37 research outputs found
An Evaluation of Score Level Fusion Approaches for Fingerprint and Finger-vein Biometrics
Biometric systems have to address many requirements, such as large population
coverage, demographic diversity, varied deployment environment, as well as
practical aspects like performance and spoofing attacks. Traditional unimodal
biometric systems do not fully meet the aforementioned requirements making them
vulnerable and susceptible to different types of attacks. In response to that,
modern biometric systems combine multiple biometric modalities at different
fusion levels. The fused score is decisive to classify an unknown user as a
genuine or impostor. In this paper, we evaluate combinations of score
normalization and fusion techniques using two modalities (fingerprint and
finger-vein) with the goal of identifying which one achieves better improvement
rate over traditional unimodal biometric systems. The individual scores
obtained from finger-veins and fingerprints are combined at score level using
three score normalization techniques (min-max, z-score, hyperbolic tangent) and
four score fusion approaches (minimum score, maximum score, simple sum, user
weighting). The experimental results proved that the combination of hyperbolic
tangent score normalization technique with the simple sum fusion approach
achieve the best improvement rate of 99.98%.Comment: 10 pages, 5 figures, 3 tables, conference, NISK 201
Automatic Detection of Malware-Generated Domains with Recurrent Neural Models
Modern malware families often rely on domain-generation algorithms (DGAs) to
determine rendezvous points to their command-and-control server. Traditional
defence strategies (such as blacklisting domains or IP addresses) are
inadequate against such techniques due to the large and continuously changing
list of domains produced by these algorithms. This paper demonstrates that a
machine learning approach based on recurrent neural networks is able to detect
domain names generated by DGAs with high precision. The neural models are
estimated on a large training set of domains generated by various malwares.
Experimental results show that this data-driven approach can detect
malware-generated domain names with a F_1 score of 0.971. To put it
differently, the model can automatically detect 93 % of malware-generated
domain names for a false positive rate of 1:100.Comment: Submitted to NISK 201
Cyber Threat Intelligence Model: An Evaluation of Taxonomies, Sharing Standards, and Ontologies within Cyber Threat Intelligence
Cyber threat intelligence is the provision of evidence-based knowledge about
existing or emerging threats. Benefits of threat intelligence include increased
situational awareness and efficiency in security operations and improved
prevention, detection, and response capabilities. To process, analyze, and
correlate vast amounts of threat information and derive highly contextual
intelligence that can be shared and consumed in meaningful times requires
utilizing machine-understandable knowledge representation formats that embed
the industry-required expressivity and are unambiguous. To a large extend, this
is achieved by technologies like ontologies, interoperability schemas, and
taxonomies. This research evaluates existing cyber-threat-intelligence-relevant
ontologies, sharing standards, and taxonomies for the purpose of measuring
their high-level conceptual expressivity with regards to the who, what, why,
where, when, and how elements of an adversarial attack in addition to courses
of action and technical indicators. The results confirmed that little emphasis
has been given to developing a comprehensive cyber threat intelligence ontology
with existing efforts not being thoroughly designed, non-interoperable and
ambiguous, and lacking semantic reasoning capability
Reviewing BPMN as a Modeling Notation for CACAO Security Playbooks
As cyber systems become increasingly complex and cybersecurity threats become
more prominent, defenders must prepare, coordinate, automate, document, and
share their response methodologies to the extent possible. The CACAO standard
was developed to satisfy the above requirements, providing a common
machine-readable framework and schema for documenting cybersecurity operations
processes, including defensive tradecraft and tactics, techniques, and
procedures. Although this approach is compelling, a remaining limitation is
that CACAO provides no native modeling notation for graphically representing
playbooks, which is crucial for simplifying their creation, modification, and
understanding. In contrast, the industry is familiar with BPMN, a
standards-based modeling notation for business processes that has also found
its place in representing cybersecurity processes. This research examines BPMN
and CACAO and explores the feasibility of using the BPMN modeling notation to
represent CACAO security playbooks graphically. The results indicate that
mapping CACAO and BPMN is attainable at an abstract level; however, conversion
from one encoding to another introduces a degree of complexity due to the
multiple ways CACAO constructs can be represented in BPMN and the extensions
required in BPMN to support CACAO fully
The Impact of Quantum Computing on Present Cryptography
The aim of this paper is to elucidate the implications of quantum computing
in present cryptography and to introduce the reader to basic post-quantum
algorithms. In particular the reader can delve into the following subjects:
present cryptographic schemes (symmetric and asymmetric), differences between
quantum and classical computing, challenges in quantum computing, quantum
algorithms (Shor's and Grover's), public key encryption schemes affected,
symmetric schemes affected, the impact on hash functions, and post quantum
cryptography. Specifically, the section of Post-Quantum Cryptography deals with
different quantum key distribution methods and mathematicalbased solutions,
such as the BB84 protocol, lattice-based cryptography, multivariate-based
cryptography, hash-based signatures and code-based cryptography.Comment: 10 pages, 1 figure, 3 tables, journal article - IJACS
Profiling student smokers:a behavioral approach
The aim of the present study is to construct a coherent profile of student smokers in Greece, based on their behavioral and demographic characteristics. In this context, we collected data by administrating an anonymous self-completed questionnaire, which was answered by students of University and Technological Educational Institute (T.E.I.) of Patras. The final sample consists of 1,190 student smokers. For the purposes of the present study, principal component analysis was utilized to explore and detect the demographic and behavioral profiles of Greek student smokers. The factor solution identified 5 demographic factors and 14 behavioral factors. All factors were labeled, interpreted and discussed in the light of existing knowledge in order to understand better the consumer behavior of student smokers