Human brain distinctiveness based on EEG spectral coherence connectivity

The use of EEG biometrics, for the purpose of automatic people recognition, has received increasing attention in the recent years. Most of current analysis rely on the extraction of features characterizing the activity of single brain regions, like power-spectrum estimates, thus neglecting possible temporal dependencies between the generated EEG signals. However, important physiological information can be extracted from the way different brain regions are functionally coupled. In this study, we propose a novel approach that fuses spectral coherencebased connectivity between different brain regions as a possibly viable biometric feature. The proposed approach is tested on a large dataset of subjects (N=108) during eyes-closed (EC) and eyes-open (EO) resting state conditions. The obtained recognition performances show that using brain connectivity leads to higher distinctiveness with respect to power-spectrum measurements, in both the experimental conditions. Notably, a 100% recognition accuracy is obtained in EC and EO when integrating functional connectivity between regions in the frontal lobe, while a lower 97.41% is obtained in EC (96.26% in EO) when fusing power spectrum information from centro-parietal regions. Taken together, these results suggest that functional connectivity patterns represent effective features for improving EEG-based biometric systems.Comment: Key words: EEG, Resting state, Biometrics, Spectral coherence, Match score fusio

Privacy-Protecting Techniques for Behavioral Data: A Survey

Our behavior (the way we talk, walk, or think) is unique and can be used as a biometric trait. It also correlates with sensitive attributes like emotions. Hence, techniques to protect individuals privacy against unwanted inferences are required. To consolidate knowledge in this area, we systematically reviewed applicable anonymization techniques. We taxonomize and compare existing solutions regarding privacy goals, conceptual operation, advantages, and limitations. Our analysis shows that some behavioral traits (e.g., voice) have received much attention, while others (e.g., eye-gaze, brainwaves) are mostly neglected. We also find that the evaluation methodology of behavioral anonymization techniques can be further improved

Biometrijske aplikacije u bezbednosti vazdušnog transporta

As the number of air passengers continues to increase worldwide, so do the security demands and challenges in the air transport industry, particularly in lieu of numerous recent terrorist attacks. One of the essential requirements in fulfilling these needs resides in the accurate and timely identification of passengers and other participants in the air transport flow. Biometrics represents identification of individuals based on their quantifiable biological characteristics in automatic pattern recognition systems and is considered one of the most reliable means for personal identification. It is, therefore, not surprising that biometric technologies have an increasing presence in the air transportation industry. The intent of this review is to familiarize readers with biometric tools aimed at establishing and maintaining high security at airports and during flight, as well as to point out promising emerging biometric applications in the field.Sve veći broj putnika u vazdušnom saobraćaju, kao i sve učestaliji teroristički napadi, povećavaju bezbednosne zahteve i rizike u avio-industriji na globalnom nivou. Jedan od osnovnih uslova za povećanje bezbednosti jeste mogućnost precizne i brze identifikacije kako putnika, tako i drugih učesnika u saobraćajnom toku. Biometrija je oblast koja se bavi identifikacijom pojedinaca na osnovu njihovih merljivih, bioloških (anatomskih, fizioloških i ponašajnih) karakteristika u automatskim informacionim sistemima i smatra se jednim od najpouzdanijih pristupa za utvrđivanje identiteta. Stoga ne čudi što su biometrijske tehnologije danas sve prisutnije u avio-industriji. Cilj ovog rada je da upozna čitaoce sa dostupnim biometrijskim alatima koji se koriste za postizanje i održavanje visokog nivoa bezbednosti u vazdušnom saobraćaju. Autorka najpre daje pregled biometrijskih identifikacija koje se vrše na vazdušnim graničnim prelazima - aerodromima. U ovom kontekstu su, pored biometrijskih pristupa koji se koriste kao pooštrene mere bezbednosti, takođe obrađene i tehnologije koje imaju za cilj da povećaju brzinu prelaska granice i udobnost putnika niskog rizika, poput putnika koji često putuju (frequent flyers). Autorka dalje predstavlja načine na koje se, pomoću biometrijskih identifikacija, obavlja kontrola pristupa autorizovanih zaposlenih određenim zonama aerodroma, kao i provera prisustva osoba za kojima se traga. Kako skrining sistemi na aerodromima mogu imati visoke stope lažnih uzbuna, a sam proces skrininga predstavlja izazov, budući da zahteva proveru miliona pojedinaca u potrazi za svega nekoliko njih sa zlim namerama, autorka diskutuje o profilisanju putnika (bihevioralni skrining), kao savremenom pristupu identifikaciji pojedinaca na aerodromima, koji je u povoju, i koji je zasnovan na automatskom, biometrijskom prepoznavanju sumnjivih individua. Konačno, autorka predstavlja biometrijske aplikacije za identifikaciju pojedinaca tokom leta, koje se razvijaju u cilju obezbeđivanja putnika, posade i letelice. PR Projekat Ministarstva nauke Republike Srbije, br. TR34019 and the EU Commission project AREA, Contract No. 316004

Human-Computer Interaction: Security Aspects

Along with the rapid development of intelligent information age, users are having a growing interaction with smart devices. Such smart devices are interconnected together in the Internet of Things (IoT). The sensors of IoT devices collect information about users' behaviors from the interaction between users and devices. Since users interact with IoT smart devices for the daily communication and social network activities, such interaction generates a huge amount of network traffic. Hence, users' behaviors are playing an important role in the security of IoT smart devices, and the security aspects of Human-Computer Interaction are becoming significant. In this dissertation, we provide a threefold contribution: (1) we review security challenges of HCI-based authentication, and design a tool to detect deceitful users via keystroke dynamics; (2) we present the impact of users' behaviors on network traffic, and propose a framework to manage such network traffic; (3) we illustrate a proposal for energy-constrained IoT smart devices to be resilient against energy attack and efficient in network communication. More in detail, in the first part of this thesis, we investigate how users' behaviors impact on the way they interact with a device. Then we review the work related to security challenges of HCI-based authentication on smartphones, and Brain-Computer Interfaces (BCI). Moreover, we design a tool to assess the truthfulness of the information that users input using a computer keyboard. This tool is based on keystroke dynamics and it relies on machine learning technique to achieve this goal. To the best of our knowledge, this is the first work that associates the typing users' behaviors with the production of deceptive personal information. We reached an overall accuracy of 76% in the classification of a single answer as truthful or deceptive. In the second part of this thesis, we review the analysis of network traffic, especially related to the interaction between mobile devices and users. Since the interaction generates a huge amount of network traffic, we propose an innovative framework, GolfEngine, to manage and control the impact of users behavior on the network relying on Software Defined Networking (SDN) techniques. GolfEngine provides users a tool to build their security applications and offers Graphical User Interface (GUI) for managing and monitoring the network. In particular, GolfEngine provides the function of checking policy conflicts when users design security applications and the mechanism to check data storage redundancy. GolfEngine not only prevents the malicious inputting policies but also it enforces the security about network management of network traffic. The results of our simulation underline that GolfEngine provides an efficient, secure, and robust performance for managing network traffic via SDN. In the third and last part of this dissertation, we analyze the security aspects of battery-equipped IoT devices from the energy consumption perspective. Although most of the energy consumption of IoT devices is due to user interaction, there is still a significant amount of energy consumed by point-to-point communication and IoT network management. In this scenario, an adversary may hijack an IoT device and conduct a Denial of Service attack (DoS) that aims to run out batteries of other devices. Therefore, we propose EnergIoT, a novel method based on energetic policies that prevent such attacks and, at the same time, optimizes the communication between users and IoT devices, and extends the lifetime of the network. EnergIoT relies on a hierarchical clustering approach, based on different duty cycle ratios, to maximize network lifetime of energy-constrained smart devices. The results show that EnergIoT enhances the security and improves the network lifetime by 32%, compared to the earlier used approach, without sacrificing the network performance (i.e., end-to-end delay)

Low-cost methodologies and devices applied to measure, model and self-regulate emotions for Human-Computer Interaction

En aquesta tesi s'exploren les diferents metodologies d'anàlisi de l'experiència UX des d'una visió centrada en usuari. Aquestes metodologies clàssiques i fonamentades només permeten extreure dades cognitives, és a dir les dades que l'usuari és capaç de comunicar de manera conscient. L'objectiu de la tesi és proposar un model basat en l'extracció de dades biomètriques per complementar amb dades emotives (i formals) la informació cognitiva abans esmentada. Aquesta tesi no és només teòrica, ja que juntament amb el model proposat (i la seva evolució) es mostren les diferents proves, validacions i investigacions en què s'han aplicat, sovint en conjunt amb grups de recerca d'altres àrees amb èxit.En esta tesis se exploran las diferentes metodologías de análisis de la experiencia UX desde una visión centrada en usuario. Estas metodologías clásicas y fundamentadas solamente permiten extraer datos cognitivos, es decir los datos que el usuario es capaz de comunicar de manera consciente. El objetivo de la tesis es proponer un modelo basado en la extracción de datos biométricos para complementar con datos emotivos (y formales) la información cognitiva antes mencionada. Esta tesis no es solamente teórica, ya que junto con el modelo propuesto (y su evolución) se muestran las diferentes pruebas, validaciones e investigaciones en la que se han aplicado, a menudo en conjunto con grupos de investigación de otras áreas con éxito.In this thesis, the different methodologies for analyzing the UX experience are explored from a user-centered perspective. These classical and well-founded methodologies only allow the extraction of cognitive data, that is, the data that the user is capable of consciously communicating. The objective of this thesis is to propose a methodology that uses the extraction of biometric data to complement the aforementioned cognitive information with emotional (and formal) data. This thesis is not only theoretical, since the proposed model (and its evolution) is complemented with the different tests, validations and investigations in which they have been applied, often in conjunction with research groups from other areas with success

Learning EEG Biometrics for Person Identification and Authentication

EEG provides appealing biometrics by presenting some unique attributes, not possessed by common biometric modalities like fingerprints, retina and face scan, in terms of robustness against forgery, secrecy and privacy compliance, aliveness detection and potential of continuous authentication. Meanwhile, the use of EEG to provide cognitive indicators for human workload, fatigue and emotions has created an environment where EEG is well-integrated into systems, making it readily available for biometrics purposes. Yet, still, many challenges need to be properly addressed before any actual deployment of EEG-based biometric systems in real-life scenarios: 1) subjects' inconvenience during the signal acquisition process, 2) the relatively low recognition rates, and 3) the lack of robustness against diverse human states. To address the aforementioned issues, this thesis is devoted to learn biometric traits from EEG signals for stable person identification and authentication. State of the art studies of EEG biometrics are mainly divided into two categories, the event-related potential (ERP) category, which relies on a tight control of the cognitive states of the subjects, and the ongoing EEG category, which uses continuous EEG signals (mainly in resting state) naturally produced by the brain without any particular sensory stimulation. Studies in the ERP category focus more on the design of proper signal elicitation protocols or paradigms which usually require repetitive sensory stimulation. Ongoing EEG, on the contrary, is more flexible in terms of signal acquisition, but needs more advanced computational methods for feature extraction and classification. This study focuses on EEG biometrics using ongoing signals in diverse states. Such a flexible system could lead to an effective deployment in the real world. Specifically, this work focuses on ongoing EEG signals under diverse human states without strict task-specific controls in terms of brain response elicitation during signal acquisition. This is in contrast to previous studies that rely on specific sensory stimulation and synthetic cognitive tasks to tightly control the cognitive state of the subject being reflected in the resulting EEG activity, or to use resting state EEG signals. The relaxation of the reliance of the user's cognitive state makes the signal acquisition process streamlined, which in turn facilitates the actual deployment of the EEG biometrics system. Furthermore, not relying on sensory stimulation and cognitive tasks also allows for flexible and unobtrusive biometric systems that work in the background without interrupting the users, which is especially important in continuous scenarios. However, relaxing the system's reliance on the human state also means losing control of the EEG activity produced. As a result, EEG signals captured from the scalp may be contaminated by the active involvement of the tasks and cognitive states such as workload and emotion. Therefore, it becomes a challenge to learn identity-bearing information from the complicated signals to support high stability EEG biometrics. Possible solutions are proposed and investigated from two main perspectives, feature extraction and pattern classification. Specifically, graph features and learning models are proposed based on the brain connectivity, graph theory, and deep learning algorithms. A comprehensive investigation is conducted to assess the performance of proposed methods and existing methods in biometric identification and authentication, including in continuous scenarios. The methods and experiments are reported and detailed in the corresponding chapters, with the results obtained from data analysis

NEUROWAR IS HERE!

Mysterious attacks on the human brain have begun plaguing U.S. diplomats and officials with increasing frequency, ranging from overseas diplomatic outposts to right here in the United States. Known in the media as Havana Syndrome, these attacks appear to be signaling a new form of warfare—one that is focused on enhancing, targeting, and weaponizing the human brain—neurowarfare. Indeed, the human brain is at the center of a biotechnological revolution currently underway. At the same time, great power competition has returned to the forefront of international relations, as China and Russia seek to contest America’s global leadership. In an increasingly globalized and interconnected world, this contest is ultimately a battle of ideas and influence, with more value placed on information and non-lethal means to manipulate and control both adversaries and domestic populations alike. The battle for influence begins and ends in the human mind, where reality is perceived. The implications of these developments point to both a new form and domain of warfare centering on the human brain. By highlighting recent attacks targeting the brain and revealing research from the United States and its two main competitors—China and Russia—this thesis seeks to argue that neurowar is not just coming, but rather is already here and is likely to fundamentally alter conflict and warfare.Lieutenant Colonel, United States Air ForceMajor, United States Air ForceApproved for public release. Distribution is unlimited

Impact and key challenges of insider threats on organizations and critical businesses

The insider threat has consistently been identified as a key threat to organizations and governments. Understanding the nature of insider threats and the related threat landscape can help in forming mitigation strategies, including non-technical means. In this paper, we survey and highlight challenges associated with the identification and detection of insider threats in both public and private sector organizations, especially those part of a nation’s critical infrastructure. We explore the utility of the cyber kill chain to understand insider threats, as well as understanding the underpinning human behavior and psychological factors. The existing defense techniques are discussed and critically analyzed, and improvements are suggested, in line with the current state-of-the-art cyber security requirements. Finally, open problems related to the insider threat are identified and future research directions are discussed