Biblio

This paper considers methods of fingerprint protection in biometric authentication systems. Including methods of protecting fingerprint templates using zero digital watermarks and cryptography techniques. The paper considers a secure authentication model using cryptography and digital watermarks.

Nowadays, face recognition is used everywhere in all fields. Though the face recognition is used for security purposes there is also chance in hacking the faces which is used for face recognition. For enhancing the face security, encryption and decryption technique is used. Face cognizance has been engaged in more than a few security-connected purposes such as supervision, e-passport, and etc… The significant use of biometric raises vital private concerns, in precise if the biometric same method is carried out at a central or unfrosted servers, and calls for implementation of Privacy improving technologies. For privacy concerns the encoding and decoding is used. For achieving the result we are using the Open Computer Vision (OpenCV) tool. With the help of this tool we are going to cipher the face and decode the face with advanced encryption standards techniques. OpenCV is the tool used in this project

Reversible data hiding (RDH) is an emerging area in the field of information security. The RDH schemes are widely explored in the field of cloud computing for data authentication and in medical image transmission for clinical data transmission along with medical images. The RDH schemes allow the data hider to embed sensitive information in digital content in such a way that later it can be extracted while recovering the original image. In this research, we explored the use of the RDH through the encryption scheme in a biometric authentication system. The internet of things (IoT) enabled biometric authentication systems are very common nowadays. In general, in biometric authentication, computationally complex tasks such as feature extraction and feature matching will be performed in a cloud server. The user-side devices will capture biometric data such as the face, fingerprint, or iris and it will be directly communicated to the cloud server for further processing. Since the confidentiality of biometric data needs to be maintained during the transmission, the original biometric data will be encrypted using any one of the data encryption techniques. In this manuscript, we propose the use of RDH through encryption approach to transmit two different biometric data as a single file without compromising confidentiality. The proposed scheme will ensure the integrity of the biometric data during transmission. For data hiding purposes, we have used a block-wise RDH through encryption scheme. The experimental study of the proposed scheme is carried out by embedding fingerprint data in the face images. The validation of the proposed scheme is carried out by extracting the fingerprint details from the face images during image decryption. The scheme ensures the exact recovery of face image images and fingerprint data at the receiver site.

When biometric databases grow larger, a security breach or leak can affect millions. In order to protect against such a threat, the use of encryption is a natural choice. However, a biometric identification attempt then requires the decryption of a potential huge database, making a traditional approach potentially unfeasible. The use of selective JPEG2000 encryption can reduce the encryption’s computational load and enable a secure storage of biometric sample data. In this paper we will show that selective encryption of face biometric samples is secure. We analyze various encoding settings of JPEG2000, selective encryption parameters on the "Labeled Faces in the Wild" database and apply several traditional and deep learning based face recognition methods.

Biometric methods are the most effective and accurate authentication methods. However, a significant drawback of such methods is the storage of authentication information in clear text. The article is devoted to solving this problem by means of symmetric encryption method and the method of dividing the memory space. The method of symmetric encryption ensures confidentiality during storage and transmission of biometric characteristics, the method of dividing the memory space provides an increase of information security level during processing of biometric characteristics.

Enhancement of the vanilla generative adversarial network (GAN) to preserve data variability in the presence of real world noise is of paramount significance in deep learning. In this study, we proposed a new distance metric of cosine distance in the framework of optimal transport (OT), and presented and validated a convolutional neural network (CNN) based GAN framework. In comparison with state-of-the-art methods based on Graphics Processing Units (GPU), the proposed framework could maintain the data diversity and quality best in terms of inception score (IS), Fréchet inception distance (FID) and enhancing the classification network of bone age, and is robust to noise degradation. The proposed framework is independent of hardware and thus could also be extended to more advanced hardware such as specialized Tensor Processing Units (TPU), and could be a potential built-in component of a general deep learning networks for such applications as image classification, segmentation, registration, and object detection.

We introduce the novel concept of feature popularity with three different web attacks and big data from the CSE-CIC-IDS2018 dataset: Brute Force, SQL Injection, and XSS web attacks. Feature popularity is based upon ensemble Feature Selection Techniques (FSTs) and allows us to more easily understand common important features between different cyberattacks, for two main reasons. First, feature popularity lists can be generated to provide an easy comprehension of important features across different attacks. Second, the Jaccard similarity metric can provide a quantitative score for how similar feature subsets are between different attacks. Both of these approaches not only provide more explainable and easier-to-understand models, but they can also reduce the complexity of implementing models in real-world systems. Four supervised learning-based FSTs are used to generate feature subsets for each of our three different web attack datasets, and then our feature popularity frameworks are applied. For these three web attacks, the XSS and SQL Injection feature subsets are the most similar per the Jaccard similarity. The most popular features across all three web attacks are: Flow\_Bytes\_s, FlowİAT\_Max, and Flow\_Packets\_s. While this introductory study is only a simple example using only three web attacks, this feature popularity concept can be easily extended, allowing an automated framework to more easily determine the most popular features across a very large number of attacks and features.

Direct-access attacks were initially considered as un-realistic threats in cyber security because the attacker can more easily mount other non-computerized attacks like cutting a brake line. In recent years, some research into direct-access attacks have been conducted especially in the automotive field, for example, research on an attack method that makes the ECU stop functioning via the CAN bus. The problem with existing risk quantification methods is that direct-access attacks seem not to be recognized as serious threats. To solve this problem, we propose a new risk quantification method by applying vulnerability evaluation criteria and by setting metrics. We also confirm that direct-access attacks not recognized by conventional methods can be evaluated appropriately, using the case study of an automotive system as an example of a cyber-physical system.

Malicious Webpages have been a serious threat on Internet for the past few years. As per the latest Google Transparency reports, they continue to be top ranked amongst online threats. Various techniques have been used till date to identify malicious sites, to include, Static Heuristics, Honey Clients, Machine Learning, etc. Recently, with the rapid rise of Deep Learning, an interest has aroused to explore Deep Learning techniques for detecting Malicious Webpages. In this paper Deep Learning has been utilized for such classification. The model proposed in this research has used a Deep Neural Network (DNN) with two hidden layers to distinguish between Malicious and Benign Webpages. This DNN model gave high accuracy of 99.81% with very low False Positives (FP) and False Negatives (FN), and with near real-time response on test sample. The model outperformed earlier machine learning solutions in accuracy, precision, recall and time performance metrics.

Adversarial machine learning, a technique which seeks to deceive machine learning (ML) models, threatens the utility and reliability of ML systems. This is particularly relevant in critical ML implementations such as those found in Network Intrusion Detection Systems (NIDS). This paper considers the impact of adversarial influence on NIDS and proposes ways to improve ML based systems. Specifically, we consider five feature robustness metrics to determine which features in a model are most vulnerable, and four defense methods. These methods are tested on six ML models with four adversarial sample generation techniques. Our results show that across different models and adversarial generation techniques, there is limited consistency in vulnerable features or in effectiveness of defense method.

This study shows the effectiveness of anomaly-based IDS using long short-term memory(LSTM) based on the newly developed dataset called UNSW-NB15 while considering root mean square error and mean absolute error as evaluation metrics for accuracy. For each attack, 80% and 90% of samples were used as LSTM inputs and trained this model while increasing epoch values. Furthermore, this model has predicted attack points by applying test data and produced possible attack points for each attack at the 3rd time frame against the actual attack point. However, in the case of an Exploit attack, the consecutive overlapping attacks happen, there was ambiguity in the interpretation of the numerical values calculated by the LSTM. We presented a methodology for training data with binary values using LSTM and evaluation with RMSE metrics throughout this study.

We present a simple approach for detecting brute force attacks in the CSE-CIC-IDS2018 Big Data dataset. We show our approach is preferable to more complex approaches since it is simpler, and yields stronger classification performance. Our contribution is to show that it is possible to train and test simple Decision Tree models with two independent variables to classify CSE-CIC-IDS2018 data with better results than reported in previous research, where more complex Deep Learning models are employed. Moreover, we show that Decision Tree models trained on data with two independent variables perform similarly to Decision Tree models trained on a larger number independent variables. Our experiments reveal that simple models, with AUC and AUPRC scores greater than 0.99, are capable of detecting brute force attacks in CSE-CIC-IDS2018. To the best of our knowledge, these are the strongest performance metrics published for the machine learning task of detecting these types of attacks. Furthermore, the simplicity of our approach, combined with its strong performance, makes it an appealing technique.

Privacy-Preserving Data Mining (PPDM) has become an exciting topic to discuss in recent decades due to the growing interest in big data and data mining. A technique of securing data but still preserving the privacy that is in it. This paper provides an alternative perturbation-based PPDM technique which is carried out by modifying the RNP algorithm. The novelty given in this paper are modifications of some steps method with a specific purpose. The modifications made are in the form of first narrowing the selection of the disturbance value. With the aim that the number of attributes that are replaced in each record line is only as many as the attributes in the original data, no more and no need to repeat; secondly, derive the perturbation function from the cumulative distribution function and use it to find the probability distribution function so that the selection of replacement data has a clear basis. The experiment results on twenty-five perturbed data show that the modified RNP algorithm balances data utility and security level by selecting the appropriate disturbance value and perturbation value. The level of security is measured using privacy metrics in the form of value difference, average transformation of data, and percentage of retains. The method presented in this paper is fascinating to be applied to actual data that requires privacy preservation.

The existing education system, which incorporates school assessments, has some flaws. Conventional teaching methods give students no immediate feedback, also make teachers to spend hours grading repetitive assignments, and aren't very constructive in showing students how to improve in their academics, and also fail to take advantage of digital opportunities that can improve learning outcomes. In addition, since a single teacher has to manage a class of students, it gets difficult to focus on each and every student in the class. Furthermore, with the help of a management system for better learning, educational organizations can now implement administrative analytics and execute new business intelligence using big data. This data visualization aids in the evaluation of teaching, management, and study success metrics. In this paper, there is put forward a discussion on how Data Mining and Data Analytics can help make the experience of learning and teaching both, easier and accountable. There will also be discussion on how the education organization has undergone numerous challenges in terms of effective and efficient teachings, student-performance. In addition development, and inadequate data storage, processing, and analysis will also be discussed. The research implements Python programming language on big education data. In addition, the research adopted an exploratory research design to identify the complexities and requirements of big data in the education field.

Cloud computing, supported by advancements in virtualisation and distributed computing, became the default options for implementing the IT infrastructure of organisations. Medical data and in particular medical images have increasing storage space and remote access requirements. Cloud computing satisfies these requirements but unclear safeguards on data security can expose sensitive data to possible attacks. Furthermore, recent changes in legislation imposed additional security constraints in technology to ensure the privacy of individuals and the integrity of data when stored in the cloud. In contrast with this trend, current data security methods, based on encryption, create an additional overhead to the performance, and often they are not allowed in public cloud servers. Hence, this paper proposes a mechanism that combines data fragmentation to protect medical images on the public cloud servers, and a NoSQL database to secure an efficient organisation of such data. Results of this paper indicate that the latency of the proposed method is significantly lower if compared with AES, one of the most adopted data encryption mechanisms. Therefore, the proposed method is an optimal trade-off in environments with low latency requirements or limited resources.

The widespread use of smartphones has made the gadget a prime source of evidence for crime investigators. The cloud-based applications on mobile devices store a rich set of evidence in the cloud servers. The physical acquisition of Android devices reveals only minimal data of cloud-based apps. However, the artifacts collected from mobile devices can be used for data acquisition from cloud servers. This paper focuses on the forensic acquisition and analysis of cloud data of Google apps on Android devices. The proposed methodology uses the tokens extracted from the Android devices to get authenticated to the Google server bypassing the two-factor authentication scheme and access the cloud data for further analysis. Based on the investigation, we have also developed a tool to acquire, preserve and analyze cloud data in a forensically sound manner.

Recently, as a result of the COVID-19 pandemic, the internet service has seen an upsurge in use. As a result, the usage of cloud computing apps, which offer services to end users on a subscription basis, rises in this situation. However, the availability and efficiency of cloud computing resources are impacted by DDoS attacks, which are designed to disrupt the availability and processing power of cloud computing services. Because there is no effective way for detecting or filtering DDoS attacks, they are a dependable weapon for cyber-attackers. Recently, researchers have been experimenting with machine learning (ML) methods in order to create efficient machine learning-based strategies for detecting DDoS assaults. In this context, we propose a technique for detecting DDoS attacks in a cloud computing environment using big data and deep learning algorithms. The proposed technique utilises big data spark technology to analyse a large number of incoming packets and a deep learning machine learning algorithm to filter malicious packets. The KDDCUP99 dataset was used for training and testing, and an accuracy of 99.73% was achieved.

Data and veracious information are an important feature of any organization; it takes special care as a like asset of the organization. Cloud computing system main target to provide service to the user like high-speed access user data for storage and retrieval. Now, big concern is data protection in cloud computing technology as because data leaking and various malicious attacks happened in cloud computing technology. This study provides user data protection in the cloud storage device. The article presents the architecture of a data security hybrid infrastructure that protects and stores the user data from the unauthenticated user. In this hybrid model, we use a different type of security model.

Cloud computing has become ubiquitous in the modern world and has offered a number of promising and transformative technological opportunities. However, organizations that use cloud platforms are also concerned about cloud security and new threats that arise due to cloud adoption. Digital forensic investigations (DFI) are undertaken when a security incident (i.e., successful attack) has been identified. Forensics data collection is an integral part of DFIs. This paper presents results from a survey of existing literature on challenges related to forensics data collection in cloud. A taxonomy of major challenges was developed to help organizations understand and thus better prepare for forensics data collection.

The rapid development of blockchain application technology promotes continuous exploration in the field of computer application science. Although it is still in the initial stage of development, the technical features of blockchain technology such as decentralization, identity verification, tamper resistance, data integrity, and security are regarded as excellent solutions to today's computer security technical problems. In this paper, we will analyze and compare blockchain data storage and cloud data processing technologies, focusing on the concept and technology of blockchain distributed data storage technology, and analyze and summarize the key issues. The results of this paper will provide a useful reference for the application and research of blockchain technology in cloud storage security.

Big data emerges as an important technology that addresses the storage, processing and analytics aspects of massive data characterized by 5V's (volume, velocity, variety, veracity, value) which has grown exponentially beyond the handling capacity traditional data architectures. The most significant technologies include the parallel storage and processing framework which requires entirely new IT infrastructures to facilitate big data adoption. Cloud computing emerges as a successful paradigm in computing technology that shifted the business landscape of IT infrastructures towards service-oriented basis. Cloud service providers build IT infrastructures and technologies and offer them as services which can be accessed through internet to the consumers. This paper discusses on the facilitating role of cloud computing in the field of big data analytics. Cloud deployment models concerning the architectural aspect and the current trend of adoption are introduced. The fundamental cloud services models concerning the infrastructural and technological provisioning are introduced while the emerging cloud services models related to big data are discussed with examples of technology platforms offered by the big cloud service providers - Amazon, Google, Microsoft and Cloudera. The main advantages of cloud adoption in terms of availability and scalability for big data are reiterated. Lastly, the challenges concerning cloud security, data privacy and data governance of consuming and adopting big data in the cloud are highlighted.

The era of big data continues to progress, and many new practices and applications are being advanced. One such application is big data in healthcare. In this application, big data, which includes patient information and measurements, must be transmitted and managed in smart and secure ways. In this study, we propose a novel big data cloud system, s2Cloud, standing for Smart and Secure Cloud. s2Cloud can enable health care systems to improve patient monitoring and help doctors gain crucial insights into their patients' health. This system provides an interactive website that allows doctors to effectively manage patients and patient records. Furthermore, both real-time and historical functions for big data management are supported. These functions provide visualizations of patient measurements and also allow for historic data retrieval so further analysis can be conducted. The security is achieved by protecting access and transmission of data via sign up and log in portals. Overall, the proposed s2Cloud system can effectively manage healthcare big data applications. This study will also help to advance other big data applications such as smart home and smart world big data practices.

In view of the continuous progress of current science and technology, cloud computing has been widely used in various fields. This paper proposes a secure data storage architecture based on cloud computing. The architecture studies the security issues of cloud computing from two aspects: data storage and data security, and proposes a data storage mode based on Cache and a data security mode based on third-party authentication, thereby improving the availability of data, from data storage to transmission. Corresponding protection measures have been established to realize effective protection of cloud data.

In the big data cloud computing environment, data security issues have become a focus of attention. This paper delivers an overview of conceptions, characteristics and advanced technologies for big data cloud computing. Security issues of data quality and privacy control are elaborated pertaining to data access, data isolation, data integrity, data destruction, data transmission and data sharing. Eventually, a virtualization architecture and related strategies are proposed to against threats and enhance the data security in big data cloud environment.

The subgraph matching problem arises in a number of modern machine learning applications including segmented images and meshes of 3D objects for pattern recognition, bio-chemical reactions and security applications. This graph-based problem can have a very large and complex solution space especially when the world graph has many more nodes and edges than the template. In a real use-case scenario, analysts may need to query additional information about template nodes or world nodes to reduce the problem size and the solution space. Currently, this query process is done by hand, based on the personal experience of analysts. By analogy to the well-known active learning problem in machine learning classification problems, we present a machine-based active learning problem for the subgraph match problem in which the machine suggests optimal template target nodes that would be most likely to reduce the solution space when it is otherwise overly large and complex. The humans in the loop can then include additional information about those target nodes. We present some case studies for both synthetic and real world datasets for multichannel subgraph matching.