Dissertations / Theses on the topic 'Fingerprint Security'
To see the other types of publications on this topic, follow the link: Fingerprint Security.
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 27 dissertations / theses for your research on the topic 'Fingerprint Security.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse dissertations / theses on a wide variety of disciplines and organise your bibliography correctly.
1
Arakala, Arathi, and arathi arakala@ems rmit edu au. "Secure and Private Fingerprint-based Authentication." RMIT University. Mathematical and Geospatial Sciences, 2008. http://adt.lib.rmit.edu.au/adt/public/adt-VIT20081128.102017.
Full textAbstract:
This thesis studies the requirements and processes involved in building an authentication system using the fingerprint biometric, where the fingerprint template is protected during storage and during comparison. The principles developed in this thesis can be easily extended to authentication systems using other biometric modalities. Most existing biometric authentication systems store their template securely using an encryption function. However, in order to perform matching, the enrolled template must be decrypted. It is at this point that the authentication system is most vulnerable as the entire enrolled template is exposed. A biometric is irreplaceable if compromised and can also reveal sensitive information about an individual. If biometric systems are taken up widely, the template could also be used as an individual's digital identifier. Compromise in that case, violates an individual's right to privacy as their transactions in all systems where they used that compromised biometric can be tracked. Therefore securing a biometric template during comparison as well as storage in an authentication system is imperative. Eight different fingerprint template representation techniques, where templates were treated as a set of elements derived from the locations and orientations of fingerprint minutiae, were studied. Four main steps to build any biometric based authentication system were identified and each of the eight fingerprint template representations was inducted through the four steps. Two distinct Error Tolerant Cryptographic Constructs based on the set difference metric, were studied for their ability to securely store and compare each of the template types in an authentication system. The first construct was found to be unsuitable for a fundamental reason that would apply to all the template types considered in the research. The second construct did not have the limitation of the first and three algorithms to build authentication systems using the second construct were proposed. It was determined that minutiae-based templates had significant intra sample variation as a result of which a very relaxed matching threshold had to be set in the authentication system. The relaxed threshold caused the authentication systems built using the first two algorithms to reveal enough information about the stored templates to render them insecure. It was found that in cases of such large intra-sample variation, a commonality based match decision was more appropriate. One solution to building a secure authentication system using minutiae-based templates was demonstrated by the third algorithm which used a two stage matching process involving the second cryptographic construct and a commonality based similarity measure in the two stages respectively. This implementation was successful in securing the fingerprint template during comparison as well as storage, with minimal reduction in accuracy when compared to the matching performance without the cryptographic construct. Another solution is to use an efficient commonality based error tolerant cryptographic construct. This thesis lists the desirable characteristics of such a construct as existence of any is unknown to date. This thesis concludes by presenting good guidelines to evaluate the suitability of different cryptographic constructs to protect biometric templates of other modalities in an authentication system.
2
Judd, Aaron C. "Improved Network Security and Disguising TCP/IP Fingerprint Through Dynamic Stack Modification /." Thesis, Monterey, Calif. : Springfield, Va. : Naval Postgraduate School ; Available from National Technical Information Service, 2005. http://library.nps.navy.mil/uhtbin/hyperion/05Sep%5FJudd.pdf.
Full text
3
Sundblad, Anton, and Gustaf Brunberg. "Secure hypervisor versus trusted execution environment : Security analysis for mobile fingerprint identification applications." Thesis, Linköpings universitet, Databas och informationsteknik, 2017. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-139227.
Full textAbstract:
Fingerprint identification is becoming increasingly popular as a means of authentication for handheld devices of different kinds. In order to secure such an authentication solution it is common to use a TEE implementation. This thesis examines the possibility of replacing a TEE with a hypervisor-based solution instead, with the intention of keeping the same security features that a TEE can offer. To carry out the evaluation a suitable method is constructed. This method makes use of fault trees to be able to find possible vulnerabilities in both systems, and these vulnerabilities are then documented. The vulnerabilities of both systems are also compared to each other to identify differences in how they are handled. It is concluded that if the target platform has the ability to implement a TEE solution, it can also implement the same solution using a hypervisor. However, the authors recommend against porting a working TEE solution, as TEEs often offer finished APIs for common operations that would require re-implementation in the examined hypervisor.
4
Blommé, Johan. "Evaluation of biometric security systems against artificial fingers." Thesis, Linköping University, Department of Electrical Engineering, 2003. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-1145.
Full textAbstract:
Verification of users’ identities are normally carried out via PIN-codes or ID- cards. Biometric identification, identification of unique body features, offers an alternative solution to these methods.
Fingerprint scanning is the most common biometric identification method used today. It uses a simple and quick method of identification and has therefore been favored instead of other biometric identification methods such as retina scan or signature verification.
In this report biometric security systems have been evaluated based on fingerprint scanners. The evaluation method focuses on copies of real fingers, artificial fingers, as intrusion method but it also mentions currently used algorithms for identification and strengths and weaknesses in hardware solutions used.
The artificial fingers used in the evaluation were made of gelatin, as it resembles the surface of human skin in ways of moisture, electric resistance and texture. Artificial fingers were based on ten subjects whose real fingers and artificial counterpart were tested on three different fingerprint scanners. All scanners tested accepted artificial fingers as substitutes for real fingers. Results varied between users and scanners but the artificial fingers were accepted between about one forth and half of the times.
Techniques used in image enhancement, minutiae analysis and pattern matching are analyzed. Normalization, binarization, quality markup and low pass filtering are described within image enhancement. In minutiae analysis connectivity numbers, point identification and skeletonization (thinning algorithms) are analyzed. Within pattern matching, direction field analysis and principal component analysis are described. Finally combinations of both minutiae analysis and pattern matching, hybrid models, are mentioned.
Based on experiments made and analysis of used techniques a recommendation for future use and development of fingerprint scanners is made.
5
Jayapal, Ranjith. "Biometric encryption system for increased security." UNF Digital Commons, 2017. http://digitalcommons.unf.edu/etd/746.
Full textAbstract:
Security is very important in present day life. In this highly-interconnected world, most of our daily activities are computer based, and the data transactions are protected by passwords. These passwords identify various entities such as bank accounts, mobile phones, etc. People might reuse the same password, or passwords related to an individual that can lead to attacks. Indeed, remembering several passwords can become a tedious task. Biometrics is a science that measures an individual’s physical characteristics in a unique way. Thus, biometrics serves as a method to replace the cumbersome use of complex passwords. Our research uses the features of biometrics to efficiently implement a biometric encryption system with a high level of security.
6
Born, Kenton P. "Combating client fingerprinting through the real-time detection and analysis of tailored web content." Diss., Kansas State University, 2012. http://hdl.handle.net/2097/13277.
Full textAbstract:
Doctor of PhilosophyDepartment of Computing Science
David Gustafson
The web is no longer composed of static resources. Technology and demand have driven the web towards a complex, dynamic model that tailors content toward specific client fingerprints. Servers now commonly modify responses based on the browser, operating system, or location of the connecting client. While this information may be used for legitimate purposes, malicious adversaries can also use this information to deliver misinformation or tailored exploits. Currently, there are no tools that allow a user to detect when a response contains tailored content. Developing an easily configurable multiplexing system solved the problem of detecting tailored web content. In this solution, a custom proxy receives the initial request from a client, duplicating and modifying it in many ways to change the browser, operating system, and location-based client fingerprint. All of the requests with various client fingerprints are simultaneously sent to the server. As the responses are received back at the proxy, they are aggregated and analyzed against the original response. The results of the analysis are then sent to the user along with the original response. This process allowed the proxy to detect tailored content that was previously undetectable through casual browsing. Theoretical and empirical analysis was performed to ensure the multiplexing proxy detected tailored content at an acceptable false alarm rate. Additionally, the tool was analyzed for its ability to provide utility to open source analysts, cyber analysts, and reverse engineers. The results showed that the proxy is an essential, scalable tool that provides capabilities that were not previously available.
7
Breedt, Morne. "Integrating biometric authentication into multiple applications." Diss., University of Pretoria, 2005. http://hdl.handle.net/2263/27605.
Full textAbstract:
The Internet has grown from its modest academic beginnings into an important, global communication medium. It has become a significant, intrinsic part of our lives, how we distribute information and how we transact. It is used for a variety of purposes, including: banking; home shopping; commercial trade - using EDI (Electronic Data Interchange); and to gather information for market research and other activities. Owing to its academic origins, the early developers of the Internet did not focus on security. However, now that it has rapidly evolved into an extensively used, global commercial transaction and distribution channel, security has become a big concern. Fortunately, the field of information security has started to evolve in response and is fast becoming an important discipline with a sound theoretical basis. The discipline views the twin processes of identification and authentication as crucial aspects of information security. An individual access attempt must be identifiable prior to access being authorised otherwise system confidentiality cannot be enforced nor integrity safeguarded. Similarly, non-denial becomes impossible to instigate since the system is unable to log an identity against specific transactions. Consequently, identification and authentication should always be viewed as the first step to successfully enforcing information security. The process of identification and authorisation is, in essence, the ability to prove or verify an identity. This is usually accomplished using either one or a combination of the following three traditional identification techniques: something you possess; something you know; or something you are. A critical consideration when designing an application is which identification method, or combination of methods, from the three described above to use. Each method offers its own pros and cons and there are many ways to compare and contrast them. The comparison made in this study identifies biometrics as the best solution in a distributed application environment. There are, however, two over-arching hindrances to its widespread adoption. The first is the environment’s complexity - with multiple applications being accessed by both the public and the private sectors - and the second is that not all biometrics are popular and no single method has universe appeal. The more significant hindrance of the two is the latter, that of acceptance and trust, because it matters little how good or efficient a system is if nobody is willing to use it. This observation suggests that the identification system needs to be made as flexible as possible. In a democratic society, it could be argued that the best way of ensuring the successful adoption of a biometric system would be to allow maximum freedom of choice and let users decide which biometric method they would like to use. Although this approach is likely to go a long way towards solving the acceptance issue, it increases the complexity of the environment significantly. This study attempts to solve this problem by reducing the environment’s complexity while simultaneously ensuring the user retains maximum biometric freedom of choice. This can be achieved by creating a number of central biometric repositories. Each repository would be responsible for maintaining a biometric template data store for a type of biometric. These repositories or “Biometric Authorities” would act as authentication facilitators for a wide variety of applications and free them from that responsibility.Dissertation (MSc (Computer Engineering))--University of Pretoria, 2007.
Electrical, Electronic and Computer Engineering
MSc
unrestricted
8
Hanner, Martin, and Tobias Björk. "Biometri vid fysisk access : En jämförande studie mellan ansiktsigenkänning och fingeravtrycksavläsning." Thesis, Växjö University, School of Mathematics and Systems Engineering, 2006. http://urn.kb.se/resolve?urn=urn:nbn:se:vxu:diva-910.
Full textAbstract:
In today’s society, people often find themselves in situations where they need to be identified;for example when we buy alcohol, need to use an ATM or log on to our e-mail account. The most common methods today that are used for these kinds of matters are antiquated, and in
the meantime, criminals all over the world get more sophisticated. Companies invest billions every day in order to protect their interests. Maybe it’s time that we finally give biometrics the
attention that it deserves.
This essay aims to describe the biometric methods that are available today, find some of the most effective when it comes to physical access and make a comparison. Face recognition and fingerprint scanning will be described more thoroughly. Pros and cons will be analyzed and the theory will be linked to interviews with three Swedish organisations.
I dagens samhälle hamnar vi människor regelbundet i situationer där vi blir tvungna att identifiera oss. Det kan till exempelvis vara när vi köper alkohol, tar ut pengar eller loggar in på vårt e-mailkonto. De vanligaste metoderna, som idag används för dessa identifieringar, har funnits länge och är föråldrade och i takt med detta blir brottslingar världen allt mer sofistikerade. Dagligen investerar företag världen över miljarder för att skydda exempelvis
data med hjälp av koder och andra mjukvaruinstallationer. Kanske är det istället dags för att vi ger biometrin en ordentlig chans.
Den här uppsatsen syftar till att redogöra för de biometriska säkerhetsmetoder som finns tillgängliga, identifiera några av de effektivaste när det gäller fysisk access och jämföra dessa med varandra. Det är framförallt ansiktsigenkänning och fingeravtrycksavläsning som kommer att ges mycket plats i studien. För- och nackdelar kommer att tas upp och teorin kommer att kopplas till intervjuer gjorda med tre svenska företag.
9
Chitiprolu, Jyothi. "Three Factor Authentication Using Java Ring and Biometrics." ScholarWorks@UNO, 2004. http://scholarworks.uno.edu/td/187.
Full textAbstract:
Computer security is a growing field in the IT industry. One of the important aspects of the computer security is authentication. Using passwords (something you know) is one of the most common ways of authentications. But passwords have proven to provide weak level of security as they can be easily compromised. Some other ways of authenticating a user are using physical tokens, (something you possess) and biometrics, (something you are). Using any one of these techniques to secure a system always has its own set of threats. One way to make sure a system is secure is to use multiple factors to authenticate. One of the ways to use multiple factors is to use all the three factors of authentication, something you possess, something you are and something you know. This thesis discusses about different ways of authentication and implements a system using three factor authentication. It takes many security aspects of the system into consideration while implementing it, to make it secure.
10
Gajland, Phillip. "On Statistical Properties of Arbiter Physical Unclonable Functions." Thesis, KTH, Skolan för elektroteknik och datavetenskap (EECS), 2018. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-230672.
Full textAbstract:
The growing interest in the Internet of Things (IoT) has led to predictions claiming that by 2020 we can expect to be surrounded by 50 billion Internet connected devices. With more entry points to a network, adversaries can potentially use IoT devices as a stepping stone for attacking other devices connected to the network or the network itself. Information security relies on cryptographic primitives that, in turn, depend on secret keys. Furthermore, the issue of Intellectual property (IP) theft in the field of Integrated circuit (IC) design can be tackled with the help of unique device identifiers. Physical unclonable functions (PUFs) provide a tamper-resilient solution for secure key storage and fingerprinting hardware. PUFs use intrinsic manufacturing differences of ICs to assign unique identities to hardware. Arbiter PUFs utilise the differences in delays of identically designed paths, giving rise to an unpredictable response unique to a given IC. This thesis explores the statistical properties of Boolean functions induced by arbiter PUFs. In particular, this empirical study looks into the distribution of induced functions. The data gathered shows that only 3% of all possible 4-variable functions can be induced by a single 4 stage arbiter PUF. Furthermore, some individual functions are more than 5 times more likely than others. Hence, the distribution is non-uniform. We also evaluate alternate PUF designs, improving the coverage vastly, resulting in one particular implementation inducing all 65,536 4-variable functions. We hypothesise the need for n XORed PUFs to induce all 22n possible n-variable Boolean functions.
11
Al-Harby, Fahad M. "Biometric authentication systems for secured e-transactions in Saudi Arabia. An empirical investigation of the factors affecting users' acceptance of fingerprint authentication systems to improve online security for e-commerce and e-government websites in Saudi Arabia." Thesis, University of Bradford, 2010. http://hdl.handle.net/10454/4415.
Full textAbstract:
Security is becoming an increasingly important issue for business, and with it comes the need for appropriate authentication; consequently, it is becoming gradually more important to develop secure e-commerce systems. Fraud via the web, identity theft, and phishing are raising concerns for users and financial organisations. In addition, current authentication methods, like passwords, have many problems (e.g. some users write them down, they forget them, or they make them easy to hack). We can overcome these drawbacks by using biometric authentication systems. Biometric systems are being used for personal authentication in response to the rising issue of authentication and security. Biometrics provide much promise, in terms of preserving our identities without the inconvenience of carrying ID cards and/or remembering passwords.
This research is important because the securing of e-commerce transactions is becoming increasingly important. Identity theft, hacking and viruses are growing threats to Internet users. As more people use the Internet, more identity theft cases are being reported. This could harm not only the users, but also the reputation of the organisations whose names are used in these illegal acts. For example, in the UK, online banking fraud doubled in 2008 compared to 2007. More users took to e-shopping and online banking, but failed to take necessary protection. For non-western cultures, the figures for web security, in 2008, illustrated that Saudi Arabia was ranked ninth worldwide for users who had been attacked over the web. The above statistics reflect the significance of information security with e-commerce systems.
As with any new technology, user acceptance of the new technology is often hard to measure. In this thesis, a study of user acceptance of biometric authentication systems in e-transactions, such as online banking, within Saudi society was conducted. It examined whether Saudis are practically willing to accept this technology. This thesis focuses upon Saudi Arabia, which has developing economy. It has achieved a rapid rate of growth, and therefore makes an interesting and unique case study.
From an economist¿s point of view, Saudi Arabia is the powerhouse of the Middle East. It has the leading regional economy, and, even though it is still relatively young. It has a young and rapid growing population; therefore, this makes Saudi Arabia an attractive potential market for all kinds of e-commerce applications. Having said that, with more than half of population under the age of 30 are more to be expected to take the risk of accepting new technology.
For this work, 306 Saudi participants were involved in the experiments. A laboratory experiment was created that actively tested a biometric authentication system in combination with a survey. The Technology Acceptance Model (TAM) was adopted in the first experimental phase as the theoretical basis on which to develop the
iv
research framework, the model has proven its efficiency as a good predictor for the biometric authentication system.
Furthermore, in a second experimental phase, the Unified Theory of Acceptance and Use of Technology (UTAUT) with moderating variables such as age, gender and education level was examined as a proposed conceptual framework to overcome the limitations of TAM. The aim of the study was to explore factors affecting users¿ acceptance of biometric authentication systems. The findings from Structural Equation Modelling (SEM) analysis indicate that education level is a significant moderating factor, while gender and age do not record as significant.
This thesis added new knowledge to this field and highlighted the importance of the perceptions of users regarding biometric security technologies. It helps determine the factors affecting the acceptance of biometric technology. To our knowledge, this is the first systematic study of this issue carried out by academic and non-biased researchers in Saudi Arabia.
Furthermore, the thesis presents security technology companies and developers of information security products with information to help in the determination of what is significant to their user base when taking into account the introduction of new secure systems and products.
12
Al-Harby, Fahad Mohammed. "Biometric authentication systems for secured e-transactions in Saudi Arabia : an empirical investigation of the factors affecting users' acceptance of fingerprint authentication systems to improve online security for e-commerce and e-government websites in Saudi Arabia." Thesis, University of Bradford, 2010. http://hdl.handle.net/10454/4415.
Full textAbstract:
Security is becoming an increasingly important issue for business, and with it comes the need for appropriate authentication; consequently, it is becoming gradually more important to develop secure e-commerce systems. Fraud via the web, identity theft, and phishing are raising concerns for users and financial organisations. In addition, current authentication methods, like passwords, have many problems (e.g. some users write them down, they forget them, or they make them easy to hack). We can overcome these drawbacks by using biometric authentication systems. Biometric systems are being used for personal authentication in response to the rising issue of authentication and security. Biometrics provide much promise, in terms of preserving our identities without the inconvenience of carrying ID cards and/or remembering passwords. This research is important because the securing of e-commerce transactions is becoming increasingly important. Identity theft, hacking and viruses are growing threats to Internet users. As more people use the Internet, more identity theft cases are being reported. This could harm not only the users, but also the reputation of the organisations whose names are used in these illegal acts. For example, in the UK, online banking fraud doubled in 2008 compared to 2007. More users took to e-shopping and online banking, but failed to take necessary protection. For non-western cultures, the figures for web security, in 2008, illustrated that Saudi Arabia was ranked ninth worldwide for users who had been attacked over the web. The above statistics reflect the significance of information security with e-commerce systems. As with any new technology, user acceptance of the new technology is often hard to measure. In this thesis, a study of user acceptance of biometric authentication systems in e-transactions, such as online banking, within Saudi society was conducted. It examined whether Saudis are practically willing to accept this technology. This thesis focuses upon Saudi Arabia, which has developing economy. It has achieved a rapid rate of growth, and therefore makes an interesting and unique case study. From an economist's point of view, Saudi Arabia is the powerhouse of the Middle East. It has the leading regional economy, and, even though it is still relatively young. It has a young and rapid growing population; therefore, this makes Saudi Arabia an attractive potential market for all kinds of e-commerce applications. Having said that, with more than half of population under the age of 30 are more to be expected to take the risk of accepting new technology. For this work, 306 Saudi participants were involved in the experiments. A laboratory experiment was created that actively tested a biometric authentication system in combination with a survey. The Technology Acceptance Model (TAM) was adopted in the first experimental phase as the theoretical basis on which to develop the iv research framework, the model has proven its efficiency as a good predictor for the biometric authentication system. Furthermore, in a second experimental phase, the Unified Theory of Acceptance and Use of Technology (UTAUT) with moderating variables such as age, gender and education level was examined as a proposed conceptual framework to overcome the limitations of TAM. The aim of the study was to explore factors affecting users' acceptance of biometric authentication systems. The findings from Structural Equation Modelling (SEM) analysis indicate that education level is a significant moderating factor, while gender and age do not record as significant. This thesis added new knowledge to this field and highlighted the importance of the perceptions of users regarding biometric security technologies. It helps determine the factors affecting the acceptance of biometric technology. To our knowledge, this is the first systematic study of this issue carried out by academic and non-biased researchers in Saudi Arabia. Furthermore, the thesis presents security technology companies and developers of information security products with information to help in the determination of what is significant to their user base when taking into account the introduction of new secure systems and products.
13
Zebbiche, K. "Data Hiding for Securing Fingerprint Data Access." Thesis, Queen's University Belfast, 2010. http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.517622.
Full text
14
Norris-Jones, Lynne. "Demonstrate and document : the development of a best practice model for biometric access control management." Thesis, Cardiff Metropolitan University, 2011. http://hdl.handle.net/10369/6411.
Full textAbstract:
This thesis investigates the social, legal and ethical perceptions of participants towards the implementation of biometric access control systems within a sample of United Kingdom work-based environments. It focuses on the application of fingerprint scanning and facial recognition systems, whilst alluding to the development of more advanced (bleeding edge) technologies in the future. The conceptual framework is based on a tripartite model in which Maslow's Hierarchy of Needs is applied to the workforce whilst the principles of Utilitarianism and the Psychological Contract are applied to both management strategies and workforce perceptions. A qualitative paradigm is used in which semi-structured interviews are conducted with management and workforce participants within a sample of United Kingdom-based organisations (represented by Case Studies A-D). Discourse from these interviews are analysed, leading to the development of a series of first-cut findings for suggested "Best Practice " in the social, legal and ethical management of biometric access control systems. This process is subsequently developed with a refined sample of respondents (Case Studies A and C) culminating in the presentation of a suggested "Best Practice Model" for application to all four case studies. The model is based upon elements of a pre-determined Code of Practice (ISO/IEC 27002lnformation Technology - Security techniques - Code of Practice for Information Security Management) towards fostering acceptance of biometric technology within the workplace, in answering the question: How should organisations using biometric access control systems address social, legal and ethical concerns in the management of specific working environments in the United Kingdom?
15
Lindblom, Martin. "Which News Articles are You Reading? : Using Fingerprinting to Attack Internal Pages of News Websites." Thesis, Linköpings universitet, Institutionen för datavetenskap, 2021. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-178397.
Full textAbstract:
When performing fingerprinting attacks against websites in a controlled environment astudy may achieve very promising results. However, these can be misleading as the closedworld setting may not accurately represent the real-world. This is a problem many priorworks have been critiqued for, the inability to transfer their results from the closed-worldsetting to the real-world. Being able to do so is of great importance to establish what thereal-world consequences would be of fingerprint attacks. If unable to apply one’s findingsoutside of a tightly controlled environment it is difficult to gauge if these attacks types posea real threat or not. Thereby, this thesis has, contrary to previous work, based its settingon a real-world scenario to provide tangible insights into vulnerabilities of news websites.Furthermore, it targeted internal pages of websites, something understudied by previousliterature. All of this while presenting a novel classifier that is lightweight and requireslittle training, and a framework for automatically collecting and labelling encrypted TCPtraffic without the use of a proxy.
16
Rahbari, Hanif. "Obfuscation of Transmission Fingerprints for Secure Wireless Communications." Diss., The University of Arizona, 2016. http://hdl.handle.net/10150/612371.
Full textAbstract:
Our world of people and objects is on the verge of transforming to a world of highly-interconnected wireless devices. Incredible advances in wireless communications, hardware design, and power storage have facilitated hasty spread of wireless technologies in human life. In this new world, individuals are often identified and reached via one or multiple wireless devices that they always carry (e.g., smartphones, smart wearable, implantable medical devices, etc.), and their biometrics identities are replaced by their digital fingerprints. In near future, vehicles will be controlled and monitored via wireless monitoring systems and various physical objects (e.g., home appliance and retail store items) will be connected to the Internet. The list of these changes goes on. Unfortunately, as different aspects of our lives are being immerged in and dependent to wireless devices and services, we will become more vulnerable to wireless service/connection interruptions due to adversarial behavior and our privacy will become more potent to be exposed to adversaries. An adversary can learn the procedures of a wireless system and analyze its stages, and accordingly, launch various attacks against the operations of the system or the privacy of the people. Existing data confidentiality and integrity services (e.g., advanced encryption algorithms) have been able to prevent the leakage of users' messages. However, in wireless networks, even when upper-layer payloads are encrypted, the users' privacy and the operation of a wireless network can be threatened by the leakage of transmission attributes at the physical (PHY) layer. Examples of these attributes are payload size, frequency offset (FO), modulation scheme, and the transmission rate. These attributes can be exploited by an adversary to launch passive or active attacks. A passive attacker may learn about the interests, sexual orientation, political views, and patentable ideas of the user through analyzing these features, whereas an active attacker exploits captured attributes to launch selective packet jamming/dropping and disrupt wireless services. These call for novel privacy preserving techniques beyond encryption. In this dissertation, we study the vulnerability of current wireless systems to the leakage of transmission attributes at the PHY layer and propose several schemes to prevent it. First, we design and experimentally demonstrate with USRPs an energy-efficient and highly disruptive jamming attack on the FO estimation of an OFDM system. OFDM is the core multiplexing scheme in many modern wireless systems (e.g., LTE/5G and 802.11a/n/ac) and is highly susceptible to FO. FO is the difference in the operating frequencies of two radio oscillators. This estimation is done by the receiver using the publicly-known frame preamble. We show that the leakage of FO value via the preamble can facilitate an optimally designed jamming signal without needing to know the channel between the transmitter and the legitimate receiver. Our results show that the jammer can guarantee a successful attack even when its power is slightly less than the transmitter's power. We then propose four mitigation approaches against the proposed FO attack. Next, we consider certain transmission attributes that are disclosed via unencrypted PHY/MAC headers. Example of these attributes are payload size, transmission rate, and MAC addresses. Beyond unencrypted headers, the adversary can estimate the frame size and transmission rate through identifying the payload's modulation scheme and measuring the transmission time. To prevent the leakage of these attributes, we propose Friendly CryptoJam scheme, which consists of three components: First, a modulation-aware encryption scheme to encrypt the headers. Second, an efficient modulation obfuscation techniques. Specifically, the proposed modulation obfuscation scheme embeds the modulation symbols of a frame's payload into the constellation of the highest-order modulation scheme supported by the system. Together with effective PHY/MAC header encryption at the modulation level, the proposed obfuscation scheme hides the transmission rate, payload size, and other attributes announced in the headers while avoiding any BER performance loss. Compared with prior art, Friendly CryptoJam enjoys less complexity and less susceptibility to FO estimation errors. The third component is a novel PHY-level identification method. To facilitate PHY/MAC header encryption when a MAC layer sender identifier cannot be used (e.g., due to MAC address encryption), we propose two preamble-based sender identification methods, one for OFDM and one for non-OFDM systems. A sender identifier is special message that can be embedded in the frame preamble. The extent of the applications of our embedding scheme goes beyond identifier embedding and include embedding part of the data frame, the sender's digital signature, or any meta-data that the sender provides. Our message embedding method can further be used to mitigate the FO estimation attack because the jammer can no longer optimize its jamming signal with respect to a fixed preamble signal. In addition, we considered friendly jamming technique in a multi-link/hop network to degrade the channels of the eavesdroppers and prevent successful decoding of the headers, while minimizing the required jamming power by optimally placing the friendly jamming devices.
17
Polehňa, Dominik. "Útok hrubou silou na přístupový systém s pomocí syntetických otisků prstů." Master's thesis, Vysoké učení technické v Brně. Fakulta informačních technologií, 2020. http://www.nusl.cz/ntk/nusl-417209.
Full textAbstract:
The work deals with the resistance of the VeriFinger comparison algorithm to synthetic fingerprints. The basics of fingerprints, comparison algorithms and synthetic fingerprint generators are gradually analyzed. In total, three experiments were designed to test the resistance of the algorithm using synthetic fingerprints. An application using the VeriFinger algorithm was implemented to evaluate individual experiments. A total of 2 800 000 synthetic fingerprints were generated across all experiments. The first experiment showed that random fingerprint generation was not effective for real fingerprints, but was somewhat sufficient for synthetic fingerprints. The second experiment proved that comparison and the comparison score could be used to estimate the class of the identified fingerprint, and in the third experiment, by narrowing the generation to one class, it raised the total number of matched fingerprints. The results of individual experiments were written and their possible extension was suggested.
18
Lodrová, Dana. "Bezpečnost biometrických systémů." Doctoral thesis, Vysoké učení technické v Brně. Fakulta informačních technologií, 2013. http://www.nusl.cz/ntk/nusl-261226.
Full textAbstract:
Hlavním přínosem této práce jsou dva nové přístupy pro zvýšení bezpečnosti biometrických systémů založených na rozpoznávání podle otisků prstů. První přístup je z oblasti testování živosti a znemožňuje použití různých typů falešných otisků prstů a jiných metod oklamání senzoru v průběhu procesu snímání otisků. Tento patentovaný přístup je založen na změně barvy a šířky papilárních linií vlivem přitlačení prstu na skleněný podklad. Výsledná jednotka pro testování živosti může být integrována do optických senzorů. Druhý přístup je z oblasti standardizace a zvyšuje bezpečnost a interoperabilitu procesů extrakce markantů a porovnání. Pro tyto účely jsem vytvořila metodologii, která stanovuje míry sémantické shody pro extraktory markantů otisků prstů. Markanty nalezené testovanými extraktory jsou porovnávány oproti Ground-Truth markantům získaným pomocí shlukování dat poskytnutých daktyloskopickými experty. Tato navrhovaná metodologie je zahrnuta v navrhovaném dodatku k normě ISO/IEC 29109-2 (Amd. 2 WD4).
19
Navrátil, Petr. "Podpora výuky biometrických přístupových systémů." Master's thesis, Vysoké učení technické v Brně. Fakulta elektrotechniky a komunikačních technologií, 2008. http://www.nusl.cz/ntk/nusl-217304.
Full textAbstract:
This thesis describes general function of biometric access systems and summarizes problems of their practical use. It also shows security risks of these systems. It defines basic terms, which are used in this area, describes kinds of errors and their representation. One part of this thesis deals with biometric method of fingerprints recognition. It explains fingerprints’ atomic basics, basic principles and processing of digital fingerprint image. Next part describes concrete biometric access system V-Station by Bioscrypt Inc. Besides basic description it focuses on technology of biometric sensor and algorithm, essential parts of biometric system. The thesis continues with security analysis of this concrete system. In this part I target on weak points of the system and I design possible attack on the system. In the last part of my thesis I designed laboratory exercise, which is supposed to be realized by student. It is composed it by several tasks to let students understand working with the system and attached software. At the same time, they have opportunity to think about system by themselves a make their own opinion about possibilities of the system. There are many pictures in this thesis to make term clear and to better understanding of problems of biometric security systems.
20
Lamare, François. "OCT en phase pour la reconnaissance biométrique par empreintes digitales et sa sécurisation." Thesis, Evry, Institut national des télécommunications, 2016. http://www.theses.fr/2016TELE0003/document.
Full textAbstract:
Dans un monde de plus en plus ouvert, les flux de personnes sont amenés à exploser dans les prochaines années. Fluidifier et contrôler ces flux, tout en respectant de fortes contraintes sécuritaires, apparaît donc comme un élément clef pour favoriser le dynamisme économique mondial. Cette gestion des flux passe principalement par la connaissance et la vérification de l’identité des personnes. Pour son aspect pratique et a priori sécurisé, la biométrie, et en particulier celle des empreintes digitales, s’est imposée comme une solution efficace, et incontournable. Néanmoins, elle souffre de deux sévères limitations. La première concerne les mauvaises performances obtenues avec des doigts détériorés. Ces détériorations peuvent être involontaires (travailleurs manuels par exemple), ou bien volontaires, à des fins d’anonymisation. La deuxième concerne les failles de sécurité des capteurs. En particulier, ils sont vulnérables à des attaques avec de fausses empreintes, réalisées par des personnes mal intentionnées dans un but d’usurpation d’identité. D’après nous, ces limitations sont dues à la faible quantité d’information exploitée par les capteurs usuels. Elle se résume souvent à une simple image de la surface du doigt. Pourtant, la complexité biologique des tissus humains est telle qu’elle offre une information très riche, unique, et difficilement reproductible. Nous avons donc proposé une approche d’imagerie, basée sur la Tomographique par Cohérence Optique, un capteur 3D sans contact, permettant de mesurer finement cette information. L’idée majeure de la thèse consiste à étudier divers moyens de l’exploiter, afin de rendre la biométrie plus robuste et vraiment sécuriséeIn an increasingly open world, the flows of people are brought to explode in the coming years. Facilitating, streamlining, and managing these flows, by maintaining strict security constraints, therefore represent a key element for the global socio-economic dynamism. This flows management is mainly based on knowledge and verification of person identity. For its practicality and a priori secured, biometrics, in particular fingerprints biometrics, has become an effective and unavoidable solution.Nevertheless, it still suffers from two severe limitations. The first one concerns the poor performances obtained with damaged fingers. This damage can be involuntary (e.g. manual workers) or volunteers, for purposes of anonymity. The second limitation consists in the vulnerability of the commonly used sensors. In particular, they are vulnerable to copies of stolen fingerprints, made by malicious persons for identity theft purpose. We believe that these limitations are due to the small amount of information brought by the usual biometric sensors. It often consists in a single print of the finger surface. However, the biological complexity of human tissue provides rich information, unique to each person, and very difficult to reproduce. We therefore proposed an imaging approach based on Optical Coherence Tomography (OCT), a 3D contactless optical sensor, to finely measure this information. The main idea of the thesis is therefore to explore novel ways to exploit this information in order to make biometrics more robust and truly secured. In particular, we have proposed and evaluated different fingerprint imaging methods, based on the phase of the OCT signal
21
Kim, Dae Wook. "Data-Driven Network-Centric Threat Assessment." Wright State University / OhioLINK, 2017. http://rave.ohiolink.edu/etdc/view?acc_num=wright1495191891086814.
Full text
22
Wu, Yan-Dian, and 吳彥典. "Combine watermark with fingerprint to promotethe electronics patient record security." Thesis, 2009. http://ndltd.ncl.edu.tw/handle/61415210676521821125.
Full textAbstract:
碩士國立高雄應用科技大學
電子工程系
97
Due to the rapid development of information technology, and continuing innovation and evolution with the constant upgrading of computer performance, the price kept on falling, the computer has been in the hospital medical care, teaching, scientific and technological research ... etc. more and more widely. Computerized hospital information system has become a modern hospital operating process, the essential infrastructure and technical support for the environment, the development of hospital information systems have become an increasing emphasis on health care industry. Medical-related industries also have the use of digital technology products to help build and structure as a hospital information system, such as: electronic patient record system, the fingerprint recognition system, tele-monitoring system, newsletter system, radio frequency identification systems, etc., and continuously applied to a wide range of process on medical services. Electronic patient record system information has always been one of the important topics of systematic, patients included a wide range of electronic medical records and patient health-related information from the medical records of the patients, out-patient records of diagnosis and treatment of patients with the emergency room for consultation with the medical records of the contents of medical imaging, record the information with patients is closely related to improper preservation of medical institutions is not only a breach of the provisions of medical law, and information so that these patients without their consent to be an open, leakage, this patients have been violations of data security and privacy. However, further sophisticated hospital information system, without doing any proper and effective security, as easy as the invasion was easily stolen electronic medical records, hospital information system in order to improve the safety and protection of patient privacy, hospital information system to strengthen information security become very important projects and subject. In this study, combined with popular watermark technology and fingerprint recognition technology for electronic medical records system. Ready to use their own unique fingerprint, to log in as an electronic fingerprint database of the confidential medical records of keys for identification. And fingerprint images in the log in the process of embedding watermark images, to avoid misappropriation of man-made, to ensure that patient privacy and medical records of user security, maintain the normal operation of electronic medical records, of great effectiveness.
23
Liu, Hai-Chen, and 劉海真. "Combine fingerprint with RFID to promote the computer information security." Thesis, 2009. http://ndltd.ncl.edu.tw/handle/18668638910598308947.
Full textAbstract:
碩士國立高雄應用科技大學
電子工程系
97
Computer and Internet applications, has become indispensable to daily life and work are closely related to one, so there are many things must be done through the computer. Although the computer has a lot of convenience, but in the information security, there are still many doubts, because the network can be determined hacker or theft of computer hardware in order to obtain inside information on the computer, and then a lot of personal data leaks social cases. Therefore in order to improve computer security, this study was the use of technical maturity and popularity of the RFID system to identify the identity of knowledge as a database log on to the computer can improve the current account password to log in only the shortcomings of the system, only RFID system as a boarding into the computer database, and can not really distinguish the identity of the cardholder, it has a unique combination of fingerprint recognition technology, used in computer and information security systems, can effectively enhance the security of information stored in computer security. The purpose of this system is to enhance security of computer database, using RFID technology that is the most popular and easy to carry be a first login system, and has a unique combination of fingerprint recognition technology as a second checkpoint. Use this double-crossing as the identity of the user, and so will be more to protect computer database security, great results. Keywords: theft-proof, fingerprint distinguished, RFID.
24
MOU, HSI-WEI, and 牟錫偉. "A Security and Energy Saving System Design Based on Fingerprint Recognition." Thesis, 2019. http://ndltd.ncl.edu.tw/handle/aq2amm.
Full textAbstract:
碩士聖約翰科技大學
電機工程系碩士班
107
Fingerprint identification is one of the biometric technologies, and it has good suitability for safety and convenience. This paper is based on fingerprint identification, combined with the concept of IoT, using Bluetooth and 4G LTE technology for wireless communication to develop a security and energy saving system for home or office. In this paper, the fingerprint identification module is used as the basis for sign in or sign out, and it is also used in the application of security drawers. The Arduino Uno board is used as the embedded processor and the Raspberry Pi is used as a heterogeneous core to construct this system. And used RELAY to control the power switch to realize the energy-saving. Finally, it used 4G LTE technology and a Raspberry Pi camera to construct a system with security.
25
chen, pu-wei, and 陳步偉. "Implementation of a fingerprint identification security system with an embedded ARM-based platform." Thesis, 2006. http://ndltd.ncl.edu.tw/handle/87019964306636305629.
Full textAbstract:
碩士長庚大學
電子工程研究所
94
In this research, a multi-function fingerprint security system is developed. Such an application was successfully realized via a commercial development board, so-called the “Creator”, with an embedded ARM CPU. The overall structure of the proposed security system mainly consists of three parts: a Creator as the client, a PC-based server, and the network programming based communications part. After establishing the embedded software development environment, and porting the functions on the Creator board, the on-board ARM CPU executes all required calculations for fingerprint feature extraction in a real-time fashion, and plays the central role of the system. The PC-based server then receives feature vectors from the Creator to perform the task of fingerprint matching further. According to the results of matching, the server controls the entrance of the restricted area (for example, a Lab). In the meantime, the server also controls the access to the equipment or machines, such as PC’s, in the area. Such a security system actually takes the advantage of internet communications technology for information transmission from a remote measurement site (client) to the monitoring and controlling center (server). In addition, a modified image binarization algorithm is also proposed in this study. It has the merits of lower time and memory complexity, and thus is very suitable for the applications into the embedded systems.
26
Lin, Wen Ren, and 林文仁. "The Relationship Between Fingerprint Database And The Effectiveness Of Public Security -Taking FengShan Police Station of Kaohsiung City As An Example." Thesis, 2012. http://ndltd.ncl.edu.tw/handle/78081408104438115480.
Full textAbstract:
碩士東海大學
公共事務碩士在職專班
100
In this study, qualitative research methods are adopted, and with the ways of purposive sampling and snowball method, to proceed In-depth interviews, based on the interviewees’ jobs owning understanding and Practical experience to forensic science, crime investigation and the job of maintaining public security. To discuss and talk over the relationship between fingerprint database and the public security, the general public are also interviewed (including neighborhood representatives), and I attempted to understand the area residents’ ideas, thoughts and suggestions to this study issue. Next, refer to the relative statistics as national criminal cases fingerprint forensics tables from National Police Administration's Criminal Investigation Bureau (2008~2011) and vidence Collecting results tables from Kaohsiung Government Police City Department Fengshan Branch (2006~2011) Fingerprint can be used in the way of crime investigation; it also has many functions such as identity recognition and confirmation to demented old people, patients fall by roadsides, homeless people, nameless dead and victims of accidents or disasters, and it can help to avoid mentally or physically disabled children be missing. Replace the seal with fingerprints has the functions like avoiding imposture and so on. Therefore, fingerprint database do has positive benefit to the society security. Although, fingerprint data does help to crime investigation and identity recognition, the establishment involves with invasion of personal privacy. Like a double-edged sword, it can do a great help for the public society, but it can sometimes be harmful when being used with bad intentions. However, what the public concern most is the problem that fingerprint data may be disclosed or pirated and stolen . People have many concerns and don’t understand to the confidentiality protection of fingerprint data.Consequently, it is necessary to set up special laws and regulations for the use of fingerprint, also to establish comprehensive security systems, to ensure the security of fingerprint database in applications and management, so that government can be trusted by the public. In addition, crime investigations and identity recognitions both rely on forensic science. Thus, the establishments of fingerprint database and DNA database have more importance. In the aspect of official authorities which maintain the public security, always for establishing a complete fingerprint database, yet the human rights groups are against to it. Social society should always find a way to balance them both. On account of this, to maintain public security and also protect human rights efficiently and to create a win-win situation, and then to build up a safe and better living environment for people are the most important and best thing for the society and country. Keywords: fingerprint, fingerprint database, effects of public security, privacy
27
Lin, Tri-Show, and 林姿秀. "On the Security of ID-based Password Authentication Scheme using Smart Cards and Fingerprints." Thesis, 2005. http://ndltd.ncl.edu.tw/handle/08815099713877871201.
Full textAbstract:
碩士東海大學
資訊工程與科學系碩士在職專班
93
In 2003 ( ACM Operating Systems Review, Vol.37), Kim, Lee and Yoo [1] proposed an ID-based password authentication scheme for log-on to a remote server using smart card, password and fingerprint. In this paper, we show that the KLY protocol is vulnerable to an active adversary who can extract some information embedded in the smart card by using existing smart cards attack methods. By getting the information and eavesdropping the previous login messages of a legal user, an attacker without any password or fingerprint can successfully forge the legal user to obtain services from the system. In this case, the protocol is not sufficient for systems with high level security requirements. We point out a cryptanalysis of KLY scheme and propose a data compromise attack algorithm and replay attack algorithm. We also hope that the benefit of the science and technique can improve the security of the remote user authentication.