Securing Cloud Storage by Transparent Biometric Cryptography

With the capability of storing huge volumes of data over the Internet, cloud storage has become a popular and desirable service for individuals and enterprises. The security issues, nevertheless, have been the intense debate within the cloud community. Significant attacks can be taken place, the most common being guessing the (poor) passwords. Given weaknesses with verification credentials, malicious attacks have happened across a variety of well-known storage services (i.e. Dropbox and Google Drive) – resulting in loss the privacy and confidentiality of files. Whilst today's use of third-party cryptographic applications can independently encrypt data, it arguably places a significant burden upon the user in terms of manually ciphering/deciphering each file and administering numerous keys in addition to the login password. The field of biometric cryptography applies biometric modalities within cryptography to produce robust bio-crypto keys without having to remember them. There are, nonetheless, still specific flaws associated with the security of the established bio-crypto key and its usability. Users currently should present their biometric modalities intrusively each time a file needs to be encrypted/decrypted – thus leading to cumbersomeness and inconvenience while throughout usage. Transparent biometrics seeks to eliminate the explicit interaction for verification and thereby remove the user inconvenience. However, the application of transparent biometric within bio-cryptography can increase the variability of the biometric sample leading to further challenges on reproducing the bio-crypto key. An innovative bio-cryptographic approach is developed to non-intrusively encrypt/decrypt data by a bio-crypto key established from transparent biometrics on the fly without storing it somewhere using a backpropagation neural network. This approach seeks to handle the shortcomings of the password login, and concurrently removes the usability issues of the third-party cryptographic applications – thus enabling a more secure and usable user-oriented level of encryption to reinforce the security controls within cloud-based storage. The challenge represents the ability of the innovative bio-cryptographic approach to generate a reproducible bio-crypto key by selective transparent biometric modalities including fingerprint, face and keystrokes which are inherently noisier than their traditional counterparts. Accordingly, sets of experiments using functional and practical datasets reflecting a transparent and unconstrained sample collection are conducted to determine the reliability of creating a non-intrusive and repeatable bio-crypto key of a 256-bit length. With numerous samples being acquired in a non-intrusive fashion, the system would be spontaneously able to capture 6 samples within minute window of time. There is a possibility then to trade-off the false rejection against the false acceptance to tackle the high error, as long as the correct key can be generated via at least one successful sample. As such, the experiments demonstrate that a correct key can be generated to the genuine user once a minute and the average FAR was 0.9%, 0.06%, and 0.06% for fingerprint, face, and keystrokes respectively. For further reinforcing the effectiveness of the key generation approach, other sets of experiments are also implemented to determine what impact the multibiometric approach would have upon the performance at the feature phase versus the matching phase. Holistically, the multibiometric key generation approach demonstrates the superiority in generating the bio-crypto key of a 256-bit in comparison with the single biometric approach. In particular, the feature-level fusion outperforms the matching-level fusion at producing the valid correct key with limited illegitimacy attempts in compromising it – 0.02% FAR rate overall. Accordingly, the thesis proposes an innovative bio-cryptosystem architecture by which cloud-independent encryption is provided to protect the users' personal data in a more reliable and usable fashion using non-intrusive multimodal biometrics.Higher Committee of Education Development in Iraq (HCED

State of the Art in Biometric Key Binding and Key Generation Schemes

Direct storage of biometric templates in databases exposes the authentication system and legitimate users to numerous security and privacy challenges. Biometric cryptosystems or template protection schemes are used to overcome the security and privacy challenges associated with the use of biometrics as a means of authentication. This paper presents a review of previous works in biometric key binding and key generation schemes. The review focuses on key binding techniques such as biometric encryption, fuzzy commitment scheme, fuzzy vault and shielding function. Two categories of key generation schemes considered are private template and quantization schemes. The paper also discusses the modes of operations, strengths and weaknesses of various kinds of key-based template protection schemes. The goal is to provide the reader with a clear understanding of the current and emerging trends in key-based biometric cryptosystems

Integrated Biometric Template Security using Random Rectangular Hashing

Large centralized biometric databases, accessible over networks in real time are especially used for identification purposes. Multimodal biometric systems which are more robust and accurate in human identification require multiple templates storage of the same user analogous to individual biometric sources. This may raises concern about their usage and security when these stored templates are compromised since each person is believed to have a unique biometric trait. Unlike passwords, the biometric templates cannot be revoked and switch to another set of uncompromised identifiers when compromised. Therefore, fool-proof techniques satisfying the requirements of diversity, revocability, security and performance are required to protect stored templates such that both the security of the application and the users2019; privacy are not compromised by the impostor attacks. Thus, this paper proposes a template protection scheme coined as random rectangular hashing to strengthen the multimodal biometric system. The performance of the proposed template protection scheme is measured using the fingerprint FVC2004 and PolyU palmprint database

Biometrics for internet‐of‐things security: A review

The large number of Internet‐of‐Things (IoT) devices that need interaction between smart devices and consumers makes security critical to an IoT environment. Biometrics offers an interesting window of opportunity to improve the usability and security of IoT and can play a significant role in securing a wide range of emerging IoT devices to address security challenges. The purpose of this review is to provide a comprehensive survey on the current biometrics research in IoT security, especially focusing on two important aspects, authentication and encryption. Regarding authentication, contemporary biometric‐based authentication systems for IoT are discussed and classified based on different biometric traits and the number of biometric traits employed in the system. As for encryption, biometric‐cryptographic systems, which integrate biometrics with cryptography and take advantage of both to provide enhanced security for IoT, are thoroughly reviewed and discussed. Moreover, challenges arising from applying biometrics to IoT and potential solutions are identified and analyzed. With an insight into the state‐of‐the‐art research in biometrics for IoT security, this review paper helps advance the study in the field and assists researchers in gaining a good understanding of forward‐looking issues and future research directions

Recent Application in Biometrics

In the recent years, a number of recognition and authentication systems based on biometric measurements have been proposed. Algorithms and sensors have been developed to acquire and process many different biometric traits. Moreover, the biometric technology is being used in novel ways, with potential commercial and practical implications to our daily activities. The key objective of the book is to provide a collection of comprehensive references on some recent theoretical development as well as novel applications in biometrics. The topics covered in this book reflect well both aspects of development. They include biometric sample quality, privacy preserving and cancellable biometrics, contactless biometrics, novel and unconventional biometrics, and the technical challenges in implementing the technology in portable devices. The book consists of 15 chapters. It is divided into four sections, namely, biometric applications on mobile platforms, cancelable biometrics, biometric encryption, and other applications. The book was reviewed by editors Dr. Jucheng Yang and Dr. Norman Poh. We deeply appreciate the efforts of our guest editors: Dr. Girija Chetty, Dr. Loris Nanni, Dr. Jianjiang Feng, Dr. Dongsun Park and Dr. Sook Yoon, as well as a number of anonymous reviewers

HMOG: New Behavioral Biometric Features for Continuous Authentication of Smartphone Users

We introduce hand movement, orientation, and grasp (HMOG), a set of behavioral features to continuously authenticate smartphone users. HMOG features unobtrusively capture subtle micro-movement and orientation dynamics resulting from how a user grasps, holds, and taps on the smartphone. We evaluated authentication and biometric key generation (BKG) performance of HMOG features on data collected from 100 subjects typing on a virtual keyboard. Data were collected under two conditions: 1) sitting and 2) walking. We achieved authentication equal error rates (EERs) as low as 7.16% (walking) and 10.05% (sitting) when we combined HMOG, tap, and keystroke features. We performed experiments to investigate why HMOG features perform well during walking. Our results suggest that this is due to the ability of HMOG features to capture distinctive body movements caused by walking, in addition to the hand-movement dynamics from taps. With BKG, we achieved the EERs of 15.1% using HMOG combined with taps. In comparison, BKG using tap, key hold, and swipe features had EERs between 25.7% and 34.2%. We also analyzed the energy consumption of HMOG feature extraction and computation. Our analysis shows that HMOG features extracted at a 16-Hz sensor sampling rate incurred a minor overhead of 7.9% without sacrificing authentication accuracy. Two points distinguish our work from current literature: 1) we present the results of a comprehensive evaluation of three types of features (HMOG, keystroke, and tap) and their combinations under the same experimental conditions and 2) we analyze the features from three perspectives (authentication, BKG, and energy consumption on smartphones)

Retina Based Glowworm Swarm Optimization for Random Cryptographic Key Generation

ان توليد المفاتيح المستندة إلى المقاييس الحيوية يمثل استخدام الميزات المستخرجة من السمات التشريحية (الفسيولوجية) البشرية مثل بصمات الأصابع أو شبكية العين أو السمات السلوكية مثل التوقيع. تتميز القياسات الحيوية لشبكية العين بمتانة متأصلة، وبالتالي، فهي قادرة على توليد مفاتيح عشوائية بمستوى أمان أعلى مقارنة مع السمات الحيوية الأخرى. في السنوات الأخيرة ، اكتسبت خوارزميات التحسين المستوحاة من الطبيعة شعبية كبيرة في معالجة المشكلات الواقعية الصعبة وحل وظائف التحسين المعقدة التي لا تتوفر فيها الحلول الفعلية. في هذه الورقة ، تم اقتراح نظام فعال لتوليد مفاتيح عشوائية آمنة وقوية وفريدة من نوعها تستند إلى ميزات شبكية العين لتطبيقات التشفير. يتم استخراج ميزات شبكية العين باستخدام خوارزمية تحسين سرب الدودة المتوهجة (GSO)  والتي توفر نتائج واعدة من خلال التجارب باستخدام قواعد بيانات شبكية العين القياسية. بالإضافة إلى ذلك، من أجل توفير مفاتيح عشوائية عالية الجودة وغير متوقعة وغير مجددة، تم استخدام الخريطة الفوضوية في النظام المقترح. حيث يتضمن النظام المقترح أربع مراحل رئيسية: التقاط صورة شبكية العين باستخدام أي كاميرا شبكية موجودة في الأسواق, أو باستخدام قاعدة البيانات المتاحة والتي تسمى DRIONS-DB,  ثم معالجتها معالجة اولية، ثم فصل صورة شبكية العين المعالجة مسبقًا إلى أربعة أجزاء باستخدام تحويل مويجات الهار المنفصلة ذات المستوى الواحد (DWHT), بعد ذلك ، يتم استخدام النطاق الفرعي ذو التردد المنخفض (LL) للمرحلة التالية حيث يمثل النطاق الفرعي التشغيلي, بعد ذلك ، يتم استخراج الميزات المثلى باستخدام خوارزمية تحسين سرب الدودة المتوهجة (GSO)، وأخيرًا يتم دمج الميزات المثلى مع الخريطة الفوضوية لإنشاء مفتاح التشفير العشوائي. في النتائج التجريبية، تم استخدام التحليل الإحصائي NIST الذي يتضمن عشرة اختبارات إحصائية للتحقق من عشوائية مفتاح البت الثنائي المولد. مفاتيح التشفير العشوائية التي تم الحصول عليها كانت ناجحة في اختبارات التحليل الإحصائي NIST ، بالإضافة إلى درجة كبيرة من اللامركزية.The biometric-based keys generation represents the utilization of the extracted features from the human anatomical (physiological) traits like a fingerprint, retina, etc. or behavioral traits like a signature. The retina biometric has inherent robustness, therefore, it is capable of generating random keys with a higher security level compared to the other biometric traits. In this paper, an effective system to generate secure, robust and unique random keys based on retina features has been proposed for cryptographic applications. The retina features are extracted by using the algorithm of glowworm swarm optimization (GSO) that provides promising results through the experiments using the standard retina databases. Additionally, in order to provide high-quality random, unpredictable, and non-regenerated keys, the chaotic map has been used in the proposed system. In the experiments, the NIST statistical analysis which includes ten statistical tests has been employed to check the randomness of the generated binary bits key. The obtained random cryptographic keys are successful in the tests of NIST, in addition to a considerable degree of aperiodicity

Sequential Keystroke Behavioral Biometrics for Mobile User Identification via Multi-view Deep Learning

With the rapid growth in smartphone usage, more organizations begin to focus on providing better services for mobile users. User identification can help these organizations to identify their customers and then cater services that have been customized for them. Currently, the use of cookies is the most common form to identify users. However, cookies are not easily transportable (e.g., when a user uses a different login account, cookies do not follow the user). This limitation motivates the need to use behavior biometric for user identification. In this paper, we propose DEEPSERVICE, a new technique that can identify mobile users based on user's keystroke information captured by a special keyboard or web browser. Our evaluation results indicate that DEEPSERVICE is highly accurate in identifying mobile users (over 93% accuracy). The technique is also efficient and only takes less than 1 ms to perform identification.Comment: 2017 Joint European Conference on Machine Learning and Knowledge Discovery in Database