Using a Bayesian averaging model for estimating the reliability of decisions in multimodal biometrics

The issue of reliable authentication is of increasing importance in modern society. Corporations, businesses and individuals often wish to restrict access to logical or physical resources to those with relevant privileges. A popular method for authentication is the use of biometric data, but the uncertainty that arises due to the lack of uniqueness in biometrics has lead there to be a great deal of effort invested into multimodal biometrics. These multimodal biometric systems can give rise to large, distributed data sets that are used to decide the authenticity of a user. Bayesian model averaging (BMA) methodology has been used to allow experts to evaluate the reliability of decisions made in data mining applications. The use of decision tree (DT) models within the BMA methodology gives experts additional information on how decisions are made. In this paper we discuss how DT models within the BMA methodology can be used for authentication in multimodal biometric systems

UK security breach investigations report: an analysis of data compromise cases

This report, rather than relying on questionnaires and self-reporting, concerns cases that were investigated by the forensic investigation team at 7Safe. Whilst removing any inaccuracies arising from self-reporting, the authors acknowledge that the limitation of the sample size remains. It is hoped that the unbiased reporting by independent investigators has yielded interesting facts about modern security breaches. All data in this study is based on genuine completed breach investigations conducted by the compromise investigation team over the last 18 months

CCBS – a method to maintain memorability, accuracy of password submission and the effective password space in click-based visual passwords

Text passwords are vulnerable to many security attacks due to a number of reasons such as the insecure practices of end users who select weak passwords to maintain their long term memory. As such, visual password (VP) solutions were developed to maintain the security and usability of user authentication in collaborative systems. This paper focuses on the challenges facing click-based visual password systems and proposes a novel method in response to them. For instance, Hotspots reveal a serious vulnerability. They occur because users are attracted to specific parts of an image and neglect other areas. Undertaking image analysis to identify these high probability areas can assist dictionary attacks. Another concern is that click-based systems do not guide users towards the correct click-point they are aiming to select. For instance, users might recall the correct spot or area but still fail to include their click within the tolerance distance around the original click-point which results in more incorrect password submissions. Nevertheless, the Passpoints study by Wiedenbeck et al., 2005 inspected the retention of their VP in comparison with text passwords over the long term. Despite being cued-recall the successful rate of their VP submission was not superior to text passwords as it decreased from 85% (the instant retention on the day of registration) to 55% after 2 weeks. This result was identical to that of the text password in the same experiment. The successful submission rates after 6 weeks were also 55% for both VP and text passwords. This paper addresses these issues, and then presents a novel method (CCBS) as a usable solution supported by an empirical proof. A user study is conducted and the results are evaluated against a comparative study

Cyberstalking in the United Kingdom: an analysis of the ECHO Pilot Survey

An Analysis of the ECHO Pilot SurveyNetwork for Surviving Stalking is internationally recognised as the leading Registered Charity in the United Kingdom dedicated to supporting victims of stalking, free of cost or commercial gain. It aims to provide support to victims, potential victims and others affected by stalking or harassment throughout the UK, to raise awareness of the subject and to provide information about stalking and harassment to professionals, relevant agencies and the public. As we have moved into an age of electronic information and communication, stalkers have found new, more effective and efficient means to perpetrate their malicious acts; stalkers have become Cyberstalkers. Cyberstalking has become somewhat of an epidemic stretching across the globe. Network for Surviving Stalking began to notice that an increasing number of people searching for support were being stalked or harassed online, making the charity concerned as to the prevalence, nature and impact of cyberstalking. The charity commissioned a team of researchers and together developed an online questionnaire to establish answers to these questions. This report provides an analysis of the responses to the questionnaire

An Analytical Evaluation of Network Security Modelling Techniques Applied to Manage Threats

The current ubiquity of information coupled with the reliance on such data by businesses has led to a great deal of resources being deployed to ensure the security of this information. Threats can come from a number of sources and the dangers from those insiders closest to the source have increased significantly recently. This paper focuses on techniques used to identify and manage threats as well as the measures that every organisation should consider to put into action. A novel game-based onion skin model has been proposed, combining techniques used in theory-based and hardware-based hardening strategies

Towards optimal multi-objective models of network security: survey

Information security is an important aspect of a successful business today. However, financial difficulties and budget cuts create a problem of selecting appropriate security measures and keeping networked systems up and running. Economic models proposed in the literature do not address the challenging problem of security countermeasure selection. We have made a classification of security models, which can be used to harden a system in a cost effective manner based on the methodologies used. In addition, we have specified the challenges of the simplified risk assessment approaches used in the economic models and have made recommendations how the challenges can be addressed in order to support decision makers

Reliability, availability and security of wireless networks in the community

Wireless networking increases the flexibility in the home, work place and community to connect to the Internet without being tied to a single location. Wireless networking has rapidly increased in popularity over recent years. There has also been a change in the use of the internet by users. Home users have embraced wireless technology and businesses see it as having a great impact on their operational efficiency. Both home users and industry are sending increasingly sensitive information through these wireless networks as online delivery of banking, commercial and governmental services becomes more widespread. However undeniable the benefits of wireless networking are, there are additional risks that do not exist in wired networks. It is imperative that adequate assessment and management of risk is undertaken by businesses and home users. This paper reviews wireless network protocols, investigates issues of reliability, availability and security when using wireless networks. The paper, by use of a case study, illustrates the issues and importance of implementing secured wireless networks, and shows the significance of the issue. The paper presents a discussion of the case study and a set of recommendations to mitigate the threat

Emerging privacy challenges and approaches in CAV systems

The growth of Internet-connected devices, Internet-enabled services and Internet of Things systems continues at a rapid pace, and their application to transport systems is heralded as game-changing. Numerous developing CAV (Connected and Autonomous Vehicle) functions, such as traffic planning, optimisation, management, safety-critical and cooperative autonomous driving applications, rely on data from various sources. The efficacy of these functions is highly dependent on the dimensionality, amount and accuracy of the data being shared. It holds, in general, that the greater the amount of data available, the greater the efficacy of the function. However, much of this data is privacy-sensitive, including personal, commercial and research data. Location data and its correlation with identity and temporal data can help infer other personal information, such as home/work locations, age, job, behavioural features, habits, social relationships. This work categorises the emerging privacy challenges and solutions for CAV systems and identifies the knowledge gap for future research, which will minimise and mitigate privacy concerns without hampering the efficacy of the functions

A novel multi-fold security framework for cognitive radio wireless ad-hoc networks

Cognitive Radio (CR) Technology has emerged as a smart and intelligent technology to address the problem of spectrum scarcity and its under-utilization. CR nodes sense the environment for vacant channels, exchange control information, and agree upon free channels list (FCL) to use for data transmission and conclusion. CR technology is heavily dependent on the control channel to dialogue on the exchanged control information which is usually in the Industrial-Scientific-Medical (ISM) band. As the ISM band is publically available this makes the CR network more prone to security vulnerabilities and flaws. In this paper a novel multi-fold security framework for cognitive radio wireless ad-hoc networks has been proposed. Multiple security levels, such as, encryption of beacon frame and privately exchanging the FCL, and the dynamic and adaptive behaviour of the framework makes the proposed protocol more resilient and secure against the traditional security attacks when compared with existing protocols