Color-decoupled photo response non-uniformity for digital image forensics

The last few years have seen the use of photo response non-uniformity noise (PRNU), a unique fingerprint of imaging sensors, in various digital forensic applications such as source device identification, content integrity verification and authentication. However, the use of a colour filter array for capturing only one of the three colour components per pixel introduces colour interpolation noise, while the existing methods for extracting PRNU provide no effective means for addressing this issue. Because the artificial colours obtained through the colour interpolation process is not directly acquired from the scene by physical hardware, we expect that the PRNU extracted from the physical components, which are free from interpolation noise, should be more reliable than that from the artificial channels, which carry interpolation noise. Based on this assumption we propose a Couple-Decoupled PRNU (CD-PRNU) extraction method, which first decomposes each colour channel into 4 sub-images and then extracts the PRNU noise from each sub-image. The PRNU noise patterns of the sub-images are then assembled to get the CD-PRNU. This new method can prevent the interpolation noise from propagating into the physical components, thus improving the accuracy of device identification and image content integrity verification

Conceivable security risks and authentication techniques for smart devices

With the rapidly escalating use of smart devices and fraudulent transaction of users’ data from their devices, efficient and reliable techniques for authentication of the smart devices have become an obligatory issue. This paper reviews the security risks for mobile devices and studies several authentication techniques available for smart devices. The results from field studies enable a comparative evaluation of user-preferred authentication mechanisms and their opinions about reliability, biometric authentication and visual authentication techniques

THRIVE: Threshold Homomorphic encryption based secure and privacy preserving bIometric VErification system

In this paper, we propose a new biometric verification and template protection system which we call the THRIVE system. The system includes novel enrollment and authentication protocols based on threshold homomorphic cryptosystem where the private key is shared between a user and the verifier. In the THRIVE system, only encrypted binary biometric templates are stored in the database and verification is performed via homomorphically randomized templates, thus, original templates are never revealed during the authentication stage. The THRIVE system is designed for the malicious model where the cheating party may arbitrarily deviate from the protocol specification. Since threshold homomorphic encryption scheme is used, a malicious database owner cannot perform decryption on encrypted templates of the users in the database. Therefore, security of the THRIVE system is enhanced using a two-factor authentication scheme involving the user's private key and the biometric data. We prove security and privacy preservation capability of the proposed system in the simulation-based model with no assumption. The proposed system is suitable for applications where the user does not want to reveal her biometrics to the verifier in plain form but she needs to proof her physical presence by using biometrics. The system can be used with any biometric modality and biometric feature extraction scheme whose output templates can be binarized. The overall connection time for the proposed THRIVE system is estimated to be 336 ms on average for 256-bit biohash vectors on a desktop PC running with quad-core 3.2 GHz CPUs at 10 Mbit/s up/down link connection speed. Consequently, the proposed system can be efficiently used in real life applications

Multimodal person recognition for human-vehicle interaction

Next-generation vehicles will undoubtedly feature biometric person recognition as part of an effort to improve the driving experience. Today's technology prevents such systems from operating satisfactorily under adverse conditions. A proposed framework for achieving person recognition successfully combines different biometric modalities, borne out in two case studies

Using biometrics authentication via fingerprint recognition in e-Exams in e-Learning environment

E-learning is a great opportunity for modern life. Notably, however, the tool needs to be coupled with efficient and reliable security mechanisms to ensure the medium can be established as a dependable one. Authentication of e-exam takers is of prime importance so that exams are given by fair means. A new approach shall be proposed so as to ensure that no unauthorised individuals are permitted to give the exams

A secure over-the-air programming scheme in wireless sensor networks

Over-The-Air dissemination of code updates in Wireless Sensor Networks (WSNs) have been researchers’ point of interest in past a few years and more importantly security challenges toward remote propagation of code update have taken the majority of efforts in this context. Many security models have been proposed to establish a balance between the energy consumption and security strengthen with having their concentration on constraint nature of WSN nodes. For authentication purposes most of them have used Merkle-Hash-Tree to avoid using multiple public cryptography operations. These models mostly have assumed an environment in which security has to be in a standard level and therefore they have not investigated the tree structure for mission-critical situations in which security has to be in maximum possible extent (e.g. military zones). Two major problems have been identified in Merkle Tree structure which is used in Seluge scheme, including: 1) an exponential growth in number of overhead packets when block size of hash algorithm used in design is increased. 2) Limitation of using hash algorithms with larger block size of 11 bytes when payload size is set to 72 bytes. Then several existing security models are investigated for possible vulnerabilities and a set of countermeasures correspondingly named Security Model Requirements (SMR) is provided. After concentrating on Seluge’s design, a new secure Over-The-Air Programming (OTAP) scheme named Seluge++ is proposed that complies with SMR and replaces the use of inefficient Merkle Tree with a novel method