Privacy-Preserving Facial Recognition Using Biometric-Capsules

Indiana University-Purdue University Indianapolis (IUPUI)In recent years, developers have used the proliferation of biometric sensors in smart devices, along with recent advances in deep learning, to implement an array of biometrics-based recognition systems. Though these systems demonstrate remarkable performance and have seen wide acceptance, they present unique and pressing security and privacy concerns. One proposed method which addresses these concerns is the elegant, fusion-based Biometric-Capsule (BC) scheme. The BC scheme is provably secure, privacy-preserving, cancellable and interoperable in its secure feature fusion design. In this work, we demonstrate that the BC scheme is uniquely fit to secure state-of-the-art facial verification, authentication and identification systems. We compare the performance of unsecured, underlying biometrics systems to the performance of the BC-embedded systems in order to directly demonstrate the minimal effects of the privacy-preserving BC scheme on underlying system performance. Notably, we demonstrate that, when seamlessly embedded into a state-of-the-art FaceNet and ArcFace verification systems which achieve accuracies of 97.18% and 99.75% on the benchmark LFW dataset, the BC-embedded systems are able to achieve accuracies of 95.13% and 99.13% respectively. Furthermore, we also demonstrate that the BC scheme outperforms or performs as well as several other proposed secure biometric methods

Systematizing Decentralization and Privacy: Lessons from 15 Years of Research and Deployments

Decentralized systems are a subset of distributed systems where multiple authorities control different components and no authority is fully trusted by all. This implies that any component in a decentralized system is potentially adversarial. We revise fifteen years of research on decentralization and privacy, and provide an overview of key systems, as well as key insights for designers of future systems. We show that decentralized designs can enhance privacy, integrity, and availability but also require careful trade-offs in terms of system complexity, properties provided, and degree of decentralization. These trade-offs need to be understood and navigated by designers. We argue that a combination of insights from cryptography, distributed systems, and mechanism design, aligned with the development of adequate incentives, are necessary to build scalable and successful privacy-preserving decentralized systems

Enhancing Biometric-Capsule-based Authentication and Facial Recognition via Deep Learning

In recent years, developers have used the proliferation of biometric sensors in smart devices, along with recent advances in deep learning, to implement an array of biometrics-based authentication systems. Though these systems demonstrate remarkable performance and have seen wide acceptance, they present unique and pressing security and privacy concerns. One proposed method which addresses these concerns is the elegant, fusion-based BioCapsule method. The BioCapsule method is provably secure, privacy-preserving, cancellable and flexible in its secure feature fusion design. In this work, we extend BioCapsule to face-based recognition. Moreover, we incorporate state-of-art deep learning techniques into a BioCapsule-based facial authentication system to further enhance secure recognition accuracy. We compare the performance of an underlying recognition system to the performance of the BioCapsule-embedded system in order to demonstrate the minimal effects of the BioCapsule scheme on underlying system performance. We also demonstrate that the BioCapsule scheme outperforms or performs as well as many other proposed secure biometric techniques

A Survey on Biometrics and Cancelable Biometrics Systems

Now-a-days, biometric systems have replaced the password or token based authentication system in many fields to improve the security level. However, biometric system is also vulnerable to security threats. Unlike password based system, biometric templates cannot be replaced if lost or compromised. To deal with the issue of the compromised biometric template, template protection schemes evolved to make it possible to replace the biometric template. Cancelable biometric is such a template protection scheme that replaces a biometric template when the stored template is stolen or lost. It is a feature domain transformation where a distorted version of a biometric template is generated and matched in the transformed domain. This paper presents a review on the state-of-the-art and analysis of different existing methods of biometric based authentication system and cancelable biometric systems along with an elaborate focus on cancelable biometrics in order to show its advantages over the standard biometric systems through some generalized standards and guidelines acquired from the literature. We also proposed a highly secure method for cancelable biometrics using a non-invertible function based on Discrete Cosine Transformation (DCT) and Huffman encoding. We tested and evaluated the proposed novel method for 50 users and achieved good results

Performance comparison of intrusion detection systems and application of machine learning to Snort system

This study investigates the performance of two open source intrusion detection systems (IDSs) namely Snort and Suricata for accurately detecting the malicious traffic on computer networks. Snort and Suricata were installed on two different but identical computers and the performance was evaluated at 10 Gbps network speed. It was noted that Suricata could process a higher speed of network traffic than Snort with lower packet drop rate but it consumed higher computational resources. Snort had higher detection accuracy and was thus selected for further experiments. It was observed that the Snort triggered a high rate of false positive alarms. To solve this problem a Snort adaptive plug-in was developed. To select the best performing algorithm for Snort adaptive plug-in, an empirical study was carried out with different learning algorithms and Support Vector Machine (SVM) was selected. A hybrid version of SVM and Fuzzy logic produced a better detection accuracy. But the best result was achieved using an optimised SVM with firefly algorithm with FPR (false positive rate) as 8.6% and FNR (false negative rate) as 2.2%, which is a good result. The novelty of this work is the performance comparison of two IDSs at 10 Gbps and the application of hybrid and optimised machine learning algorithms to Snort

A Comprehensive Survey on Exiting Solution Approaches towards Security and Privacy Requirements of IoT

‘Internet of Things (IoT)’emerged as an intelligent collaborative computation and communication between a set of objects capable of providing on-demand services to other objects anytime anywhere. A large-scale deployment of data-driven cloud applications as well as automated physical things such as embed electronics, software, sensors and network connectivity enables a joint ubiquitous and pervasive internet-based computing systems well capable of interacting with each other in an IoT. IoT, a well-known term and a growing trend in IT arena certainly bring a highly connected global network structure providing a lot of beneficial aspects to a user regarding business productivity, lifestyle improvement, government efficiency, etc. It also generates enormous heterogeneous and homogeneous data needed to be analyzed properly to get insight into valuable information. However, adoption of this new reality (i.e., IoT) by integrating it with the internet invites a certain challenges from security and privacy perspective. At present, a much effort has been put towards strengthening the security system in IoT still not yet found optimal solutions towards current security flaws. Therefore, the prime aim of this study is to investigate the qualitative aspects of the conventional security solution approaches in IoT. It also extracts some open research problems that could affect the future research track of IoT arena

Towards Cyber Security for Low-Carbon Transportation: Overview, Challenges and Future Directions

In recent years, low-carbon transportation has become an indispensable part as sustainable development strategies of various countries, and plays a very important responsibility in promoting low-carbon cities. However, the security of low-carbon transportation has been threatened from various ways. For example, denial of service attacks pose a great threat to the electric vehicles and vehicle-to-grid networks. To minimize these threats, several methods have been proposed to defense against them. Yet, these methods are only for certain types of scenarios or attacks. Therefore, this review addresses security aspect from holistic view, provides the overview, challenges and future directions of cyber security technologies in low-carbon transportation. Firstly, based on the concept and importance of low-carbon transportation, this review positions the low-carbon transportation services. Then, with the perspective of network architecture and communication mode, this review classifies its typical attack risks. The corresponding defense technologies and relevant security suggestions are further reviewed from perspective of data security, network management security and network application security. Finally, in view of the long term development of low-carbon transportation, future research directions have been concerned.Comment: 34 pages, 6 figures, accepted by journal Renewable and Sustainable Energy Review

AuthN-AuthZ: Integrated, User-Friendly and Privacy-Preserving Authentication and Authorization

In this paper, we propose a novel, privacy-preserving, and integrated authentication and authorization scheme (dubbed as AuthN-AuthZ). The proposed scheme can address both the usability and privacy issues often posed by authentication through use of privacy-preserving Biometric-Capsule-based authentication. Each Biometric-Capsule encapsulates a user's biometric template as well as their role within a hierarchical Role-based Access Control model. As a result, AuthN-AuthZ provides novel efficiency by performing both authentication and authorization simultaneously in a single operation. To the best of our knowledge, our scheme's integrated AuthN-AuthZ operation is the first of its kind. The proposed scheme is flexible in design and allows for the secure use of robust deep learning techniques, such as the recently proposed and current state-of-the-art facial feature representation method, ArcFace. We conduct extensive experiments to demonstrate the robust performance of the proposed scheme and its AuthN-AuthZ operation