32,952 research outputs found

    Challenges of Multi-Factor Authentication for Securing Advanced IoT (A-IoT) Applications

    Full text link
    The unprecedented proliferation of smart devices together with novel communication, computing, and control technologies have paved the way for the Advanced Internet of Things~(A-IoT). This development involves new categories of capable devices, such as high-end wearables, smart vehicles, and consumer drones aiming to enable efficient and collaborative utilization within the Smart City paradigm. While massive deployments of these objects may enrich people's lives, unauthorized access to the said equipment is potentially dangerous. Hence, highly-secure human authentication mechanisms have to be designed. At the same time, human beings desire comfortable interaction with their owned devices on a daily basis, thus demanding the authentication procedures to be seamless and user-friendly, mindful of the contemporary urban dynamics. In response to these unique challenges, this work advocates for the adoption of multi-factor authentication for A-IoT, such that multiple heterogeneous methods - both well-established and emerging - are combined intelligently to grant or deny access reliably. We thus discuss the pros and cons of various solutions as well as introduce tools to combine the authentication factors, with an emphasis on challenging Smart City environments. We finally outline the open questions to shape future research efforts in this emerging field.Comment: 7 pages, 4 figures, 2 tables. The work has been accepted for publication in IEEE Network, 2019. Copyright may be transferred without notice, after which this version may no longer be accessibl

    Critical success factors for preventing E-banking fraud

    Get PDF
    E-Banking fraud is an issue being experienced globally and is continuing to prove costly to both banks and customers. Frauds in e-banking services occur as a result of various compromises in security ranging from weak authentication systems to insufficient internal controls. Lack of research in this area is problematic for practitioners so there is need to conduct research to help improve security and prevent stakeholders from losing confidence in the system. The purpose of this paper is to understand factors that could be critical in strengthening fraud prevention systems in electronic banking. The paper reviews relevant literatures to help identify potential critical success factors of frauds prevention in e-banking. Our findings show that beyond technology, there are other factors that need to be considered such as internal controls, customer education and staff education etc. These findings will help assist banks and regulators with information on specific areas that should be addressed to build on their existing fraud prevention systems

    A Fingerprint Matching Model using Unsupervised Learning Approach

    Get PDF
    The increase in the number of interconnected information systems and networks to the Internet has led to an increase in different security threats and violations such as unauthorised remote access. The existing network technologies and communication protocols are not well designed to deal with such problems. The recent explosive development in the Internet allowed unwelcomed visitors to gain access to private information and various resources such as financial institutions, hospitals, airports ... etc. Those resources comprise critical-mission systems and information which rely on certain techniques to achieve effective security. With the increasing use of IT technologies for managing information, there is a need for stronger authentication mechanisms such as biometrics which is expected to take over many of traditional authentication and identification solutions. Providing appropriate authentication and identification mechanisms such as biometrics not only ensures that the right users have access to resources and giving them the right privileges, but enables cybercrime forensics specialists to gather useful evidence whenever needed. Also, critical-mission resources and applications require mechanisms to detect when legitimate users try to misuse their privileges; certainly biometrics helps to provide such services. This paper investigates the field of biometrics as one of the recent developed mechanisms for user authentication and evidence gathering despite its limitations. A biometric-based solution model is proposed using various statistical-based unsupervised learning approaches for fingerprint matching. The proposed matching algorithm is based on three various similarity measures, Cosine similarity measure, Manhattan distance measure and Chebyshev distance measure. In this paper, we introduce a model which uses those similarity measures to compute a fingerprint’s matching factor. The calculated matching factor is based on a certain threshold value which could be used by a forensic specialist for deciding whether a suspicious user is actually the person who claims to be or not. A freely available fingerprint biometric SDK has been used to develop and implement the suggested algorithm. The major findings of the experiments showed promising and interesting results in terms of the performance of all the proposed similarity measures.Final Accepted Versio

    An Evaluation of Score Level Fusion Approaches for Fingerprint and Finger-vein Biometrics

    Get PDF
    Biometric systems have to address many requirements, such as large population coverage, demographic diversity, varied deployment environment, as well as practical aspects like performance and spoofing attacks. Traditional unimodal biometric systems do not fully meet the aforementioned requirements making them vulnerable and susceptible to different types of attacks. In response to that, modern biometric systems combine multiple biometric modalities at different fusion levels. The fused score is decisive to classify an unknown user as a genuine or impostor. In this paper, we evaluate combinations of score normalization and fusion techniques using two modalities (fingerprint and finger-vein) with the goal of identifying which one achieves better improvement rate over traditional unimodal biometric systems. The individual scores obtained from finger-veins and fingerprints are combined at score level using three score normalization techniques (min-max, z-score, hyperbolic tangent) and four score fusion approaches (minimum score, maximum score, simple sum, user weighting). The experimental results proved that the combination of hyperbolic tangent score normalization technique with the simple sum fusion approach achieve the best improvement rate of 99.98%.Comment: 10 pages, 5 figures, 3 tables, conference, NISK 201

    Authenticity and Admissibility of Social Media Website Printouts

    Get PDF
    Social media posts and photographs are increasingly denied admission as evidence in criminal trials. Courts often cite issues with authentication when refusing to admit social media evidence. Cases and academic writings separate recent case law into two approaches: The Maryland Approach and the Texas Approach. The first method is often seen as overly skeptical of social media evidence, setting the bar too high for admissibility. The second approach is viewed as more lenient, declaring that any reasonable evidence should be admitted in order for a jury to weigh its sufficiency. This Brief addresses the supposed differences between the two sets of cases and suggests that courts are not actually employing two distinct approaches. The Maryland Approach courts are not holding social media content to a higher standard than the Texas Approach courts, but are merely responding to a lack of evidence connecting the proffered content to the purported author

    Providing Physical Layer Security for Mission Critical Machine Type Communication

    Full text link
    The design of wireless systems for Mission Critical Machine Type Communication (MC-MTC) is currently a hot research topic. Wireless systems are considered to provide numerous advantages over wired systems in industrial applications for example. However, due to the broadcast nature of the wireless channel, such systems are prone to a wide range of cyber attacks. These range from passive eavesdropping attacks to active attacks like data manipulation or masquerade attacks. Therefore it is necessary to provide reliable and efficient security mechanisms. One of the most important security issue in such a system is to ensure integrity as well as authenticity of exchanged messages over the air between communicating devices in order to prohibit active attacks. In the present work, an approach on how to achieve this goal in MC-MTC systems based on Physical Layer Security (PHYSEC), especially a new method based on keeping track of channel variations, will be presented and a proof-of-concept evaluation is given
    • …
    corecore