32,952 research outputs found
Challenges of Multi-Factor Authentication for Securing Advanced IoT (A-IoT) Applications
The unprecedented proliferation of smart devices together with novel
communication, computing, and control technologies have paved the way for the
Advanced Internet of Things~(A-IoT). This development involves new categories
of capable devices, such as high-end wearables, smart vehicles, and consumer
drones aiming to enable efficient and collaborative utilization within the
Smart City paradigm. While massive deployments of these objects may enrich
people's lives, unauthorized access to the said equipment is potentially
dangerous. Hence, highly-secure human authentication mechanisms have to be
designed. At the same time, human beings desire comfortable interaction with
their owned devices on a daily basis, thus demanding the authentication
procedures to be seamless and user-friendly, mindful of the contemporary urban
dynamics. In response to these unique challenges, this work advocates for the
adoption of multi-factor authentication for A-IoT, such that multiple
heterogeneous methods - both well-established and emerging - are combined
intelligently to grant or deny access reliably. We thus discuss the pros and
cons of various solutions as well as introduce tools to combine the
authentication factors, with an emphasis on challenging Smart City
environments. We finally outline the open questions to shape future research
efforts in this emerging field.Comment: 7 pages, 4 figures, 2 tables. The work has been accepted for
publication in IEEE Network, 2019. Copyright may be transferred without
notice, after which this version may no longer be accessibl
Critical success factors for preventing E-banking fraud
E-Banking fraud is an issue being experienced globally and is continuing to prove costly to both banks and customers. Frauds in e-banking services occur as a result of various compromises in security ranging from weak authentication systems to insufficient internal controls. Lack of research in this area is problematic for practitioners so there is need to conduct research to help improve security and prevent stakeholders from losing confidence in the system. The purpose of this paper is to understand factors that could be critical in strengthening fraud prevention systems in electronic banking. The paper reviews relevant literatures to help identify potential critical success factors of frauds prevention in e-banking. Our findings show that beyond technology, there are other factors that need to be considered such as internal controls, customer education and staff education etc. These findings will help assist banks and regulators with information on specific areas that should be addressed to build on their existing fraud prevention systems
A Fingerprint Matching Model using Unsupervised Learning Approach
The increase in the number of interconnected information systems and networks to the Internet has led to an increase in different security threats and violations such as unauthorised remote access. The existing network technologies and communication protocols are not well designed to deal with such problems. The recent explosive development in the Internet allowed unwelcomed visitors to gain access to private information and various resources such as financial institutions, hospitals, airports ... etc. Those resources comprise critical-mission systems and information which rely on certain techniques to achieve effective security. With the increasing use of IT technologies for managing information, there is a need for stronger authentication mechanisms such as biometrics which is expected to take over many of traditional authentication and identification solutions. Providing appropriate authentication and identification mechanisms such as biometrics not only ensures that the right users have access to resources and giving them the right privileges, but enables cybercrime forensics specialists to gather useful evidence whenever needed. Also, critical-mission resources and applications require mechanisms to detect when legitimate users try to misuse their privileges; certainly biometrics helps to provide such services. This paper investigates the field of biometrics as one of the recent developed mechanisms for user authentication and evidence gathering despite its limitations. A biometric-based solution model is proposed using various statistical-based unsupervised learning approaches for fingerprint matching. The proposed matching algorithm is based on three various similarity measures, Cosine similarity measure, Manhattan distance measure and Chebyshev distance measure. In this paper, we introduce a model which uses those similarity measures to compute a fingerprint’s matching factor. The calculated matching factor is based on a certain threshold value which could be used by a forensic specialist for deciding whether a suspicious user is actually the person who claims to be or not. A freely available fingerprint biometric SDK has been used to develop and implement the suggested algorithm. The major findings of the experiments showed promising and interesting results in terms of the performance of all the proposed similarity measures.Final Accepted Versio
An Evaluation of Score Level Fusion Approaches for Fingerprint and Finger-vein Biometrics
Biometric systems have to address many requirements, such as large population
coverage, demographic diversity, varied deployment environment, as well as
practical aspects like performance and spoofing attacks. Traditional unimodal
biometric systems do not fully meet the aforementioned requirements making them
vulnerable and susceptible to different types of attacks. In response to that,
modern biometric systems combine multiple biometric modalities at different
fusion levels. The fused score is decisive to classify an unknown user as a
genuine or impostor. In this paper, we evaluate combinations of score
normalization and fusion techniques using two modalities (fingerprint and
finger-vein) with the goal of identifying which one achieves better improvement
rate over traditional unimodal biometric systems. The individual scores
obtained from finger-veins and fingerprints are combined at score level using
three score normalization techniques (min-max, z-score, hyperbolic tangent) and
four score fusion approaches (minimum score, maximum score, simple sum, user
weighting). The experimental results proved that the combination of hyperbolic
tangent score normalization technique with the simple sum fusion approach
achieve the best improvement rate of 99.98%.Comment: 10 pages, 5 figures, 3 tables, conference, NISK 201
Authenticity and Admissibility of Social Media Website Printouts
Social media posts and photographs are increasingly denied admission as evidence in criminal trials. Courts often cite issues with authentication when refusing to admit social media evidence. Cases and academic writings separate recent case law into two approaches: The Maryland Approach and the Texas Approach. The first method is often seen as overly skeptical of social media evidence, setting the bar too high for admissibility. The second approach is viewed as more lenient, declaring that any reasonable evidence should be admitted in order for a jury to weigh its sufficiency. This Brief addresses the supposed differences between the two sets of cases and suggests that courts are not actually employing two distinct approaches. The Maryland Approach courts are not holding social media content to a higher standard than the Texas Approach courts, but are merely responding to a lack of evidence connecting the proffered content to the purported author
Providing Physical Layer Security for Mission Critical Machine Type Communication
The design of wireless systems for Mission Critical Machine Type
Communication (MC-MTC) is currently a hot research topic. Wireless systems are
considered to provide numerous advantages over wired systems in industrial
applications for example. However, due to the broadcast nature of the wireless
channel, such systems are prone to a wide range of cyber attacks. These range
from passive eavesdropping attacks to active attacks like data manipulation or
masquerade attacks. Therefore it is necessary to provide reliable and efficient
security mechanisms. One of the most important security issue in such a system
is to ensure integrity as well as authenticity of exchanged messages over the
air between communicating devices in order to prohibit active attacks. In the
present work, an approach on how to achieve this goal in MC-MTC systems based
on Physical Layer Security (PHYSEC), especially a new method based on keeping
track of channel variations, will be presented and a proof-of-concept
evaluation is given
- …