Biblio

Virtual worlds was becoming increasingly popular in a variety of fields, including education, business, space exploration, and video games. Establishing the security of virtual worlds was becoming more critical as they become more widely used. Virtual users were identified using a behavioral biometric system. Improve the system's ability to identify objects by fusing scores from multiple sources. Identification was based on a review of user interactions in virtual environments and a comparison with previous recordings in the database. For behavioral biometric systems like the one described, it appears that score-level biometric fusion was a promising tool for improving system performance. As virtual worlds become more immersive, more people will want to participate in them, and more people will want to be able to interact with each other. Each region of the Meta-verse was given a glimpse of the current state of affairs and the trends to come. As hardware performance and institutional and public interest continue to improve, the Meta-verse's development is hampered by limitations like computational method limits and a lack of realized collaboration between virtual world stakeholders and developers alike. A major goal of the proposed research was to verify the accuracy of the biometric system to enhance the security in virtual world. In this study, the precision of the proposed work was compared to that of previous work.

In this paper, we propose a novel watermarking-based copy deterrence scheme for identifying data leaks through authorized query users in secure image outsourcing systems. The scheme generates watermarks unique to each query user, which are embedded in the retrieved encrypted images. During unauthorized distribution, the watermark embedded in the image is extracted to determine the untrustworthy query user. Experimental results show that the proposed scheme achieves minimal information loss, faster embedding and better resistance to JPEG compression attacks compared with the state-of-the-art schemes.

The cutting-edge biometric recognition systems extract distinctive feature vectors of biometric samples using deep neural networks to measure the amount of (dis-)similarity between two biometric samples. Studies have shown that personal information (e.g., health condition, ethnicity, etc.) can be inferred, and biometric samples can be reconstructed from those feature vectors, making their protection an urgent necessity. State-of-the-art biometrics protection solutions are based on homomorphic encryption (HE) to perform recognition over encrypted feature vectors, hiding the features and their processing while releasing the outcome only. However, this comes at the cost of those solutions' efficiency due to the inefficiency of HE-based solutions with a large number of multiplications; for (dis-)similarity measures, this number is proportional to the vector's dimension. In this paper, we tackle the HE performance bottleneck by freeing the two common (dis-)similarity measures, the cosine similarity and the squared Euclidean distance, from multiplications. Assuming normalized feature vectors, our approach pre-computes and organizes those (dis-)similarity measures into lookup tables. This transforms their computation into simple table-lookups and summation only. We study quantization parameters for the values in the lookup tables and evaluate performances on both synthetic and facial feature vectors for which we achieve a recognition performance identical to the non-tabularized baseline systems. We then assess their efficiency under HE and record runtimes between 28.95ms and 59.35ms for the three security levels, demonstrating their enhanced speed.

Cancelable biometric is a new era of technology that deals with the protection of the privacy content of a person which itself helps in protecting the identity of a person. Here the biometric information instead of being stored directly on the authentication database is transformed into a non-invertible coded format that will be utilized for providing access. The conversion into an encrypted code requires the provision of an encryption key from the user side. Both invertible and non-invertible coding techniques are there but non-invertible one provides additional security to the user. In this paper, a non-invertible cancelable biometric method has been proposed where the biometric image information is canceled and encoded into a code using a user-provided encryption key. This code is generated from the image histogram after continuous bin updation to the maximal value and then it is encrypted by the Hill cipher. This code is stored on the database instead of biometric information. The technique is applied to a set of retinal information taken from the Indian Diabetic Retinopathy database.

In healthcare 4.0 ecosystems, authentication of healthcare information allows health stakeholders to be assured that data is originated from correct source. Recently, biometric based authentication is a preferred choice, but as the templates are stored on central servers, there are high chances of copying and generating fake biometrics. An adversary can forge the biometric pattern, and gain access to critical health systems. Thus, to address the limitation, the paper proposes a scheme, PHBio, where an encryption-based biometric system is designed prior before storing the template to the server. Once a user provides his biometrics, the authentication process does not decrypt the data, rather uses a homomorphic-enabled Paillier cryptosystem. The scheme presents the encryption and the comparison part which is based on euclidean distance (EUD) strategy between the user input and the stored template on the server. We consider the minimum distance, and compare the same with a predefined threshold distance value to confirm a biometric match, and authenticate the user. The scheme is compared against parameters like accuracy, false rejection rates (FARs), and execution time. The proposed results indicate the validity of the scheme in real-time health setups.

Advanced Encryption Standard (AES) algorithm plays an important role in a data security application. In general S-box module in AES will give maximum confusion and diffusion measures during AES encryption and cause significant path delay overhead. In most cases, either L UTs or embedded memories are used for S- box computations which are vulnerable to attacks that pose a serious risk to real-world applications. In this paper, implementation of the composite field arithmetic-based Sub-bytes and inverse Sub-bytes operations in AES is done. The proposed work includes an efficient multiple round AES cryptosystem with higher-order transformation and composite field s-box formulation with some possible inner stage pipelining schemes which can be used for throughput rate enhancement along with path delay optimization. Finally, input biometric-driven key generation schemes are used for formulating the cipher key dynamically, which provides a higher degree of security for the computing devices.

Biometric security is the fastest growing area that receives considerable attention over the past few years. Digital hiding and encryption technologies provide an effective solution to secure biometric information from intentional or accidental attacks. Visual cryptography is the approach utilized for encrypting the information which is in the form of visual information for example images. Meanwhile, the biometric template stored in the databases are generally in the form of images, the visual cryptography could be employed effectively for encrypting the template from the attack. This study develops a share creation with improved encryption process for secure biometric verification (SCIEP-SBV) technique. The presented SCIEP-SBV technique majorly aims to attain security via encryption and share creation (SC) procedure. Firstly, the biometric images undergo SC process to produce several shares. For encryption process, homomorphic encryption (HE) technique is utilized in this work. To further improve the secrecy, an improved bald eagle search (IBES) approach was exploited in this work. The simulation values of the SCIEP-SBV system are tested on biometric images. The extensive comparison study demonstrated the improved outcomes of the SCIEP-SBV technique over compared methods.

User authentication based on muscle tension manifested during password typing seems to be an interesting additional layer of security. It represents another way of verifying a person’s identity, for example in the context of continuous verification. In order to explore the possibilities of such authentication method, it was necessary to create a capturing software that records and stores data from EMG (electromyography) sensors, enabling a subsequent analysis of the recorded data to verify the relevance of the method. The work presented here is devoted to the design, implementation and evaluation of such a solution. The solution consists of a protocol and a software application for collecting multimodal data when typing on a keyboard. Myo armbands on both forearms are used to capture EMG and inertial data while additional modalities are collected from a keyboard and a camera. The user experience evaluation of the solution is presented, too.

Nowadays, biometric is a most technique to authenticate /identify human been, because its resistance against theft, loss or forgetfulness. However, biometric is subject to different transmission attacks. Today, the protection of the sensitive biometric information is a big challenge, especially in current wireless networks such as internet of things where the transmitted data is easy to sniffer. For that, this paper proposes an Eigens-Fingerprint-based biometric cryptosystem, where the biometric feature vectors are extracted by the Principal Component Analysis technique with an appropriate quantification. The key-binding principle incorporated with bit-wise and byte-wise correcting code is used for encrypting data and sharing key. Several recognition rates and computation time are used to evaluate the proposed system. The findings show that the proposed cryptosystem achieves a high security without decreasing the accuracy.

Nowadays, biometric-based authentication systems are widely used. This fact has led to increased attacks on biometric data of users. Therefore, biometric template protection is sure to keep the attention of researchers for the security of the authentication systems. Many previous works proposed the biometric template protection schemes by transforming the original biometric data into a secure domain, or establishing a cryptographic key with the use of biometric data. The main purpose was that fulfill the all three requirements: cancelability, security, and performance as many as possible. In this paper, using random projection merged with fuzzy commitment, we will introduce a hybrid scheme of biometric template protection. We try to limit their own drawbacks and take full advantages of these techniques at the same time. In addition, an analysis of non-invertibility property will be exercised with regards to the use of random projection aiming at enhancing the security of the system while preserving the discriminability of the original biometric template.

Mobile healthcare (mHealth) application and technologies have promised their cost-effectiveness to enhance healthcare quality, particularly in rural areas. However, the increased security incidents and leakage of patient data raise the concerns to address security risks and privacy issues of mhealth applications urgently. While recent mobile health applications that rely on password-based authentication cannot withstand password guessing and cracking attacks, several countermeasures such as One-Time Password (OTP), grid-based password, and biometric authentication have recently been implemented to protect mobile health applications. These countermeasures, however, can be thwarted by brute force attacks, man-in-the-middle attacks and persistent malware attacks. This paper proposed grid-based honey encryption by hybridising honey encryption with grid-based authentication. Compared to recent honey encryption limited in the hardening password attacks process, the proposed grid-based honey encryption can be further employed against shoulder surfing, smudge and replay attacks. Instead of rejecting access as a recent security defence mechanism in mobile healthcare applications, the proposed Grid-based Honey Encryption creates an indistinct counterfeit patient's record closely resembling the real patients' records in light of each off-base speculation legitimate password.

The theoretical basis made it possible to implement software for automated secure biometric verification and personal identification, which can be used by information security systems (including access control and management systems). The work is devoted to solving an urgent problem - the development of methods and algorithms for generating a key for a storage device based on biometric parameters. Biometric cryptosystems take advantage of biometrics to improve the security of encryption keys. The ability not to store a key that is derived from biometric data is a direct advantage of the method of generating cryptographic keys from biometric data of users over other existing encryption methods.

Biometric matching involves storing and processing sensitive user information. Maintaining the privacy of this data is thus a major challenge, and homomorphic encryption offers a possible solution. We propose a privacy-preserving biometrics-based authentication protocol based on fully homomorphic en-cryption, where the biometric sample for a user is gathered by a local device but matched against a biometric template by a remote server operating solely on encrypted data. The design ensures that 1) the user's sensitive biometric data remains private, and 2) the user and client device are securely authenticated to the server. A proof-of-concept implementation building on the TFHE library is also presented, which includes the underlying basic operations needed to execute the biometric matching. Performance results from the implementation show how complex it is to make FHE practical in this context, but it appears that, with implementation optimisations and improvements, the protocol could be used for real-world applications.

Biometric data is prone to attacks and threats from hackers who are professionals in cyber-crimes. Therefore, securing the data is very essential. Steganographic approach, which is a process of concealing data, is proposed as a solution to this. Biometrics are hidden inside other biometrics for safe storage and secure transmission. Also, it is designed to be robust against attacks, and cannot be detected easily. The intention of this paper is to highlight a method of hiding one image in another image by using mid position value(mpv) technique. Here we have to choose the secret biometric on which Arnold transform will be applied resulting in a scrambled version of the secret biometric. This will be enveloped inside cover image which results in a stego-image. Lastly, hidden secret biometric will be decoded from this stego image, which will first result in a scrambled secret biometric. Inverse Arnold Transform will be applied on this to finally result in the decoded secret biometric. The paper further explains the working and processes in detail.

Reversible data hiding (RDH) is an emerging area in the field of information security. The RDH schemes are widely explored in the field of cloud computing for data authentication and in medical image transmission for clinical data transmission along with medical images. The RDH schemes allow the data hider to embed sensitive information in digital content in such a way that later it can be extracted while recovering the original image. In this research, we explored the use of the RDH through the encryption scheme in a biometric authentication system. The internet of things (IoT) enabled biometric authentication systems are very common nowadays. In general, in biometric authentication, computationally complex tasks such as feature extraction and feature matching will be performed in a cloud server. The user-side devices will capture biometric data such as the face, fingerprint, or iris and it will be directly communicated to the cloud server for further processing. Since the confidentiality of biometric data needs to be maintained during the transmission, the original biometric data will be encrypted using any one of the data encryption techniques. In this manuscript, we propose the use of RDH through encryption approach to transmit two different biometric data as a single file without compromising confidentiality. The proposed scheme will ensure the integrity of the biometric data during transmission. For data hiding purposes, we have used a block-wise RDH through encryption scheme. The experimental study of the proposed scheme is carried out by embedding fingerprint data in the face images. The validation of the proposed scheme is carried out by extracting the fingerprint details from the face images during image decryption. The scheme ensures the exact recovery of face image images and fingerprint data at the receiver site.

Biometric methods are the most effective and accurate authentication methods. However, a significant drawback of such methods is the storage of authentication information in clear text. The article is devoted to solving this problem by means of symmetric encryption method and the method of dividing the memory space. The method of symmetric encryption ensures confidentiality during storage and transmission of biometric characteristics, the method of dividing the memory space provides an increase of information security level during processing of biometric characteristics.

In this study, a novel decentralized authentication model is proposed for establishing a secure communications structure in VoIP applications. The proposed scheme considers a distributed architecture called the blockchain. With this scheme, we highlight the multimedia data is more resistant to some of the potential attacks according to the centralized architecture. Our scheme presents the overall system authentication architecture, and it is suitable for mutual authentication in terms of privacy and anonymity. We construct an ECC-based model in the encryption infrastructure because our structure is time-constrained during communications. This study differs from prior work in that blockchain platforms with ECC-Based Biometric Signature. We generate a biometric key for creating a unique ID value with ECC to verify the caller and device authentication together in blockchain. We validated the proposed model by comparing with the existing method in VoIP application used centralized architecture.

The latest security methods are based on biometric features. The electrocardiogram is increasingly used in such systems because it provides biometric features that are difficult to falsify. This paper aims to study the use of the electrocardiogram together with the Convolutional Neural Networks, in order to identify the subjects based on the ECG signal and to improve the security. In this study, we used the Fantasia database, available on the PhysioNet platform, which contains 40 ECG recordings. The ECG signal is pre-processed, and then spectrograms are generated for each ECG signal. Spectrograms are applied to the input of several architectures of Convolutional Neural Networks like Inception-v3, Xception, MobileNet and NasNetLarge. An analysis of performance metrics reveals that the subject identification method based on ECG signal and CNNs provides remarkable results. The best accuracy value is 99.5% and is obtained for Inception-v3.

Despite the recent introduction of biometric identification technology, Personal Identification Numbers (PIN) are the standard for granting access to restricted areas and for authorizing operations on most systems, including mobile phones, payment devices, smart locks. Unfortunately, PINs have several inherent vulnerabilities and expose users to different types of social engineering attacks. Specifically, the risk of shoulder surfing in PIN-based authentication is especially high for individuals who are blind. In this paper, we introduce a new method for improving the trade-off between security and accessibility in PIN-based authentication systems. Our proposed solution aims at minimizing the threats posed by malicious agents while maintaining a low level of complexity for the user. We present the method and discuss the results of an evaluation study that demonstrates the advantages of our solution compared to state-of-the-art systems.

Privacy preserving scheme for face verification is a biometric system embedded with template protection to protect the data in ensuring data integrity. This paper proposes a new method called Histogram of Oriented Gradient Random Template Protection (HOGRTP). The proposed method utilizes Histogram of Oriented Gradient approach as a feature extraction technique and is combined with Random Template Protection method. The proposed method acts as a multi-factor authentication technique and adds a layer of data protection to avoid the compromising biometric issue because biometric is irreplaceable. The performance accuracy of HOGRTP is tested on the unconstrained face images using the benchmarked dataset, Labeled Face in the Wild (LFW). A promising result is obtained to prove that HOGRTP achieves a higher verification rate in percentage than the pure biometric scheme.

This paper contains analysis of methods of increasing the information protection from unauthorized access using a multifactor authentication algorithm; figuring out the best, most efficient and secure method of scanning biometric data; development of a method to store and compare a candidate’s and existisng system user’s information in steganographic space. The urgency of the work is confirmed by the need to increase information security of special infocommunication systems with the help of biometric information and protection of this information from intruders by means of steganographic transformation.

Cloud Computing is a technology which provides flexibility through scalability. Like, Cloud computing, nowadays, Fog computing is considered more revolutionary and dynamic technology. But the main problem with the Fog computing is to take care of its security as in this also person identification is done by single Sign-In system. To come out from the security problem raised in Fog computing, an innovative approach has been suggested here. In the present paper, an approach has been proposed that combines different biometric techniques to verify the authenticity of a person and provides a complete model that will be able to provide a necessary level of verification and security in fog computing. In this model, several biometric techniques have been used and each one of them individually helps extract out more authentic and detailed information after every step. Further, in the presented paper, different techniques and methodologies have been examined to assess the usefulness of proposed technology in reducing the security threats. The paper delivers a capacious technique for biometric authentication for bolstering the fog security.

The utilization of "cloud storage services (CSS)", empowering people to store their data in cloud and avoid from maintenance cost and local data storage. Various data integrity auditing (DIA) frameworks are carried out to ensure the quality of data stored in cloud. Mostly, if not all, of current plans, a client requires to utilize his private key (PK) to generate information authenticators for knowing the DIA. Subsequently, the client needs to have hardware token to store his PK and retain a secret phrase to actuate this PK. In this hardware token is misplaced or password is forgotten, the greater part of existing DIA plans would be not able to work. To overcome this challenge, this research work suggests another DIA without "private key storage (PKS)"plan. This research work utilizes biometric information as client's fuzzy private key (FPK) to evade utilizing hardware token. In the meantime, the plan might in any case viably complete the DIA. This research work uses a direct sketch with coding and mistake correction procedures to affirm client identity. Also, this research work plan another mark conspire that helps block less. Verifiability, yet in addition is viable with linear sketch Keywords– Data integrity auditing (DIA), Cloud Computing, Block less Verifiability, fuzzy biometric data, secure cloud storage (SCS), key exposure resilience (KER), Third Party Auditor (TPA), cloud audit server (CAS), cloud storage server (CSS), Provable Data Possession (PDP)

The use of wearable devices (e.g., smartwatches) in two factor authentication (2FA) is fast emerging, as wearables promise better usability compared to smartphones. Still, the current deployments of wearable 2FA have significant usability and security issues. Specifically, one-time PIN-based wearable 2FA (PIN-2FA) requires noticeable user effort to open the app and copy random PINs from the wearable to the login terminal's (desktop/laptop) browser. An alternative approach, based on one-tap approvals via push notifications (Tap-2FA), relies upon user decision making to thwart attacks and is prone to skip-through. Both approaches are also vulnerable to traditional phishing attacks. To address this security-usability tension, we introduce a fundamentally different design of wearable 2FA, called SG-2FA, involving wrist-movement “seamless gestures” captured near transparently by the second factor wearable device while the user types a very short special sequence on the browser during the login process. The typing of the special sequence creates a wrist gesture that when identified correctly uniquely associates the login attempt with the device's owner. The special sequence can be fixed (e.g., “\$@\$@\$\$”), does not need to be a secret, and does not need to be memorized (could be simply displayed on the browser). This design improves usability over PIN-2FA since only this short sequence has to be typed as part of the login process (no interaction with or diversion of attention to the wearable and copying of random PINs is needed). It also greatly improves security compared to Tap-2FA since the attacker can not succeed in login unless the user's wrist is undergoing the exact same gesture at the exact same time. Moreover, the approach is phishing-resistant and privacy-preserving (unlike behavioral biometrics). Our results show that SG-2FA incurs only minimal errors in both benign and adversarial settings based on appropriate parameterizations.

Machine learning methods are growing in relevance for biometrics and personal information processing in domains such as forensics, e-health, recruitment, and e-learning. In these domains, white-box (human-readable) explanations of systems built on machine learning methods can become crucial. Inductive Logic Programming (ILP) is a subfield of symbolic AI aimed to automatically learn declarative theories about the process of data. Learning from Interpretation Transition (LFIT) is an ILP technique that can learn a propositional logic theory equivalent to a given blackbox system (under certain conditions). The present work takes a first step to a general methodology to incorporate accurate declarative explanations to classic machine learning by checking the viability of LFIT in a specific AI application scenario: fair recruitment based on an automatic tool generated with machine learning methods for ranking Curricula Vitae that incorporates soft biometric information (gender and ethnicity). We show the expressiveness of LFIT for this specific problem and propose a scheme that can be applicable to other domains.