution from natural oil polyol is still proving challenging. The goal of this thesis is to
understand the potentials and the limitations of natural oil as an alternative to petroleum polyol. An initial
attempt to understand natural oil polyol showed that flexible solution could be synthesized from castor oil,
which produced a rigid solution. Characterization results indicate that the glass transition temperature (Tg) was
the predominant factor that determines the rigidity of the solution. The high Tg of solution was attributed to the
low number of covalent bond between cross linkers.
System call frequency analysis-based generative adversarial network model for...IJECEIAES
In today's digital age, mobile applications have become essential in connecting people from diverse domains. They play a crucial role in enabling communication, facilitating business transactions, and providing access to a range of services. Mobile communication is widespread due to its portability and ease of use, with an increasing number of mobile devices projected to reach 18.22 billion by the end of 2025. However, this convenience comes at a cost, as cybercriminals are constantly looking for ways to exploit security vulnerabilities in mobile applications. Among the several varieties of malicious applications, zero-day malware is particularly dangerous since it cannot be removed by antivirus software. To detect zeroday Android malware, this paper introduces a novel approach based on generative adversarial networks (GANs), which generates new frequencies of feature vectors from system calls. In the proposed approach, the generator is fed with a mixture of real samples and noise, and then trained to create new samples, while the discriminator model aims to classify these samples as either real or fake. We assess the performance of our model through different measures, including loss functions, the Frechet Inception distance, and the inception score evaluation metrics.
Improving the accuracy of fingerprinting system using multibiometric approachIJERA Editor
Biometric technology is a science that used to verify or identify the individual based on physical and/or
behavioral traits. Although biometric systems are considered more secure than other traditional methods such as
password, or key, they also have many limitations such as noisy image, or spoof attack. One of the solutions to
overcome these limitations, is by applying a multibiometric system. Multibiometric system has a significant
effect in improving the performance of both security and accuracy of the system. It also can alleviate the spoof
attacks and reduce the fail to enroll error. A multi-sample is one implementations of the multibiometric systems.
In this study, a new algorithm is suggested to provide a second chance for the genuine user who is rejected, to
compare his/her provided finger with the other samples of the same finger. Multisampling fingerprint is used to
implement this new algorithm. The algorithm is activated when the match score of the user is not equal to a
threshold but close to it, then the system provides another chance to compare the finger with another sample of
the same trait. Using multi-sample biometric system improved the performance of the system by reducing the
False Reject Rate (FRR). Applying the original matching algorithm on the presented database produced 3
genuine users, and 5 imposters for the same fingerprint. While after implementing the suggested condition, the
system performance is enhanced by producing 6 genuine users, and 2 imposters for the same fingerprint. This
work was built and executed depending on a previous Matlab code presented by Zhi Li Wu. Thresholds and
Receiver Operating Characteristic (ROC) curves computed before and after implementing the suggested
multibiometric algorithm. Both ROC curves compared. A final decision and recommendations are provided
depending on the results obtained from this project
IRJET-Gaussian Filter based Biometric System Security EnhancementIRJET Journal
M.Selvi, T.Manickam, C.N.Marimuthu"Gaussian Filter based Biometric System Security Enhancement", International Research Journal of Engineering and Technology (IRJET), Volume2,issue-01 April 2015.e-ISSN:2395-0056, p-ISSN:2395-0072. www.irjet.net
Abstract
A novel software-based fake detection method that can be used in multiple biometric systems to detect different types of fraudulent access attempts. To ensure the actual presence of a real legitimate trait in contrast to a fake self-manufactured synthetic or reconstructed sample is a significant problem in biometric authentication, which requires the development of new and efficient protection measures. To enhance the security of biometric recognition frameworks, by adding liveness assessment in a fast, user-friendly, and non-intrusive manner, through the use of image quality assessment.
The proposed approach presents a very low degree of complexity, which makes it suitable for real-time applications, using 25 general image quality features extracted from one image (i.e., the same acquired for authentication purposes) to distinguish between legitimate and impostor samples. Multi-biometric and Multi-attack protection method which targets to overcome part of these limitations through the use of Image Quality Assessment (IQA).
Moreover, being software-based, it presents the usual advantages of this type of approaches: fast, as it only needs one image (i.e., the same sample acquired for biometric recognition) to detect whether it is real or fake, non-intrusive; user-friendly (transparent to the user), cheap and easy to embed in already functional systems and no hardware is required).
The overwhelming threat may be a challenge to
general security system. Fundamentally diverse alert and threat
techniques are been researched in order to reduce deceptive
warnings. Threat Detection Systems generates huge amount of
alerts which becomes challenging to deal with them and prepare
solution. The detection System checks inbound and outbound
network activities and finds an suspicious pattern that indicate
an ongoing steps for attack. Large amount of alert may contain
false alarm therefore need of alert analysis mechanisms to offer
high level information of seriousness of threat, how dangerous
device are and which device admin has to pay more attention. To
solve this query we would make use of time and space based alert
analysis technique that provides a solution in form of attack
graph and its evaluation that provides severity of attack to
administrator.
Problems from the inside of an organization’s perimeters are a significant threat, since it is very difficult to
differentiate them from outside activity. In this dissertation, evaluate an insider threat detection motto on
its ability to detect different type of scenarios that have not previously been identify or contemplated by the
developers of the system. We show the ability to detect a large variety of insider threat scenario instances
We report results of an ensemble-based, unsupervised technique for detecting potential insider threat,
insider threat scenarios that robustly achieves results. We explore factors that contribute to the success of
the ensemble method, such as the number and variety of unsupervised detectors and the use of existing
knowledge encoded in scenario based detectors made for different known activity patterns. We report
results over the entire period of the ensemble approach and of ablation experiments that remove the
scenario-based detectors.
X-ware: a proof of concept malware utilizing artificial intelligenceIJECEIAES
Recent years have witnessed a dramatic growth in utilizing computational intelligence techniques for various domains. Coherently, malicious actors are expected to utilize these techniques against current security solutions. Despite the importance of these new potential threats, there remains a paucity of evidence on leveraging these research literature techniques. This article investigates the possibility of combining artificial neural networks and swarm intelligence to generate a new type of malware. We successfully created a proof of concept malware named X-ware, which we tested against the Windows-based systems. Developing this proof of concept may allow us to identify this potential threat’s characteristics for developing mitigation methods in the future. Furthermore, a method for recording the virus’s behavior and propagation throughout a file system is presented. The proposed virus prototype acts as a swarm system with a neural network-integrated for operations. The virus’s behavioral data is recorded and shown under a complex network format to describe the behavior and communication of the swarm. This paper has demonstrated that malware strengthened with computational intelligence is a credible threat. We envisage that our study can be utilized to assist current and future security researchers to help in implementing more effective countermeasures.
Detecting network attacks model based on a convolutional neural network IJECEIAES
Due to the increasing use of networks at present, Internet systems have raised many security problems, and statistics indicate that the rate of attacks or intrusions has increased excessively annually, and in the event of any malicious attack on network vulnerabilities or information systems, it may lead to serious disasters, violating policies on network security, i.e., “confidentiality, integrity, and availability” (CIA). Therefore, many detection systems, such as the intrusion detection system, appeared. In this paper, we built a system that detects network attacks using the latest machine learning algorithms and a convolutional neural network based on a dataset of the CSE-CIC-IDS2018. It is a recent dataset that contains a set of common and recent attacks. The detection rate is 99.7%, distinguishing between aggressive attacks and natural assertiveness.
CYBERSECURITY INFRASTRUCTURE AND SECURITY AUTOMATIONacijjournal
AI-based security systems utilize big data and powerful machine learning algorithms to automate the security management task. The case study methodology is used to examine the effectiveness of AI-enabled security solutions. The result shows that compared with the signature-based system, AI-supported security applications are efficient, accurate, and reliable. This is because the systems are capable of reviewing and correlating large volumes of data to facilitate the detection and response to threats.
CYBERSECURITY INFRASTRUCTURE AND SECURITY AUTOMATIONacijjournal
AI-based security systems utilize big data and powerful machine learning algorithms to automate the security management task. The case study methodology is used to examine the effectiveness of AI-enabled security solutions. The result shows that compared with the signature-based system, AI-supported security applications are efficient, accurate, and reliable. This is because the systems are capable of reviewing and correlating large volumes of data to facilitate the detection and response to threats.
Developing an Artificial Immune Model for Cash Fraud Detection khawla Osama
Document from thesis done by Bsc students as graduation research , to develop a model that detect a cash card fraud base on the cash card holder pattern ,the technique used to detect fraud inspired from immune system
Similar to Vulnerabilities of Fingerprint Authentication Systems and Their Securities (20)
Welcome to WIPAC Monthly the magazine brought to you by the LinkedIn Group Water Industry Process Automation & Control.
In this month's edition, along with this month's industry news to celebrate the 13 years since the group was created we have articles including
A case study of the used of Advanced Process Control at the Wastewater Treatment works at Lleida in Spain
A look back on an article on smart wastewater networks in order to see how the industry has measured up in the interim around the adoption of Digital Transformation in the Water Industry.
Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)MdTanvirMahtab2
This presentation is about the working procedure of Shahjalal Fertilizer Company Limited (SFCL). A Govt. owned Company of Bangladesh Chemical Industries Corporation under Ministry of Industries.
About
Indigenized remote control interface card suitable for MAFI system CCR equipment. Compatible for IDM8000 CCR. Backplane mounted serial and TCP/Ethernet communication module for CCR remote access. IDM 8000 CCR remote control on serial and TCP protocol.
• Remote control: Parallel or serial interface.
• Compatible with MAFI CCR system.
• Compatible with IDM8000 CCR.
• Compatible with Backplane mount serial communication.
• Compatible with commercial and Defence aviation CCR system.
• Remote control system for accessing CCR and allied system over serial or TCP.
• Indigenized local Support/presence in India.
• Easy in configuration using DIP switches.
Technical Specifications
Indigenized remote control interface card suitable for MAFI system CCR equipment. Compatible for IDM8000 CCR. Backplane mounted serial and TCP/Ethernet communication module for CCR remote access. IDM 8000 CCR remote control on serial and TCP protocol.
Key Features
Indigenized remote control interface card suitable for MAFI system CCR equipment. Compatible for IDM8000 CCR. Backplane mounted serial and TCP/Ethernet communication module for CCR remote access. IDM 8000 CCR remote control on serial and TCP protocol.
• Remote control: Parallel or serial interface
• Compatible with MAFI CCR system
• Copatiable with IDM8000 CCR
• Compatible with Backplane mount serial communication.
• Compatible with commercial and Defence aviation CCR system.
• Remote control system for accessing CCR and allied system over serial or TCP.
• Indigenized local Support/presence in India.
Application
• Remote control: Parallel or serial interface.
• Compatible with MAFI CCR system.
• Compatible with IDM8000 CCR.
• Compatible with Backplane mount serial communication.
• Compatible with commercial and Defence aviation CCR system.
• Remote control system for accessing CCR and allied system over serial or TCP.
• Indigenized local Support/presence in India.
• Easy in configuration using DIP switches.
CFD Simulation of By-pass Flow in a HRSG module by R&R Consult.pptxR&R Consult
CFD analysis is incredibly effective at solving mysteries and improving the performance of complex systems!
Here's a great example: At a large natural gas-fired power plant, where they use waste heat to generate steam and energy, they were puzzled that their boiler wasn't producing as much steam as expected.
R&R and Tetra Engineering Group Inc. were asked to solve the issue with reduced steam production.
An inspection had shown that a significant amount of hot flue gas was bypassing the boiler tubes, where the heat was supposed to be transferred.
R&R Consult conducted a CFD analysis, which revealed that 6.3% of the flue gas was bypassing the boiler tubes without transferring heat. The analysis also showed that the flue gas was instead being directed along the sides of the boiler and between the modules that were supposed to capture the heat. This was the cause of the reduced performance.
Based on our results, Tetra Engineering installed covering plates to reduce the bypass flow. This improved the boiler's performance and increased electricity production.
It is always satisfying when we can help solve complex challenges like this. Do your systems also need a check-up or optimization? Give us a call!
Work done in cooperation with James Malloy and David Moelling from Tetra Engineering.
More examples of our work https://www.r-r-consult.dk/en/cases-en/
Student information management system project report ii.pdfKamal Acharya
Our project explains about the student management. This project mainly explains the various actions related to student details. This project shows some ease in adding, editing and deleting the student details. It also provides a less time consuming process for viewing, adding, editing and deleting the marks of the students.
Cosmetic shop management system project report.pdfKamal Acharya
Buying new cosmetic products is difficult. It can even be scary for those who have sensitive skin and are prone to skin trouble. The information needed to alleviate this problem is on the back of each product, but it's thought to interpret those ingredient lists unless you have a background in chemistry.
Instead of buying and hoping for the best, we can use data science to help us predict which products may be good fits for us. It includes various function programs to do the above mentioned tasks.
Data file handling has been effectively used in the program.
The automated cosmetic shop management system should deal with the automation of general workflow and administration process of the shop. The main processes of the system focus on customer's request where the system is able to search the most appropriate products and deliver it to the customers. It should help the employees to quickly identify the list of cosmetic product that have reached the minimum quantity and also keep a track of expired date for each cosmetic product. It should help the employees to find the rack number in which the product is placed.It is also Faster and more efficient way.
Final project report on grocery store management system..pdfKamal Acharya
In today’s fast-changing business environment, it’s extremely important to be able to respond to client needs in the most effective and timely manner. If your customers wish to see your business online and have instant access to your products or services.
Online Grocery Store is an e-commerce website, which retails various grocery products. This project allows viewing various products available enables registered users to purchase desired products instantly using Paytm, UPI payment processor (Instant Pay) and also can place order by using Cash on Delivery (Pay Later) option. This project provides an easy access to Administrators and Managers to view orders placed using Pay Later and Instant Pay options.
In order to develop an e-commerce website, a number of Technologies must be studied and understood. These include multi-tiered architecture, server and client-side scripting techniques, implementation technologies, programming language (such as PHP, HTML, CSS, JavaScript) and MySQL relational databases. This is a project with the objective to develop a basic website where a consumer is provided with a shopping cart website and also to know about the technologies used to develop such a website.
This document will discuss each of the underlying technologies to create and implement an e- commerce website.
Vulnerabilities of Fingerprint Authentication Systems and Their Securities
1. Vulnerabilities of Fingerprint Authentication Systems
and Their Securities
Tanjarul Islam Mishu
MS Research Student, Dept. of Computer Science & Engineering
Jatiya Kabi Kazi Nazrul Islam University
Mymensingh, Bangladesh
Email: tanjarul26@gmail.com
Dr. Md. Mijanur Rahman
Associate Professor, Dept. of Computer Science & Engineering
Jatiya Kabi Kazi Nazrul Islam University
Mymensingh, Bangladesh
Email: mijanjkkniu@gmail.com
Abstract—The security of biometric fingerprint is a big
challenge now-a-days, as it has world-wide acceptance.
Compromised fingerprint templates may raise terrible threats
to its owner. Because of the vulnerabilities of fingerprint
authentication system, security issues about fingerprint have
been a matter of great concern. This study summarizes the
vulnerabilities of fingerprint authentication system and
highlights the type of securities available against those
challenges. It includes much classified knowledge about
security of fingerprint template. This work is an endeavor to
provide a compact knowledge to the research community
about the security issues regarding fingerprint authentication
system.
Keywords: Attacks; Vulnerabilities; Cryptosystems;
Fingerprint Templates; Template Security.
I. INTRODUCTION
Fingerprint authentication system is very popular all
over the world because of its uniqueness, usability,
reliability etc. It has wide application areas such as border
control, airports, business, healthcare, logical access
systems, criminal detection, security management, smart
phones etc. So, the security of this area is a matter of great
concern. Because, the system is vulnerable to several
attacks. Ratha[1] presented a model for possible attacks on a
biometric system. The model introduced varieties of
vulnerable points of the system. This work will focus on the
points mentioned in the model. The motive of the present
study is to detect different kinds of attacks on each point of
this sophisticated model and also to identify the existing
security techniques to protect against such kind of the
attacks. Although several studies have been done over the
attacks and the security approaches, most of them focused
on attacks and solutions separately. Very few of them are on
both but they are not sufficient. They didn’t expose some
existing rare solutions. This study will depict the whole
scenario of attacks on entire system and securities against
the attacks existing now.
This paper is organized as follows. There are eight
subsections in Section 2. Each subsection firstly introduces
the attacks followed by the solutions against the attacks. As
template database attacks contain rich data, Section 2.6 is
divided into two parts. Finally, the conclusion is drawn in
Section 3.
II. TYPES OF ATTACKS ON FINGERPRINT SYSTEM
Ratha et al. [1] and Anil et al. [2] showed eight points of
attack in a biometric system (see Figure-1). Each point and
its attacks and regarding solutions has been explained in the
following subsections.
A. Fake Biometric
A fake or artificial fingerprint, called spoof, is given to
the scanner to get access to the system. The scanner remains
unable to distinguish between fake and genuine traits. So,
the intruder easily gets access to the system. [2] Putte and
Keuning [3] created dummy fingerprint with and without the
co-operation of the owner and tested on several sensors.
They showed a result that almost every sensor accepted the
dummy fingerprint as real at first attempt. Matsumoto et al.
[4] experimented gummy (fake) fingers on 11 types of
different fingerprint system. In their experiment, about 68-
100% gummy fingers were accepted by the system in their
verification procedure. They also showed following ways
how an attacker may deceive the system at scanner.
Sensor
Feature
Extraction
Matcher
Application
Devices
Stored
Templates
1 2
3
4
8
5
7
6
Override Feature
Extractor
Override
Matcher
Database-Matcher Channel
Accept
or
Reject
Fake
Biometric
Replay Synthesized
Feature Set
Override Final
Decision
Template Database Attack
Figure 1. Points of attack in a biometric System
International Journal of Computer Science and Information Security (IJCSIS),
Vol. 16, No. 3, March 2018
99 https://sites.google.com/site/ijcsis/
ISSN 1947-5500
2. .
(i) Fingerprints Known to System
The actual registered finger is presented at the scanner
by evil way such as external force by the criminals, using
the fingerprints when user sleeping etc.
(ii) Fingerprints Unknown to System
If the imposter can know about the category of actual
fingerprint (whorls, arches, loops etc), he may use the
similar fingerprints unknown to system. Though it is almost
impossible, it may harm the systems which are developed on
the basis of insufficient features of fingerprint. It may
effects on False Acceptance Rate (FAR) of the system. So,
the authentication should be based on sufficient features.
(iii) Severed Known Fingerprints
It is similar to the known fingerprint mentioned earlier.
But, it is a horrible attack done by a criminal to severe the
fingerprint from the real user’s hand. To be protected, we
should detect is the finger alive or not.
(iv) Genetic Clone of Known Fingerprints
Identical twins do not have same fingerprints. Because,
the patterns of fingerprint are determined by the genetic
mechanism and the nerve growth. So, they are not same but
still very close. So, a genetic clone may be tried to deceive
the system. To be protected from this kind of threats, we
should keep tracking a genetic engineering on possibility of
creating clones.
(v) Artificial Clone of Known Fingerprints
The attacker can make a 3D printed fingerprint or can
make a mold of the known finger by which an artificial
finger can be produced.
(vi) Printed Image of Known Fingerprints
This is very similar to the previous one. By the help of
spraying some materials on the surface of the scanner to feel
like actual finger, imposter can use printed image of
fingerprint.
Liveliness detection can be solution to fake biometric
traits. There are two separate methods, such as, passive
(non-stimulating) and active (stimulating) automated
liveliness detection methods [5]. Generally, passive
detection techniques make use of biometric probes recorded
through a biometric sensor such as pulse measurement,
temperature measurement, active sweat pores detection, skin
resistance detection, electrical conductivity etc.[16] Active
detection techniques normally require additional interactions
that should requested using challenge response procedures.
The different challenge response approaches can be used
such as request of different fingers in random order.
B. Replay Attack
After acquisition of raw biometric data, it sends the raw
data (e.g. fingerprint raw image) to the feature extraction
module. The imposter steals the biometric trait raw data by
seizing the channel and stores the trait. The imposter can
reply the previously stored biometric trait to the feature
extraction module to bypass the sensor. Fingerprint images
are sent over channel usually compressed using WSQ.
Because of the open compression standard, transmitting a
WSQ compressed image over the Internet is not particularly
secure. If the image can be seized, it can be decompressed
easily which can cause Replay Old Data [1].
Data hiding techniques such as steganography can be
applied when the raw image is sent to feature extractor.
C. Override Feature Extractor
The hackers, by Trojan Horse, take control over the
feature extractor to produces feature sets as they wishes [1].
When installing or updating programs in a device it
should be verified and should be aware of using third party
programs.
D. Synthesized Feature Set
If the imposter can intercept the channel between the
feature extraction module and matcher, he can replace the
original set with a different synthesized feature set
(assuming the representation is known to imposter) [1].
Insecure communication channel may face the ‘Hill
Climbing Attack’ [2].
Hill Climbing Attack
Uludag & Anil have developed an attacked for minutiae
base fingerprint authentication system [6]. The location (c,
r) and orientation Ɵ of minutiae points has been used by the
attack. The system will works as the attackers knows the
format of templates but not the information of templates. It
uses the match score returned by the matcher and tries to
generate minutiae set that results in successfully high
matching score to be positive in identification. Figure-2
describes the Hill Climbing attack.
refers to the database template corresponding to user i
, i =1, 2,3,....N , where N is the total number of user. is
Synthetic Template
Generator
Attack Module
Fingerprint
Matcher
Application
Devices
To Other
Modules
T S( , T )
Attacking System Target System
Figure 2. Block Diagram of Hill Climbing Attack
International Journal of Computer Science and Information Security (IJCSIS),
Vol. 16, No. 3, March 2018
100 https://sites.google.com/site/ijcsis/
ISSN 1947-5500
3. .
the total number of minutiae in . T is the synthetic
template generated by the attacking system for user i .
S( , T ) is the matching score between and T .
refers to the decision threshold used by the
matcher. Note that the attacking system does not know this
value.
At the beginning of the attack, it generates several
synthetic templates. Then begins attack with these templates
and accumulate the matching scores returned by the
matcher. It chooses the template having highest matching
score. Then tries modification (perturbing, adding, replacing
or deleting of minutiae) to get larger match score and
chooses the larger one as the best template T . This
modification continues until the matcher accept the current
best score where ( ) > .
To be safe from hill climbing attack, we can add some
extra features in the matcher of authentication system. These
may include-
i) tracking the number of failures within specific
time.
ii) limiting the number of tries within specific time.
E. Override Matcher
The hackers replace the matcher by a Trojan horse
program that generates very high or low matching scores as
the hackers want, regardless of original scores [1].
The Matcher is also a program like feature extractor.
Attacks to this point can be solved in the similar way as
feature extractor described in section 2.3.
F. Template Database Attack
(i) Type of Attacks
The template databases can lead to three kinds of threats
[3] as describe below.
a. Template Replaced by The Imposter’s Template
The imposter can replace the original template with new
one to gain the unauthorized access to the system whenever
he wants like an authorized user.
b. Masquerade/Physical Spoof Created from
Templates
Minutiae information is unique to each individual. The
view of non-reconstruction was dominant in the biometrics
communities, until some recent researches. Over last few
years, some works were done that showed that a fingerprint
image can be reconstructed from a minutiae template. The
fingerprint image reconstructed from the minutiae template,
known as a “masquerade” image since it is not an exact
copy of the original image, will likely fool the system when
it is submitted [7]. In 2007, Cappelli at al [8] did some
amazing experiments. The authors analyzed the ISO/IEC
19794-2 minutiae standard template. They took different
ways of test. In one experiment, they used basic minutiae
information only (i.e. positions x, positions y, and
directions). In another test, they also used optional
information: minutiae types, Core and Delta data, and
proprietary data (the ridge orientation field in this case. In
their experiments, nine different systems were tested and the
average percentage of successful attacks was 81% at a high
security level and 90% at a medium security level. Image
Reconstruction with points of attack in fingerprint is shown
in figure-3. Masquerade can be very threatening fact to the
owner. Because, hackers may track the owner where he/she
is using the fingerprint. They may hack bank accounts and
other secured accesses. They may use the masquerade to
databases at other organizations to get unauthorized access,
though they use different templates and algorithms, called
Cross-Matching.
c. Stolen Templates
Imposter can steal the template and replay that on
matcher. The stolen template can be used as synthesized
feature set.
(ii) Template Protection Techniques
All the template protection techniques can be
categorized in two major categories, such as, (a) feature
transformation and (b) biometric cryptosystem. Figure-4
shows a graphical representation of biometric template
protection techniques. Other types of template protection
techniques are water marking [14], steganography [15],
system on card/match on card [2] etc.
a. Feature Transformation
For the protection, the features generated from the input
image are transformed to a new form. It is not kept in real
Masquerade :
Image Reconstruction from Template
Stealing
Templates
Image used by
imposter
Cross-Matching
Sensor
Feature
Extraction
Matcher
Application
Devices
Stored
Templates
1 2
3
4
8
5
7
6
Override Feature
Extractor
Override
Matcher
Database-Matcher
Accept
or
Reject
Fake
Biometric
Replay Synthesized
Feature Set
Override Final
Decision
Template
DB Attack
Figure 3. Image Reconstruction (Masquerade)
from stored templates
International Journal of Computer Science and Information Security (IJCSIS),
Vol. 16, No. 3, March 2018
101 https://sites.google.com/site/ijcsis/
ISSN 1947-5500
4. .
form rather stored in transformed form. The generated
transformed form can be invertible or non-invertible.
1. Invertible Transformation (Bio Hashing)
In invertible feature transformation, the template is
transformed with some parameter of user. At the site of
authentication, the template is inverted again with the secret
parameters. The scheme can’t provide high security without
the secret transformation. Because if the secret
key(transformation parameters) is compromised with
imposters, they can revert the template. So, the key should
be secured enough.[17]
2. Non-invertible Transformation (Cancellable
Biometrics)
Cancellable biometrics scheme is an intentional and
systematic repeatable distortion of biometric template data
with the purpose of protecting it under transformational-
based biometric template security. In the verification site,
the query image is transformed in same the manner, then
compared. In the concept of cancellable transformation, a
transformed template can be cancelled and re-issued by
changing transformation parameters if problem issued [9].
b. Biometric Cryptosystems
Cryptosystem technique on biometric data is called
biometric cryptosystem where a key (or keys) is used to
encrypt the biometric data. The key can be generated from
biometric data itself or from an external data. At the
matcher, the key is used to decrypt the biometric data.
Observing the literature, we divide Biometric
Cryptosystems into two major parts: Key Generation or Key
Binding.
1. Key Generation
At the time of enrolment, a unique key is chosen from
the features extracted from the fingerprint. This key is not
stored in the database [10].
A Secure Sketch reliably reproduces the biometric secret
without leaking any information. It works in two phases:
Generation & Reconstruction. It takes biometric data as
input and creates a sketch of that data. Later, at
reconstruction, the generated sketch and the data sufficiently
similar (query image) to original the input data are given.
Then, it reproduces the original input data. Thus, it can be
used to reliably reproduce error-prone biometric inputs
without incurring the security risk inherent in storing them
[11].
Fuzzy Extractor reliably extracts almost uniform
randomness R from its input. It is error-tolerant because if
we change deliver different template from same finger, R
will not change. The resultant R is almost similar to the
original R. This R is used as a key in cryptographic
application [9].
2. Key Binding
In key binding, cryptographic key is tightly bound with
the biometric template so that it cannot be released without a
successful biometric authentication and without accessing
template directly [12]. The key Binding can be categorized
as Fuzzy Vault and Fuzzy Commitment.
Fuzzy Vault is first introduced by Juels and Sudan [13]
as a cryptographic construct. There are used two set of
points : fuzzy unsorted points and chaff points. The unsorted
Live-ness
Detection
Data
Transmission
Security
Techniques
Secure
Installation &
Updating of
Programs
Template
Protection
Techniques
Attack Resistance
Techniques
Point 1 Point 2,4,7,8 Point 3,5 Point 6
Feature
Transformation
Invertible
Bio-
hashing
Non-
invertible
Cancellable
Biometrics
Key
Generation
Secure
Sketches &
Fuzzy
Key Binding
Fuzzy Vault
& Fuzzy
Commitment
Others
Watermarking Steganography
Match on Card
(For small
applications)
Figure 4. Attacks and Solutions on Fingerprint Authentication
System.
Biometric
Cryptosystems
International Journal of Computer Science and Information Security (IJCSIS),
Vol. 16, No. 3, March 2018
102 https://sites.google.com/site/ijcsis/
ISSN 1947-5500
5. .
data set is taken from biometric data. Meenakshi[11]
explained the fuzzy vault with biometric system. In fuzzy
vault framework, the secret key S is locked by G, where G is
an unordered set from the biometric sample. A polynomial P
is constructed by encoding the secret S. This polynomial is
evaluated by all the elements of the unordered set G. A vault
V is constructed by the union of unordered set G and chaff
point set C which is not in G. The vault, V = G U C. The
union of the chaff point set hides the genuine point set from
the attacker. Hiding the genuine point set secures the secret
data S and user biometric template T. The vault is unlocked
with the query template T’. T’ is represented by another
unordered set U’. The user has to separate sufficient number
of points from the vault V by comparing U’ with V. By
using error correction method, the polynomial P can be
successfully reconstructed if U’ overlaps with U and secret
S gets decoded. If there is not substantial overlapping
between U and U’ secret key S is not decoded. This
construct is called fuzzy because the vault will get decoded
even for very close values of U and U’ and the secret key S
can be retrieved. Therefore fuzzy vault construct becomes
more appropriate for biometric data which possesses
inherent fuzziness.
A Fuzzy Commitment scheme is one where a uniformly
random key of length 1 bits (Binary vector) is generated and
used to exclusively index an nbit codeword of suitable error
correcting code where the sketch extracted from the
biometric template is stored in a database [9].
G. Database-Matcher Channel Attack
On this type of attack, the stored templates coming from
database is being modified before reaching to matcher. So,
the matcher gets modified templates.
Maintaining secure data transmission can solve the
problem. Different error detection techniques such as parity
check, checksum, cyclic redundancy checks can be used to
identify the transmitted template is modified or not.[18]
H. Override Final Decision
Final result coming from the matcher is modified by the
imposters. It changes the original decision (accept/reject) by
changing the match scores.
Sending the result through a trusted channel and using a
secure delivery can be used to get the correct result.
III. CONCLUSION
This study conveys a prominent analysis on the
vulnerabilities of Fingerprint Authentication System of each
point of the model and shows the effective security system
existing now. This work brings vulnerabilities and
securities, compacted together, of fingerprint authentication
system. Different types of attack such as fake biometric,
replay data, synthesized feature set and template database
have been explained about how they occur. The paper also
contains the prevention techniques against the
corresponding attacks. As the template database is very
sensitive part of the system, its protection techniques are
have been analyzed with high significance. This paper even
shows very small attempts taken such as match on card for
the security of fingerprint template. In the analysis, it has
been learnt that attack on template is very severe. If the
templates are compromised, the security of their owner will
be violated. So, template security requires more attention of
research authority. Though several types of work have been
done on the template security, they are not able to satisfy all
the requirements such as recoverability, security, privacy,
high matching accuracy etc. So, our next work is to generate
an efficient template security scheme.
REFERENCES
[1] Ratha, Nalini K., Jonathan H. Connell, and Ruud M. Bolle. “An
analysis of minutiae matching strength.” International Conference on
Audio-and Video-Based Biometric Person Authentication. Springer
Berlin Heidelberg, 2001.
[2] Jain, Anil K., Karthik Nandakumar, and Abhishek Nagar. “Biometric
template security.” EURASIP Journal on Advances in Signal
Processing 2008 (2008): 113.
[3] T. Putte and J. Keuning, “Biometrical fingerprint recognition: don’t
get your fingers burned”, Proc. IFIP TC8/WG8.8, Fourth Working
Conf. Smart Card Research and Adv. App., pp. 289-303, 2000.
[4] Tsutomu Matsumoto, Hiroyuki Matsumoto, Koji Yamada, Satoshi
Hoshino. “Impact of artificial ‘gummy’ fingers on fingerprint
systems.” Proc. SPIE 4677, Optical Security and Counterfeit
Deterrence Techniques IV, April 2002.
[5] Rogmann, Nils, and Maximilian Krieg. “Liveness Detection in
Biometrics.” Biometrics Special Interest Group (BIOSIG),
International Conference of the. IEEE, 2015.
[6] Uludag, Umut, and Anil K. Jain. “Attacks on biometric systems: a
case study in fingerprints.” Proceedings of SPIE. Vol. 5306. 2004.
[7] “Fingerprint Biometrics: Address Privacy Before Deployment.”
https://www.ipc.on.ca/wp-content/uploads/2008/11/fingerprint-
biosys-priv.pdf, 2008.
[8] Cappelli, Raffaele, Dario Maio, Alessandra Lumini, and Davide
Maltoni. “Fingerprint image reconstruction from standard templates.”
IEEE transactions on pattern analysis and machine intelligence 29,
No.9. 2007.
[9] Mwema, Joseph, S. Kimani, and M. Kimwele. “A Simple Review of
Biometric Template Protection Schemes Used in Preventing
Adversary Attacks on Biometric Fingerprint Templates.”
International Journal of Computer Trends and Technology 20.1
(2015): 12-18.
[10] Khandelwal, Sarika, P. C. Gupta, and Khushboo Mantri. “Survey of
Threats to the Biometric Authentication Systems and Solutions.”
International Journal of Computer Applications 61.17. 2013.
[11] Meenakshi VS, “Secure And Revocable Biometric Template Using
Fuzzy Vault For Fingerprint, Iris And Retina.” A Thesis Submitted
To Avinashilingam Deemed University For Women Coimbatore –
641043, 2010.
[12] Huixian, Li, et al. “Key binding based on biometric shielding
functions.” Information Assurance and Security. IAS'09. Fifth
International Conference on. Vol.1. IEEE, 2009.
[13] Juels, Ari, and Madhu Sudan. “A fuzzy vault scheme.” Designs,
Codes and Cryptography 38.2 (2006): 237-257.
[14] Patel, Monika, and Priti Srinivas Sajja. “The Significant Impact of
Biometric Watermark for Providing Image Security using DWT based
Alpha Blending Watermarking Technique.”
[15] Rubal Jain and Chander Kant. “Attacks on Biometric Systems: An
Overview.” International Journal of Advances in Scientific Research
2015; 1(07): 283-288.
International Journal of Computer Science and Information Security (IJCSIS),
Vol. 16, No. 3, March 2018
103 https://sites.google.com/site/ijcsis/
ISSN 1947-5500
6. .
[16] M. Villa and A. Verma. "Fingerprint Recognition," in Biometrics in a
Data Driven World: Trends, Technologies, and Challenges, M.
Gofman and S. Mitra Eds., CRC Press, USA, pp. 265-281, 2017.
[17] Ramu, T., and T. Arivoli. "Biometric Template Security: An
Overview." Proceedings of International Conference on Electronics.
Vol. 65. 2012.
[18] Siwach, Ajay, Sunil Malhotra, and Ravi Shankar. "Analysis of
Different Error Detection Schemes over OFDM Signal." International
Journal of Engineering Trends and Technology- Volume4 Issue4-
2013
AUTHORS PROFILE
Tanjarul Islam Mishu received his B.Sc. (Engg.) in
Computer Science and Engineering from Jatiya Kabi
Kazi Nazrul Islam University, Mymensingh,
Bangladesh in 2016. Currently, he is student in
M.Sc. of the institute. His research interest is focused
on Biometrics Systems, Pattern Recognition, Image
Processing, and Data Mining.
Dr. Md. Mijanur Rahman is a faculty member of
the Dept. of Computer Science and Engineering,
Jatiya Kabi Kazi Nazrul Islam University, Trishal,
Mymensingh, Bangladesh, since April 2008 (very
beginning of the university). Now, Dr. Rahman is
working as an Associate Professor of the CSE
department. He also served as Lecturer and Assistant Professor in
the same department. He served before as an Instructor (Tech)
Computer in Govt. Polytechnic Institute from December 2005 to
April 2008. Dr. Rahman obtained his B. Sc. (Hons) and M. Sc.
degree both with first class first in CSE from Islamic University,
Kushtia, Bangladesh. He also obtained his PhD degree in
Computer Science and Engineering from Jahangirnagar University,
Savar, Dhaka, Bangladesh in August 2014. His teaching and
research interest lies in the areas such as Digital Signal Processing,
Digital Speech Processing, Biometric Technology, Pattern
Recognition, etc. Many of his research papers have been published
in both national and international journals.
International Journal of Computer Science and Information Security (IJCSIS),
Vol. 16, No. 3, March 2018
104 https://sites.google.com/site/ijcsis/
ISSN 1947-5500