4,984 research outputs found
IoT Sentinel: Automated Device-Type Identification for Security Enforcement in IoT
With the rapid growth of the Internet-of-Things (IoT), concerns about the
security of IoT devices have become prominent. Several vendors are producing
IP-connected devices for home and small office networks that often suffer from
flawed security designs and implementations. They also tend to lack mechanisms
for firmware updates or patches that can help eliminate security
vulnerabilities. Securing networks where the presence of such vulnerable
devices is given, requires a brownfield approach: applying necessary protection
measures within the network so that potentially vulnerable devices can coexist
without endangering the security of other devices in the same network. In this
paper, we present IOT SENTINEL, a system capable of automatically identifying
the types of devices being connected to an IoT network and enabling enforcement
of rules for constraining the communications of vulnerable devices so as to
minimize damage resulting from their compromise. We show that IOT SENTINEL is
effective in identifying device types and has minimal performance overhead
DeepMasterPrints: Generating MasterPrints for Dictionary Attacks via Latent Variable Evolution
Recent research has demonstrated the vulnerability of fingerprint recognition
systems to dictionary attacks based on MasterPrints. MasterPrints are real or
synthetic fingerprints that can fortuitously match with a large number of
fingerprints thereby undermining the security afforded by fingerprint systems.
Previous work by Roy et al. generated synthetic MasterPrints at the
feature-level. In this work we generate complete image-level MasterPrints known
as DeepMasterPrints, whose attack accuracy is found to be much superior than
that of previous methods. The proposed method, referred to as Latent Variable
Evolution, is based on training a Generative Adversarial Network on a set of
real fingerprint images. Stochastic search in the form of the Covariance Matrix
Adaptation Evolution Strategy is then used to search for latent input variables
to the generator network that can maximize the number of impostor matches as
assessed by a fingerprint recognizer. Experiments convey the efficacy of the
proposed method in generating DeepMasterPrints. The underlying method is likely
to have broad applications in fingerprint security as well as fingerprint
synthesis.Comment: 8 pages; added new verification systems and diagrams. Accepted to
conference Biometrics: Theory, Applications, and Systems 201
Biometrics for internetâofâthings security: A review
The large number of InternetâofâThings (IoT) devices that need interaction between smart devices and consumers makes security critical to an IoT environment. Biometrics offers an interesting window of opportunity to improve the usability and security of IoT and can play a significant role in securing a wide range of emerging IoT devices to address security challenges. The purpose of this review is to provide a comprehensive survey on the current biometrics research in IoT security, especially focusing on two important aspects, authentication and encryption. Regarding authentication, contemporary biometricâbased authentication systems for IoT are discussed and classified based on different biometric traits and the number of biometric traits employed in the system. As for encryption, biometricâcryptographic systems, which integrate biometrics with cryptography and take advantage of both to provide enhanced security for IoT, are thoroughly reviewed and discussed. Moreover, challenges arising from applying biometrics to IoT and potential solutions are identified and analyzed. With an insight into the stateâofâtheâart research in biometrics for IoT security, this review paper helps advance the study in the field and assists researchers in gaining a good understanding of forwardâlooking issues and future research directions
- âŠ