A Large-scale Empirical Analysis of Browser Fingerprints Properties for Web Authentication

Modern browsers give access to several attributes that can be collected to form a browser fingerprint. Although browser fingerprints have primarily been studied as a web tracking tool, they can contribute to improve the current state of web security by augmenting web authentication mechanisms. In this article, we investigate the adequacy of browser fingerprints for web authentication. We make the link between the digital fingerprints that distinguish browsers, and the biological fingerprints that distinguish Humans, to evaluate browser fingerprints according to properties inspired by biometric authentication factors. These properties include their distinctiveness, their stability through time, their collection time, their size, and the accuracy of a simple verification mechanism. We assess these properties on a large-scale dataset of 4,145,408 fingerprints composed of 216 attributes and collected from 1,989,365 browsers. We show that, by time-partitioning our dataset, more than 81.3% of our fingerprints are shared by a single browser. Although browser fingerprints are known to evolve, an average of 91% of the attributes of our fingerprints stay identical between two observations, even when separated by nearly six months. About their performance, we show that our fingerprints weigh a dozen of kilobytes and take a few seconds to collect. Finally, by processing a simple verification mechanism, we show that it achieves an equal error rate of 0.61%. We enrich our results with the analysis of the correlation between the attributes and their contribution to the evaluated properties. We conclude that our browser fingerprints carry the promise to strengthen web authentication mechanisms.

Enhancing the Security of FPGA-SoCs via the Usage of ARM TrustZone and a Hybrid-TPM

Isolated execution is a concept commonly used for increasing the security of a computer system. In the embedded world, ARM TrustZone technology enables this goal and is currently used on mobile devices for applications such as secure payment or biometric authentication. In this work, we investigate the security benefits achievable through the usage of ARM TrustZone on FPGA-SoCs. We first adapt Microsoft’s implementation of a firmware Trusted Platform Module (fTPM) running inside ARM TrustZone for the Zynq UltraScale+ platform. This adaptation consists in integrating hardware accelerators available on the device to fTPM’s implementation and to enhance fTPM with an entropy source derived from on-chip SRAM start-up patterns. With our approach, we transform a software implementation of a TPM into a hybrid hardware/software design that could address some of the security drawbacks of the original implementation while keeping its flexibility. To demonstrate the security gains obtained via the usage of ARM TrustZone and our hybrid-TPM on FPGA-SoCs, we propose a framework that combines them for enabling a secure remote bitstream loading. The approach consists in preventing the insecure usages of a bitstream reconfiguration interface that are made possible by the manufacturer and to integrate the interface inside a Trusted Execution Environment.

Smart Voting System Using Facial Recognition

In this paper a new authentication technique is discussed i-e; facial recognition verification for online voting system. It aims to develop a computerized voting system to make the election process more secure and user friendly. The electorate want to visit distinct locations like polling cubicles and stand in an extended queue to cast their vote, because of such reasons most of the people skip their chance of voting. The voter who isn't eligible also can forged its vote via way of means of faux way which can also additionally cause many problems. That's why in this project we have proposed a system or way for voting which is very effective or useful in voting. This system can also save money of the government which is spent in the election process. Overall this project is being developed to help staff of election commission of India and also reduce the human efforts. Keywords: Online Voting, Biometric Authentication, Security System.

User Authentication Method via Speaker Recognition and Speech Synthesis Detection

As the Internet has been developed, various online services such as social media services are introduced and widely used by many people. Traditionally, many online services utilize self-certification methods that are made using public certificates or resident registration numbers, but it is found that the existing methods pose the risk of recent personal information leakage accidents. The most popular authentication method to compensate for these problems is biometric authentication technology. The biometric authentication techniques are considered relatively safe from risks like personal information theft, forgery, etc. Among many biometric-based methods, we studied the speaker recognition method, which is considered suitable to be used as a user authentication method of the social media service usually accessed in the smartphone environment. In this paper, we first propose a speaker recognition-based authentication method that identifies and authenticates individual voice patterns, and we also present a synthesis speech detection method that is used to prevent a masquerading attack using synthetic voices.

Multimodal Biometric Authentication for Smartphones

Smartphones have become a crucial way of storing sensitive information; therefore, the user's privacy needs to be highly secured. This can be accomplished by employing the most reliable and accurate biometric identification system available currently which is, Eye recognition. However, the unimodal eye biometric system is not able to qualify the level of acceptability, speed, and reliability needed. There are other limitations such as constrained authentication in real time applications due to noise in sensed data, spoof attacks, data quality, lack of distinctiveness, restricted amount of freedom, lack of universality and other factors. Therefore, multimodal biometric systems have come into existence in order to increase security as well as to achieve better performance.[1] This paper provides an overview of different multimodal biometric (multibiometric) systems for smartphones being employed till now and also proposes a multimodal biometric system which can possibly overcome the limitations of the current biometric systems. Keywords: Biometrics, Unimodal, Multimodal, Fusion, Multibiometric Systems

Lightweight encryption for short-range wireless biometric authentication systems in Industry 4.0

Most recent solutions for users’ authentication in Industry 4.0 scenarios are based on unique biological characteristics that are captured from users and recognized using artificial intelligence and machine learning technologies. These biometric applications tend to be computationally heavy, so to monitor users in an unobtrusive manner, sensing and processing modules are physically separated and connected through point-to-point wireless communication technologies. However, in this approach, sensors are very resource constrained, and common cryptographic techniques to protect private users’ information while traveling in the radio channel cannot be implemented because their computational cost. Thus, new security solutions for those biometric authentication systems in their short-range wireless communications are needed. Therefore, in this paper, we propose a new cryptographic approach addressing this scenario. The proposed solution employs lightweight operations to create a secure symmetric encryption solution. This cipher includes a pseudo-random number generator based, also, on simple computationally low-cost operations in order to create the secret key. In order to preserve and provide good security properties, the key generation and the encryption processes are fed with a chaotic number sequence obtained through the numerical integration of a new four-order hyperchaotic dynamic. An experimental analysis and a performance evaluation are provided in the experimental section, showing the good behavior of the described solution.

Review on EEG-Based Authentication Technology

With the rapid development of brain-computer interface technology, as a new biometric feature, EEG signal has been widely concerned in recent years. The safety of brain-computer interface and the long-term insecurity of biometric authentication have a new solution. This review analyzes the biometrics of EEG signals, and the latest research is involved in the authentication process. This review mainly introduced the method of EEG-based authentication and systematically introduced EEG-based biometric cryptosystems for authentication for the first time. In cryptography, the key is the core basis of authentication in the cryptographic system, and cryptographic technology can effectively improve the security of biometric authentication and protect biometrics. The revocability of EEG-based biometric cryptosystems is an advantage that traditional biometric authentication does not have. Finally, the existing problems and future development directions of identity authentication technology based on EEG signals are proposed, providing a reference for the related studies.

Deteksi Serangan Spoofing Wajah Menggunakan Convolutional Neural Network

Facial recognition-based biometric authentication is increasingly frequently employed. However, a facial recognition system should not only recognize an individual's face, but it should also be capable of detecting spoofing attempts using printed faces or digital photographs. There are now various methods for detecting spoofing, including blinking, lip movement, and head tilt detection. However, this approach has limitations when dealing with dynamic video spoofing assaults. On the other hand, these types of motion detection systems can diminish user comfort. As a result, this article presents a method for identifying facial spoofing attacks through Convolutional Neural Networks. The anti-spoofing technique is intended to be used in conjunction with deep learning models without using extra tools or equipment. Our CNN classification dataset can be derived from the NUAA photo imposter and CASIA v2. The collection contains numerous examples of facial spoofing, including those created with posters, masks, and smartphones. In the pre-processing stage, image augmentation is carried out with brightness adjustments and other filters so that the model to adapt to various environmental conditions. We evaluate the number of epochs, optimizer types, and the learning rate during the testing process. The test results show that the proposed model achieves an accuracy value of 91.23% and an F1 score of 92.01%.

Finger Vein Recognition Model for Biometric Authentication Using Intelligent Deep Learning

In recent years, biometric authentication systems have remained a hot research topic, as they can recognize or authenticate a person by comparing their data to other biometric data stored in a database. Fingerprints, palm prints, hand vein, finger vein, palm vein, and other anatomic or behavioral features have all been used to develop a variety of biometric approaches. Finger vein recognition (FVR) is a common method of examining the patterns of the finger veins for proper authentication among the various biometrics. Finger vein acquisition, preprocessing, feature extraction, and authentication are all part of the proposed intelligent deep learning-based FVR (IDL-FVR) model. Infrared imaging devices have primarily captured the use of finger veins. Furthermore, a region of interest extraction process is carried out in order to save the finger part. The shark smell optimization algorithm is used to tune the hyperparameters of the bidirectional long–short-term memory model properly. Finally, an authentication process based on Euclidean distance is performed, which compares the features of the current finger vein image to those in the database. The IDL-FVR model surpassed the earlier methods by accomplishing a maximum accuracy of 99.93%. Authentication is successful when the Euclidean distance is small and vice versa.