Completely Automated Public Physical test to tell Computers and Humans Apart: A usability study on mobile devices

A very common approach adopted to fight the increasing sophistication and dangerousness of malware and hacking is to introduce more complex authentication mechanisms. This approach, however, introduces additional cognitive burdens for users and lowers the whole authentication mechanism acceptability to the point of making it unusable. On the contrary, what is really needed to fight the onslaught of automated attacks to users data and privacy is to first tell human and computers apart and then distinguish among humans to guarantee correct authentication. Such an approach is capable of completely thwarting any automated attempt to achieve unwarranted access while it allows keeping simple the mechanism dedicated to recognizing the legitimate user. This kind of approach is behind the concept of Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA), yet CAPTCHA leverages cognitive capabilities, thus the increasing sophistication of computers calls for more and more difficult cognitive tasks that make them either very long to solve or very prone to false negatives. We argue that this problem can be overcome by substituting the cognitive component of CAPTCHA with a different property that programs cannot mimic: the physical nature. In past work we have introduced the Completely Automated Public Physical test to tell Computer and Humans Apart (CAPPCHA) as a way to enhance the PIN authentication method for mobile devices and we have provided a proof of concept implementation. Similarly to CAPTCHA, this mechanism can also be used to prevent automated programs from abusing online services. However, to evaluate the real efficacy of the proposed scheme, an extended empirical assessment of CAPPCHA is required as well as a comparison of CAPPCHA performance with the existing state of the art. To this aim, in this paper we carry out an extensive experimental study on both the performance and the usability of CAPPCHA involving a high number of physical users, and we provide comparisons of CAPPCHA with existing flavors of CAPTCHA

Multibiometric security in wireless communication systems

This thesis was submitted for the degree of Doctor of Philosophy and awarded by Brunel University, 05/08/2010.This thesis has aimed to explore an application of Multibiometrics to secured wireless communications. The medium of study for this purpose included Wi-Fi, 3G, and WiMAX, over which simulations and experimental studies were carried out to assess the performance. In specific, restriction of access to authorized users only is provided by a technique referred to hereafter as multibiometric cryptosystem. In brief, the system is built upon a complete challenge/response methodology in order to obtain a high level of security on the basis of user identification by fingerprint and further confirmation by verification of the user through text-dependent speaker recognition. First is the enrolment phase by which the database of watermarked fingerprints with memorable texts along with the voice features, based on the same texts, is created by sending them to the server through wireless channel. Later is the verification stage at which claimed users, ones who claim are genuine, are verified against the database, and it consists of five steps. Initially faced by the identification level, one is asked to first present one’s fingerprint and a memorable word, former is watermarked into latter, in order for system to authenticate the fingerprint and verify the validity of it by retrieving the challenge for accepted user. The following three steps then involve speaker recognition including the user responding to the challenge by text-dependent voice, server authenticating the response, and finally server accepting/rejecting the user. In order to implement fingerprint watermarking, i.e. incorporating the memorable word as a watermark message into the fingerprint image, an algorithm of five steps has been developed. The first three novel steps having to do with the fingerprint image enhancement (CLAHE with 'Clip Limit', standard deviation analysis and sliding neighborhood) have been followed with further two steps for embedding, and extracting the watermark into the enhanced fingerprint image utilising Discrete Wavelet Transform (DWT). In the speaker recognition stage, the limitations of this technique in wireless communication have been addressed by sending voice feature (cepstral coefficients) instead of raw sample. This scheme is to reap the advantages of reducing the transmission time and dependency of the data on communication channel, together with no loss of packet. Finally, the obtained results have verified the claims

Performance Evaluation of Mobile Sensor for Context Awareness User Authentication

With the increase of smart devices and their capacities, their use for different services have also increased. As much as this is an advantage, it has posed additional risks because of the confidential information stored on them. This has increased the need for additional security on these systems. Most of the methods used for user authentication pose certain drawbacks that are either easy to circumvent or cumbersome to use. As a result, multi-level means of authentication is needed to improve the security of mobile devices. Sensors are playing a vital role in the mobile ecosystem to enhance different services. These sensors can be leveraged upon as a solution for user authentication. This research analyzed and evaluated different mobile device sensors for continuous and transparent user authentication. The mobile data used includes gyroscope, accelerometer, linear accelerometer, proximity, gravity, and magnetometer sensors’ data. Using a Feedforward Neural network for data classification after extracting features from the different sensors available in the mobile device; the most effective was selected by evaluating performance of the different sensors. The best sensor, the accelerometer was further experimented on. The experiment showed that smartphone accelerometer sensor exhibits sufficient discriminability, stability, and reliability for active and continuous authentication, by achieving a performance of 6.55% for the best overall EER.With the increase of smart devices and their capacities, their use for different services have also increased. As much as this is an advantage, it has posed additional risks because of the confidential information stored on them. This has increased the need for additional security on these systems. Most of the methods used for user authentication pose certain drawbacks that are either easy to circumvent or cumbersome to use. As a result, multi-level means of authentication is needed to improve the security of mobile devices. Sensors are playing a vital role in the mobile ecosystem to enhance different services. These sensors can be leveraged upon as a solution for user authentication. This research analyzed and evaluated different mobile device sensors for continuous and transparent user authentication. The mobile data used includes gyroscope, accelerometer, linear accelerometer, proximity, gravity, and magnetometer sensors’ data. Using a Feedforward Neural network for data classification after extracting features from the different sensors available in the mobile device; the most effective was selected by evaluating performance of the different sensors. The best sensor, the accelerometer was further experimented on. The experiment showed that smartphone accelerometer sensor exhibits sufficient discriminability, stability, and reliability for active and continuous authentication, by achieving a performance of 6.55% for the best overall EER

Towards a framework of biometrics exam authentication in e-learning environments

In the past fifteen years the use of Internet technologies has been substantially growing for delivery of educational content. E-learning environments have been incorporated in many universities for the delivery of e-learning courses. However, opponents of e-learning claim that a central disadvantage of such teaching medium is by growing academic misconduct in such environments. In particular, opponents of e-learning argue that the inability to authenticate exam takers is a major challenge of e-learning environments. As a result, some institutions proposed to take extreme measures including asking e-learning students to take exams in proctor centers or even abandon completely the offering of e-learning courses in their institutions. This paper attempts to address this important problem by proposing a framework that incorporates available fingerprint biometric authentication technologies in conjunction with e-learning environments to curb unethical conduct during e-learning exam taking. The proposed framework suggests practical solution that can incorporate a repeated fingerprint biometric user authentication during exam taking in e-learning courses. Doing so is hypothesized to curb exam cheating in e-learning environments

Biometrics for internet‐of‐things security: A review

The large number of Internet‐of‐Things (IoT) devices that need interaction between smart devices and consumers makes security critical to an IoT environment. Biometrics offers an interesting window of opportunity to improve the usability and security of IoT and can play a significant role in securing a wide range of emerging IoT devices to address security challenges. The purpose of this review is to provide a comprehensive survey on the current biometrics research in IoT security, especially focusing on two important aspects, authentication and encryption. Regarding authentication, contemporary biometric‐based authentication systems for IoT are discussed and classified based on different biometric traits and the number of biometric traits employed in the system. As for encryption, biometric‐cryptographic systems, which integrate biometrics with cryptography and take advantage of both to provide enhanced security for IoT, are thoroughly reviewed and discussed. Moreover, challenges arising from applying biometrics to IoT and potential solutions are identified and analyzed. With an insight into the state‐of‐the‐art research in biometrics for IoT security, this review paper helps advance the study in the field and assists researchers in gaining a good understanding of forward‐looking issues and future research directions

ARM7 based Smart ATM Access System

ARM7 Based Smart ATM System is designed to add more security to the ATM systems by using biometric, OTP and Accelerometer sensor. In our proposed system, Bankers will collect the customer’s fingerprints and mobile number while opening the account then only customers can access the ATM machine. The primary step of this project is to verify currently scanned finger print with the fingerprint which is registered in the bank. If it finds as a valid then ATM machine, will ask 4 digit pin which is fixed. If the 4 digit code matches with entered pin then system will automatically generates another different 4 digit code i.e. OTP. And that code will be message to the customer registered mobile number. Here customer has to enter this code again. After entering OTP, System will check whether entered code is valid or not. And if it is valid, the customer is allowed for further accessing. Also Accelerometer sensor is used in order to provide security for the ATM machine. DOI: 10.17762/ijritcc2321-8169.15059

INFORMATION SECURITY: A STUDY ON BIOMETRIC SECURITY SOLUTIONS FOR TELECARE MEDICAL INFORMATION SYSTEMS

This exploratory study provides a means for evaluating and rating Telecare medical information systems in order to provide a more effective security solution. This analysis of existing solutions was conducted via an in-depth study of Telecare security. This is a proposition for current biometric technologies as a new means for secure communication of private information over public channels. Specifically, this research was done in order to provide a means for businesses to evaluate prospective technologies from a 3 dimensional view in order to make am accurate decision on any given biometric security technology. Through identifying key aspects of what makes a security solution the most effective in minimizing risk of a patient’s confidential data being exposed we were then able to create a 3 dimensional rubric to see not only from a business view but also the users such as the patients and doctors that use Telecare medical information systems every day. Finally, we also need to understand the implications of biometric solutions from a technological standpoint

ATM & Biometric Solutions: A Case Study

The paper highlights security features for biometric systems along with application specific to a bank in Pakistan. Further, a comprehensive view of retinal scanning and application within the Internet of Things (IoT) paradigm is discussed. Of the various forms of scanning techniques, fingerprint, iris, and facial have been selected as a security measure. However, the application of retinal scans for security within ATMs in Pakistan is novel. Retinal scans face many issues such as external pressures that can make the implementation of retinal scans difficult, proper technological advancements for implementing of retinal scans, costing and whether it will serve as a barrier and whether the overall concept of implementing retinal scans is a workable idea or not. The sample taken was of 80 close ended questionnaires filled along with 4 focus group discussions. The questions related to technology, economics and situational awareness concepts. The concept of automated houses and the use of objects with artificial intelligence were of special interest. It is shown that  external factors especially cost and technological limitations prohibit widespread adoption of biometric based retinal scans and implications for overall privacy and security that is present