The Impact of Pressure on the Fingerprint Impression: Presentation Attack Detection Scheme

This article belongs to the Special Issue Biometric Identification Systems: Recent Advances and Future Directions.Fingerprint recognition systems have been widely deployed in authentication and verification applications, ranging from personal smartphones to border control systems. Recently, the biometric society has raised concerns about presentation attacks that aim to manipulate the biometric system’s final decision by presenting artificial fingerprint traits to the sensor. In this paper, we propose a presentation attack detection scheme that exploits the natural fingerprint phenomena, and analyzes the dynamic variation of a fingerprint’s impression when the user applies additional pressure during the presentation. For that purpose, we collected a novel dynamic dataset with an instructed acquisition scenario. Two sensing technologies are used in the data collection, thermal and optical. Additionally, we collected attack presentations using seven presentation attack instrument species considering the same acquisition circumstances. The proposed mechanism is evaluated following the directives of the standard ISO/IEC 30107. The comparison between ordinary and pressure presentations shows higher accuracy and generalizability for the latter. The proposed approach demonstrates efficient capability of detecting presentation attacks with low bona fide presentation classification error rate (BPCER) where BPCER is 0% for an optical sensor and 1.66% for a thermal sensor at 5% attack presentation classification error rate (APCER) for both.This work was supported by the European Union’s Horizon 2020 for Research and Innovation Program under Grant 675087 (AMBER).Publicad

Analyzing the vulnerability of wireless sensor networks to a malicious matched protocol attack

Safety critical, Internet of Things (IoT) and space-based applications have recently begun to adopt wireless networks based on commercial off the shelf (COTS) devices and standardized protocols, which inherently establishes the security challenge of malicious intrusions. Malicious intrusions can cause severe consequences if undetected, including, complete denial of services. Particularly, any safety critical application requires all services to operate correctly, as any loss can be detrimental to safety and/or privacy. Therefore, in order for these safety critical services to remain operational and available, any and all intrusions need to be detected and mitigated. Whilst intrusion detection is not a new research area, new vulnerabilities in wireless networks, especially wireless sensor networks (WSNs), can be identified. In this paper, a specific vulnerability of WSNs is explored, termed here the matched protocol attack. This malicious attack uses protocol-specific structures to compromise a network using that protocol. Through attack exploration, this paper provides evidence that traditional spectral techniques are not sufficient to detect an intrusion using this style of attack. Furthermore, a ZigBee cluster head network, which co-exists with ISM band services, consisting of XBee COTS devices is utilized, along with a real time spectrum analyzer, to experimentally evaluate the effect of matched protocol interference on a realistic network model. Results of this evaluation are provided in terms of device errors and spectrum use. This malicious challenge is also examined through Monte-Carlo simulations. A potential detection technique, based on coarse inter-node distance measurements, which can theoretically be used to detect matched protocol interference and localize the origin of the source, is also suggested as a future progression of this work. Insights into how this attack style preys on some of the main security risks of any WSN (interoperability, device limitations and operation in hostile environments) are also provided

Modelling Causal Factors of Unintentional Electromagnetic Emanations Compromising Information Technology Equipment Security †

© 2022 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).Information technology equipment (ITE) processing sensitive information can have its security compromised by unintentional electromagnetic radiation. Appropriately assessing likelihood of a potential compromise relies on radio frequency (RF) engineering expertise—specifically, requiring knowledge of the associated causal factors and their interrelationships. Several factors that can cause unintentional electromagnetic emanations that can lead to the compromise of ITE have been found in the literature. This paper confirms the list of causal factors reported in previous work, categorizes the factors as belonging to threat, vulnerability, or impact, and develops an interpretive structural model of the vulnerability factors. A participatory modelling approach was used consisting of focus groups of RF engineers. The resulting hierarchical structural model shows the relationships between factors and illustrates their relative significance. The paper concludes that the resulting model can motivate a deeper understanding of the structural relationship of the factors that can be incorporated in the RF engineers’ assessment process. Areas of future work are suggested.Peer reviewe

DroidDetectMW: A Hybrid Intelligent Model for Android Malware Detection

Malicious apps specifically aimed at the Android platform have increased in tandem with the proliferation of mobile devices. Malware is now so carefully written that it is difficult to detect. Due to the exponential growth in malware, manual methods of malware are increasingly ineffective. Although prior writers have proposed numerous high-quality approaches, static and dynamic assessments inherently necessitate intricate procedures. The obfuscation methods used by modern malware are incredibly complex and clever. As a result, it cannot be detected using only static malware analysis. As a result, this work presents a hybrid analysis approach, partially tailored for multiple-feature data, for identifying Android malware and classifying malware families to improve Android malware detection and classification. This paper offers a hybrid method that combines static and dynamic malware analysis to give a full view of the threat. Three distinct phases make up the framework proposed in this research. Normalization and feature extraction procedures are used in the first phase of pre-processing. Both static and dynamic features undergo feature selection in the second phase. Two feature selection strategies are proposed to choose the best subset of features to use for both static and dynamic features. The third phase involves applying a newly proposed detection model to classify android apps; this model uses a neural network optimized with an improved version of HHO. Application of binary and multi-class classification is used, with binary classification for benign and malware apps and multi-class classification for detecting malware categories and families. By utilizing the features gleaned from static and dynamic malware analysis, several machine-learning methods are used for malware classification. According to the results of the experiments, the hybrid approach improves the accuracy of detection and classification of Android malware compared to the scenario when considering static and dynamic information separately

An analysis of android malware classification services

The increasing number of Android malware forced antivirus (AV) companies to rely on automated classification techniques to determine the family and class of suspicious samples. The research community relies heavily on such labels to carry out prevalence studies of the threat ecosystem and to build datasets that are used to validate and benchmark novel detection and classification methods. In this work, we carry out an extensive study of the Android malware ecosystem by surveying white papers and reports from 6 key players in the industry, as well as 81 papers from 8 top security conferences, to understand how malware datasets are used by both. We, then, explore the limitations associated with the use of available malware classification services, namely VirusTotal (VT) engines, for determining the family of an Android sample. Using a dataset of 2.47 M Android malware samples, we find that the detection coverage of VT's AVs is generally very low, that the percentage of samples flagged by any 2 AV engines does not go beyond 52%, and that common families between any pair of AV engines is at best 29%. We rely on clustering to determine the extent to which different AV engine pairs agree upon which samples belong to the same family (regardless of the actual family name) and find that there are discrepancies that can introduce noise in automatic label unification schemes. We also observe the usage of generic labels and inconsistencies within the labels of top AV engines, suggesting that their efforts are directed towards accurate detection rather than classification. Our results contribute to a better understanding of the limitations of using Android malware family labels as supplied by common AV engines.This work has been supported by the “Ramon y Cajal” Fellowship RYC-2020-029401

Wrist vascular biometric recognition using a portable contactless system

Human wrist vein biometric recognition is one of the least used vascular biometric modalities. Nevertheless, it has similar usability and is as safe as the two most common vascular variants in the commercial and research worlds: hand palm vein and finger vein modalities. Besides, the wrist vein variant, with wider veins, provides a clearer and better visualization and definition of the unique vein patterns. In this paper, a novel vein wrist non-contact system has been designed, implemented, and tested. For this purpose, a new contactless database has been collected with the software algorithm TGS-CVBR®. The database, called UC3M-CV1, consists of 1200 near-infrared contactless images of 100 different users, collected in two separate sessions, from the wrists of 50 subjects (25 females and 25 males). Environmental light conditions for the different subjects and sessions have been not controlled: different daytimes and different places (outdoor/indoor). The software algorithm created for the recognition task is PIS-CVBR®. The results obtained by combining these three elements, TGS-CVBR®, PIS-CVBR®, and UC3M-CV1 dataset, are compared using two other different wrist contact databases, PUT and UC3M (best value of Equal Error Rate (EER) = 0.08%), taken into account and measured the computing time, demonstrating the viability of obtaining a contactless real-time-processing wrist system.Publicad

A New Concept of Digital Twin Supporting Optimization and Resilience of Factories of the Future

In the context of Industry 4.0, a growing use is being made of simulation-based decision-support tools commonly named Digital Twins. Digital Twins are replicas of the physical manufacturing assets, providing means for the monitoring and control of individual assets. Although extensive research on Digital Twins and their applications has been carried out, the majority of existing approaches are asset specific. Little consideration is made of human factors and interdependencies between different production assets are commonly ignored. In this paper, we address those limitations and propose innovations for cognitive modeling and co-simulation which may unleash novel uses of Digital Twins in Factories of the Future. We introduce a holistic Digital Twin approach, in which the factory is not represented by a set of separated Digital Twins but by a comprehensive modeling and simulation capacity embracing the full manufacturing process including external network dependencies. Furthermore, we introduce novel approaches for integrating models of human behavior and capacities for security testing with Digital Twins and show how the holistic Digital Twin can enable new services for the optimization and resilience of Factories of the Future. To illustrate this approach, we introduce a specific use-case implemented in field of Aerospace System Manufacturing.The present work was developed under the EUREKA–ITEA3 Project CyberFactory#1 (ITEA-17032), co-funded by Project CyberFactory#1PT (ANI|P2020 40124), from FEDER Funds through NORTE2020 program and from National Funds through FCT under the project UID/EEA/00760/2019 and by the Federal Ministry of Education and Research (BMBF, Germany, funding No. 01IS18061C).info:eu-repo/semantics/publishedVersio

Attack Categorisation for IoT Applications in Critical Infrastructures, a Survey

International audienceWith the ever advancing expansion of the Internet of Things (IoT) into our everyday lives, the number of attack possibilities increases. Furthermore, with the incorporation of the IoT into Critical Infrastructure (CI) hardware and applications, the protection of not only the systems but the citizens themselves has become paramount. To do so, specialists must be able to gain a foothold in the ongoing cyber attack war-zone. By organising the various attacks against their systems, these specialists can not only gain a quick overview of what they might expect but also gain knowledge into the specifications of the attacks based on the categorisation method used. This paper presents a glimpse into the area of IoT Critical Infrastructure security as well as an overview and analysis of attack categorisation methodologies in the context of wireless IoT-based Critical Infrastructure applications. We believe this can be a guide to aid further researchers in their choice of adapted categorisation approaches. Indeed, adapting appropriated categorisation leads to a quicker attack detection, identification, and recovery. It is, thus, paramount to have a clear vision of the threat landscapes of a specific system