Biometric Based Intrusion Detection System using Dempster-Shafer Theory for Mobile Ad hoc Network Security

In wireless mobile ad hoc network, mainly, two approaches are followed to protect the security such as prevention-based approaches and detection-based approaches. A Mobile Ad hoc Network (MANET) is a collection of autonomous wireless mobile nodes forming temporary network to interchange data (data packets) without using any fixed topology or centralized administration. In this dynamic network, each node changes its geographical position and acts as a router for forwarding packets to the other node. Current MANETs are basically vulnerable to different types of attacks. The multimodal biometric technology gives possible resolves for continuous user authentication and vulnerability in high security mobile ad hoc networks (MANETs). Dempster’s rule for combination gives a numerical method for combining multiple pieces of data from unreliable observers. This paper studies biometric authentication and intrusion detection system with data fusion using Dempster–Shafer theory in such MANETs. Multimodal biometric technologies are arrayed to work with intrusion detection to improve the limitations of unimodal biometric technique

Increasing resilience in privileged access management

This Master of Science in Technology thesis, developed in collaboration with a target company, focuses on increasing resilience and disaster recovery planning for a privileged access management tool. The research was conducted using online sources and supplemented by available frameworks and best practices while working for the target organization. The thesis explorers several critical questions regarding privileged access rights: their nature, necessity to secure them, appropriate protection mechanisms, and ensuring the resilience of the protection mechanisms during potential disaster recovery scenarios. The research adopts design science research methodology, commencing with a literature review of identity and access management. The thesis progresses by identifying and assessing possible threat, incident and disaster scenarios for privileged access. The research then presents the most relevant scenarios and solution to enable resilience through high availability. The solutions is then evaluated. The research culminates in a conclusion that answers the set research questions

Identification of Biometric-Based Continuous user Authentication and Intrusion Detection System for Cluster Based Manet

Mobile ad hoc is an infrastructure less dynamic network used in many applications; it has been targets of various attacks and makes security problems. This work aims to provide an enhanced level of security by using the prevention based and detection based approaches such as authentication and intrusion detection. The multi-model biometric technology is used for continuous authentication and intrusion detection in high security cluster based MANET. In this paper, an attempt has been made to combine continuous authentication and intrusion detection. In this proposed scheme, Dempster-Shafer theory is used for data fusion because more than one device needs to be chosen and their observation can be used to increase observation accuracy

State of the Art in Biometric Key Binding and Key Generation Schemes

Direct storage of biometric templates in databases exposes the authentication system and legitimate users to numerous security and privacy challenges. Biometric cryptosystems or template protection schemes are used to overcome the security and privacy challenges associated with the use of biometrics as a means of authentication. This paper presents a review of previous works in biometric key binding and key generation schemes. The review focuses on key binding techniques such as biometric encryption, fuzzy commitment scheme, fuzzy vault and shielding function. Two categories of key generation schemes considered are private template and quantization schemes. The paper also discusses the modes of operations, strengths and weaknesses of various kinds of key-based template protection schemes. The goal is to provide the reader with a clear understanding of the current and emerging trends in key-based biometric cryptosystems

An introduction to Quality of Security Services

We examine the concept of security as a dimension of Quality of Service in distributed systems. We provide a discussion and examples of user- specified security variables and show how the range of service levels associated with these variables can support the provision of Quality of Security Service. We also discuss various design implications regarding security ranges provided in a QoS-aware distributed system. Our goal has been to provide an understanding of QoSS and variant security, and to determine whether these concepts can be useful in improving security service and system performance in QoS-aware distributed systems. We described the general requirements for system attributes to participate in the provision of Quality of Service, and described how certain security attributes might meet these requirements. We then described various forms of user and application security "ranges "and showed how these ranges can make sense in relation to existing security policies, when those ranges are presented as user choices. Finally we described security ranges as forming a coherent system of relationships in a distributed multi-tiered system. Our conclusion is that it may be possible for security to be a semantically meaningful dimension of Quality of Service without compromising existing security policies. Further study is needed to understand the effectiveness of QoSS in improving system performance in QoS-aware systems.Approved for public release; distribution is unlimited

Cloud data security and various cryptographic algorithms

Cloud computing has spread widely among different organizations due to its advantages, such as cost reduction, resource pooling, broad network access, and ease of administration. It increases the abilities of physical resources by optimizing shared use. Clients’ valuable items (data and applications) are moved outside of regulatory supervision in a shared environment where many clients are grouped together. However, this process poses security concerns, such as sensitive information theft and personally identifiable data leakage. Many researchers have contributed to reducing the problem of data security in cloud computing by developing a variety of technologies to secure cloud data, including encryption. In this study, a set of encryption algorithms (advance encryption standard (AES), data encryption standard (DES), Blowfish, Rivest-Shamir-Adleman (RSA) encryption, and international data encryption algorithm (IDEA) was compared in terms of security, data encipherment capacity, memory usage, and encipherment time to determine the optimal algorithm for securing cloud information from hackers. Results show that RSA and IDEA are less secure than AES, Blowfish, and DES). The AES algorithm encrypts a huge amount of data, takes the least encipherment time, and is faster than other algorithms, and the Blowfish algorithm requires the least amount of memory space

Systematic Review on Security and Privacy Requirements in Edge Computing: State of the Art and Future Research Opportunities

Edge computing is a promising paradigm that enhances the capabilities of cloud computing. In order to continue patronizing the computing services, it is essential to conserve a good atmosphere free from all kinds of security and privacy breaches. The security and privacy issues associated with the edge computing environment have narrowed the overall acceptance of the technology as a reliable paradigm. Many researchers have reviewed security and privacy issues in edge computing, but not all have fully investigated the security and privacy requirements. Security and privacy requirements are the objectives that indicate the capabilities as well as functions a system performs in eliminating certain security and privacy vulnerabilities. The paper aims to substantially review the security and privacy requirements of the edge computing and the various technological methods employed by the techniques used in curbing the threats, with the aim of helping future researchers in identifying research opportunities. This paper investigate the current studies and highlights the following: (1) the classification of security and privacy requirements in edge computing, (2) the state of the art techniques deployed in curbing the security and privacy threats, (3) the trends of technological methods employed by the techniques, (4) the metrics used for evaluating the performance of the techniques, (5) the taxonomy of attacks affecting the edge network, and the corresponding technological trend employed in mitigating the attacks, and, (6) research opportunities for future researchers in the area of edge computing security and privacy

Multi-modal palm-print and hand-vein biometric recognition at sensor level fusion

When it is important to authenticate a person based on his or her biometric qualities, most systems use a single modality (e.g. fingerprint or palm print) for further analysis at higher levels. Rather than using higher levels, this research recommends using two biometric features at the sensor level. The Log-Gabor filter is used to extract features and, as a result, recognize the pattern, because the data acquired from images is sampled at various spacing. Using the two fused modalities, the suggested system attained greater accuracy. Principal component analysis (PCA) was performed to reduce the dimensionality of the data. To get the optimum performance between the two classifiers, fusion was performed at the sensor level utilizing different classifiers, including K-nearest neighbors (K-NN) and support vector machines (SVMs). The technology collects palm prints and veins from sensors and combines them into consolidated images that take up less disk space. The amount of memory needed to store such photos has been lowered. The amount of memory is determined by the number of modalities fused