To see the other types of publications on this topic, follow the link: Vulnerabilities of biometric system.
Dissertations / Theses on the topic 'Vulnerabilities of biometric system'
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 50 dissertations / theses for your research on the topic 'Vulnerabilities of biometric system.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse dissertations / theses on a wide variety of disciplines and organise your bibliography correctly.
1
Osoka, Agu. "Assessing and protecting against vulnerabilities of biometric systems." Thesis, University of Kent, 2008. http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.509630.
Full text
2
Higbee, Matthew Somers. "Deriving System Vulnerabilities Using Log Analytics." BYU ScholarsArchive, 2015. https://scholarsarchive.byu.edu/etd/6139.
Full textAbstract:
System Administrators use many of the same tactics that are implemented by hackers to validate the security of their systems, such as port scanning and vulnerability scanning. Port scanning is slow, and can be highly inaccurate. After a scan is complete, the results of the scan must be cross checked with a vulnerability database to discover if any vulnerabilities are present. While these techniques are useful, they have severe limitations. System Administrators have full access to all of their machines. They should not have to rely exclusively on port scanning them from the outside of their machines to check for vulnerabilities when they have this level of access. This thesis introduces a novel concept for replacing port scanning with a Log File Inventory Management System. This system will be able to automatically build an accurate system inventory using existing log files. This system inventory will then be automatically cross checked with a database of known vulnerabilities in real-time resulting in faster and more accurate vulnerability reporting than is found in traditional port scanning methods.
3
Jayapal, Ranjith. "Biometric encryption system for increased security." UNF Digital Commons, 2017. http://digitalcommons.unf.edu/etd/746.
Full textAbstract:
Security is very important in present day life. In this highly-interconnected world, most of our daily activities are computer based, and the data transactions are protected by passwords. These passwords identify various entities such as bank accounts, mobile phones, etc. People might reuse the same password, or passwords related to an individual that can lead to attacks. Indeed, remembering several passwords can become a tedious task. Biometrics is a science that measures an individual’s physical characteristics in a unique way. Thus, biometrics serves as a method to replace the cumbersome use of complex passwords. Our research uses the features of biometrics to efficiently implement a biometric encryption system with a high level of security.
4
Bansal, Mamta. "Face based multimodal biometric authentication system." Thesis, IIT Delhi, 2015. http://eprint.iitd.ac.in:80//handle/2074/8179.
Full text
5
Swabey, Matthew A. "The human auditory system as a biometric." Thesis, University of Southampton, 2007. http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.438725.
Full text
6
Muthu, Rajesh. "Development of a secure biometric recognition system." Thesis, Northumbria University, 2016. http://nrl.northumbria.ac.uk/31618/.
Full textAbstract:
Biometric based security systems are becoming an integral part of many security agencies and organisations. These systems have a number of applications ranging from national security, law enforcement, the identification of people, particularly for building access control, the identification of suspects by the police, driver’s licences and many other spheres. However, the main challenge is to ensure the integrity of digital content under different intentional and non-intentional distortions; along with the robustness and security of the digital content. This thesis focuses on improving the security of fingerprint templates to allow accurate comparison of the fingerprint content. The current methods to generate fingerprint templates for comparison purposes mostly rely on using a single feature extraction technique such as Scale Invariant Feature Transform (SIFT) or Fingerprint Minutiae. However, the combination of two feature extraction techniques (e.g., SIFT-Minutiae) has not been studied in the literature. This research, therefore, combines the existing feature extraction techniques, SIFTHarris: Feature point detection is critical in image hashing in term of robust feature extraction, SIFT to incorporate the Harris criterion to select most robust feature points and SIFT-Wavelet: Wavelet based technique is basically used to provide more security and reliability of image, SIFT feature with efficient wavelet-based salient points to generate robust SIFT - wavelet feature that provides sufficient invariance to common image manipulations. The above said feature detector are known work well on the natural images (e.g., faces, buildings or shapes) and tests them in the new context of fingerprint images. The results in this thesis demonstrate that new approach contributes towards the improvement of fingerprint template security and accurate fingerprint comparisons. The fingerprint minutiae extraction method is combined individually with the SIFTHarris method, SIFT-Wavelet method and the SIFT method, to generate the most prominent fingerprint features. These features are post-processed into perceptual hashes using Radial Shape Context Hashing (RSCH) and Angular Shape Context Hashing (ASCH) methods. The accuracy of fingerprint comparison in each case is evaluated using the Receiver Operating Characteristic (ROC) curves. The experimental results demonstrate that for the JPEG lossy compression and geometric attacks, including rotation and translation, the fingerprint template and accuracy of fingerprint matching improved when combinations of two different Feature extraction techniques are used, in contrast to using only a single feature extraction technique. The ROC plots illustrates the SIFT-Harris-Minutiae, SIFT-Wavelet-Minutiae, SIFTMinutiae perform better than the SIFT method. The ROC plots further demonstrate that SIFT-Harris-Minutiae outperform all the other techniques. Therefore, SIFTHarris-Minutiae technique is more suitable for generating a template to compare the fingerprint content. Furthermore, this research focuses on perceptual hashing to improve the minutiae extraction of fingerprint images, even if the fingerprint image has been distorted. The extraction of hash is performed after wavelet transform and singular value decomposition (SVD). The performance evaluation of this approach includes important metrics, such as the Structural Similarity Index Measure (SSIM) and the Peak Signal-to-Noise Ratio (PSNR). Experimentally, it has confirmed its robustness against image processing operations and geometric attacks.
7
Shonubi, Felix, Ciara Lynton, Joshua Odumosu, and Daryl Moten. "Exploring Vulnerabilities in Networked Telemetry." International Foundation for Telemetering, 2015. http://hdl.handle.net/10150/596435.
Full textAbstract:
ITC/USA 2015 Conference Proceedings / The Fifty-First Annual International Telemetering Conference and Technical Exhibition / October 26-29, 2015 / Bally's Hotel & Convention Center, Las Vegas, NV<br>The implementation of Integrated Network Enhanced Telemetry (iNET) in telemetry applications provides significant enhancements to telemetry operations. Unfortunately such networking brings the potential for devastating cyber-attacks and networked telemetry is also susceptible to these attacks. This paper demonstrates a worked example of a social engineering attack carried out on a test bed network, analyzing the attack process from launch to detection. For this demonstration, a penetration-testing tool is used to launch the attack. This attack will be monitored to detect its signature using a network monitoring tool, and this signature will then be used to create a rule which will trigger an alert in an Intrusion Detection System. This work highlights the importance of network security in telemetry applications and is critical to current and future telemetry networks as cyber threats are widespread and potentially devastating.
8
Poon, Hoi Ting. "Towards a practical and secure biometric authentication system." Thesis, University of Ottawa (Canada), 2008. http://hdl.handle.net/10393/28017.
Full textAbstract:
The idea of merging biometrics technology with cryptography brought interesting possibilities in enhancing the security and privacy of biometrics systems. Conventional systems generally require large databases, which represent a security risk and raise privacy concerns. Biometric encryption is a method devised to hide biometric features along with a cryptographic key, which could remove the need for such biometric databases. The Fuzzy Vault scheme is one of the promising candidates for biometric encryption. This thesis analyzes the scheme and attempts to provide solutions to problems impeding the system from being used in practise. We looked at the current techniques in dealing with the noise inherent in biometric templates, in particular fingerprints, and provides insight on their implication in information and biometric security. We also present two practical decoders based on the Berlekamp-Massey algorithm and the Euclidean algorithm, and provide the first implementation of a Reed-Solomon decoder for the Fuzzy Vault scheme. Our implementation results indicate that the traditional Berlekamp-Massey algorithm may not be as suitable and efficient as Gao's Reed-Solomon decoder. In our analysis, some potential vulnerabilities were also identified. In particular, the collusion attack was found to be able to seriously reduce the security of the scheme in practise and is applicable to all existing implementations. Some possible defenses against the attack such as a one-way transform of the locking set and deterministic chaff points generation were proposed.
9
McCracken, Wendy Margaret. "Service Delivery To Deaf Children : Vulnerabilities Within The System." Thesis, University of Manchester, 2009. http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.518868.
Full text
10
Brown, Allanah. "The fuel transportation system in British Columbia : attributes and vulnerabilities." Thesis, University of British Columbia, 2016. http://hdl.handle.net/2429/59065.
Full textAbstract:
Disasters can, and do lead to widespread disruption, often crippling transportation systems in complex ways. Transportation systems need to be designed not only to operate on an ordinary day; they need to be designed to respond to man-made and natural disasters. Proactive planning can allow transport to resume service, and deal with crises, as quickly as possible post-disaster. This thesis provides information to assist in the development of plans and protocols for emergency scenarios. Coastal communities throughout British Columbia (BC) are heavily dependent on maritime transportation for the supply of fuel, food, and other critical resources. Vancouver Island only has an estimated 3 days’ worth of food and fuel stored on the island. Without sufficient storage, or a means of producing these resources, coastal communities are highly vulnerable to maritime disruption. If transportation systems are disrupted for an extended period, communities can experience shortages to supply. This can lead to communities losing power, operations, and critical resources for survival. Through interviews and interactive workshops with industry stakeholders, this study brings forth issues and limitations within fuel transportation in BC. Current transportation systems are potentially ill equipped to deal with large-scale events with some response plans fragmented, and the decision-making infrastructure at times ad hoc. Improving a system’s preparedness through identification of hazards, and educating the industry could significantly aid the system’s response and revitalization post-disaster. Through review of current systems and plans, this thesis highlights persistent concerns within the system and begins to explore ways to improve the resilience of fuel distribution in BC. Through analyzing mitigation options, the validity of pro-active planning can be seen. The concerns and recommendations from this thesis could lay the foundation for building a more resilient system capable of executing effective emergency response.<br>Applied Science, Faculty of<br>Civil Engineering, Department of<br>Graduate
11
Han, Wei. "An integrated and distributed biometric-based user authentication architecture." Thesis, University of Ottawa (Canada), 2007. http://hdl.handle.net/10393/27851.
Full textAbstract:
Biometric authentication systems are used to guide the system security for many years in the computer world and make the user's identification easier and more convenient. Meanwhile, the systems encounter lots of challenges, attacks and threats, privacy protection and system management requirements, which affect the user's acceptance. Differing from the commonly used solutions, in this thesis the approach is to modify the system to meet these requirements, which results in a distributed architecture which can be composed in real time, and resolves the above challenges in one solution. A system prototype based on the proposed system architecture is designed as a sample for the reference of other system designers.
12
Kuan, Hung-i. "Evaluation of a biometric keystroke typing dynamics computer security system." Thesis, Monterey, California. Naval Postgraduate School, 1992. http://hdl.handle.net/10945/26530.
Full textAbstract:
Approved for public release; distribution is unlimited.<br>This study evaluates an inexpensive personal computer access control system that relies on biometric keystroke typing dynamics technology, BioPassword Model 2100 (BioPassword). Enrollment time, verification time, false rejection error rate, false acceptance error rate, and user acceptance were evaluated for this system. The results show that BioPassword provides multilayer security through the inclusion of privilege control, audit functions, passwords, and verification of a personal behavioral characteristic, the rate and variation of typing a given password string. Enrollment and verification times were considered satisfactorily fast. Overall false rejection error rate was 22.5%, while false acceptance error rate was 3.4%. The false rejection error rate for acceptance as a function of trial number from one trial to five trials were 4. 4%, 1.4%, O.7%, O.4%, andO.3% respectively. These values were achieved under relatively uncontrolled conditions and should be improved on by using recommendations that are included. Users generally reported satisfaction with the system, which should be acceptable as part of an office automation system when used in conjunction with other standard security measures. BioPassword Model 21 00, Biometric technology, Keystroke Typing Dynamics, False Rejection Error Rate, False Acceptance Error Rate, Enrollment Time, Verification Time
13
Assaad, Firas Souhail. "Biometric Multi-modal User Authentication System based on Ensemble Classifier." University of Toledo / OhioLINK, 2014. http://rave.ohiolink.edu/etdc/view?acc_num=toledo1418074931.
Full text
14
Mai, Guangcan. "Biometric system security and privacy: data reconstruction and template protection." HKBU Institutional Repository, 2018. https://repository.hkbu.edu.hk/etd_oa/544.
Full textAbstract:
Biometric systems are being increasingly used, from daily entertainment to critical applications such as security access and identity management. It is known that biometric systems should meet the stringent requirement of low error rate. In addition, for critical applications, the security and privacy issues of biometric systems are required to be concerned. Otherwise, severe consequence such as the unauthorized access (security) or the exposure of identity-related information (privacy) can be caused. Therefore, it is imperative to study the vulnerability to potential attacks and identify the corresponding risks. Furthermore, the countermeasures should also be devised and patched on the systems. In this thesis, we study the security and privacy issues in biometric systems. We first make an attempt to reconstruct raw biometric data from biometric templates and demonstrate the security and privacy issues caused by the data reconstruction. Then, we make two attempts to protect biometric templates from being reconstructed and improve the state-of-the-art biometric template protection techniques.
15
Mohamed, Abdul Cader Akmal Jahan. "Finger biometric system using bispectral invariants and information fusion techniques." Thesis, Queensland University of Technology, 2019. https://eprints.qut.edu.au/134464/1/Akmal%20Jahan_Mohamed%20Abdul%20Cader_Thesis.pdf.
Full textAbstract:
Contactless hand biometric systems are better accepted than contact prints as they are hygienic and accelerate data acquisition. This research is one of the few investigating contactless biometrics of the full hand by proposing a novel algorithm based on ridge orientation information along lines connecting key points, higher order spectral features, and fusion. It was investigated with contactless finger images acquired from 81 users, and found to be robust to hand orientation and image size, and provide acceptable performance using two fingers with fusion. The algorithm has potential to use in high throughput applications where contact sensing may be slow.
16
Coffman, James Wyatt. "Web-enabling an early warning and tracking system for network vulnerabilities." Thesis, Monterey, Calif. : Springfield, Va. : Naval Postgraduate School ; Available from National Technical Information Service, 2001. http://handle.dtic.mil/100.2/ADA397344.
Full text
17
Hasegawa, Robert Shigehisa. "Using synthetic images to improve iris biometric performance." Scholarly Commons, 2012. https://scholarlycommons.pacific.edu/uop_etds/827.
Full text
18
Clarke, Dalton H., and W. Tracy Young. "Reengineering of the Defense Biometric Identification System (DBIDS) equipment tracking database." Thesis, Monterey, California. Naval Postgraduate School, 2009. http://hdl.handle.net/10945/4607.
Full textAbstract:
Approved for public release, distribution unlimited<br>The Defense Manpower Data Center (DMDC) manages the Defense Biometric Identification System (DBIDS). DBIDS captures personal and biometric information to manage DoD-wide access, control, and personnel accountability. DBIDS equipment is installed globally, and managed by a central office on the Monterey peninsula. Program managers track data about the numbers and type of equipment installed at each site. Program managers were tracking DBIDS data using a single Microsoft Excel workbook comprised of several, interlinking worksheets (DBIDS Master Plan Spreadsheet). Data updates were error-prone and difficult, requiring close coordination to keep the number of "current" versions of the spreadsheet to a minimum. This thesis initially focused on reviewing the business rules and processes surrounding DBIDS document, and then transitioned into designing, developing, and implementing of a relational database solution to improve problem areas identified during the initial review. After implementation of the database, this thesis explored the effects of making such a change within an organization. This was attempted by identifying and measuring changes in performance and accuracy of the system; by measuring pre- and post-user satisfaction through the qualitative methods of questionnaires and interviews; and finally using this analysis to improve the project through maintenance and growth iterations.
19
Young, W. Tracy Clarke Dalton H. "Reengineering of the Defense Biometric Identification System (DBIDS) equipment tracking database." Monterey, California : Naval Postgraduate School, 2009. http://edocs.nps.edu/npspubs/scholarly/theses/2009/Sep/09Sep%5FYoung.pdf.
Full textAbstract:
Thesis (M.S. in Information Technology Management)--Naval Postgraduate School, September 2009. Thesis (M.S. in Information Technology Management)--Naval Postgraduate School, March 2009.<br>Thesis Advisor(s): Pfeiffer, Karl D. "September 2009." Description based on title screen as viewed on 6 November, 2009. Author(s) subject terms: Database, Database Development Life Cycle, Rapid Prototyping, Business Process Management Software, Business Process Improvement, Business Process Redesign. Includes bibliographical references (p. 63-65). Also available in print.
20
Arteaga, Falconi Juan Sebastian. "Towards an Accurate ECG Biometric Authentication System with Low Acquisition Time." Thesis, Université d'Ottawa / University of Ottawa, 2020. http://hdl.handle.net/10393/40129.
Full textAbstract:
Biometrics is the study of physical or behavioral traits that establishes the identity of a person. Forensics, physical security and cyber security are some of the main fields that use biometrics. Unlike traditional authentication systems—such as password based—biometrics cannot be lost, forgotten or shared. This is possible because biometrics establishes the identity of a person based on a physiological/behavioural characteristic rather than what the person possess or remembers. Biometrics has two modes of operation: identification and authentication. Identification finds the identity of a person among a group of persons. Authentication determines if the claimed identity of a person is truthful.
Biometric person authentication is an alternative to passwords or graphical patterns. It prevents shoulder surfing attacks, i.e., people watching from a short distance. Nevertheless, biometric traits of conventional authentication techniques like fingerprints, face—and to some extend iris—are easy to capture and duplicate. This denotes a security risk for modern and future applications such as digital twins, where an attacker can copy and duplicate a biometric trait in order to spoof a biometric system. Researchers have proposed ECG as biometric authentication to solve this problem. ECG authentication conceals the biometric traits and reduces the risk of an attack by duplication of the biometric trait. However, current ECG authentication solutions require 10 or more seconds of an ECG signal in order to have accurate results. The accuracy is directly proportional to the ECG signal time-length for authentication. This is inconvenient to implement ECG authentication in an end-user product because a user cannot wait 10 or more seconds to gain access in a secure manner to their device.
This thesis addresses the problem of spoofing by proposing an accurate and secure ECG biometric authentication system with relatively short ECG signal length for authentication. The system consists of an ECG acquisition from lead I (two electrodes), signal processing approaches for filtration and R-peak detection, a feature extractor and an authentication process. To evaluate this system, we developed a method to calculate the Equal Error Rate—EER—with non-normal distributed data.
In the authentication process, we propose an approach based on Support Vector Machine—SVM—and achieve 4.5% EER with 4 seconds of ECG signal length for authentication. This approach opens the door for a deeper understanding of the signal and hence we enhanced it by applying a hybrid approach of Convolutional Neural Networks—CNN—combined with SVM. The purpose of this hybrid approach is to improve accuracy by automatically detect and extract features with Deep Learning—in this case CNN—and then take the output into a one-class SVM classifier—Authentication; which proved to outperform accuracy for one-class ECG classification. This hybrid approach reduces the EER to 2.84% with 4 seconds of ECG signal length for authentication.
Furthermore, we investigated the combination of two different biometrics techniques and we improved the accuracy to 0.46% EER, while maintaining a short ECG signal length for authentication of 4 seconds. We fuse Fingerprint with ECG at the decision level. Decision level fusion requires information that is available from any biometric technique. Fusion at different levels—such as feature level fusion—requires information about features that are incompatible or hidden. Fingerprint minutiae are composed of information that differs from ECG peaks and valleys. Therefore fusion at the feature level is not possible unless the fusion algorithm provides a compatible conversion scheme. Proprietary biometric hardware does not provide information about the features or the algorithms; therefore, features are hidden and not accessible for feature level fusion; however, the result is always available for a decision level fusion.
21
Bashir, Muzaffar [Verfasser], and Hans Robert [Akademischer Betreuer] Kalbitzer. "A novel multisensoric system recording and analyzing human biometric features for biometric and biomedical applications / Muzaffar Bashir. Betreuer: Hans Robert Kalbitzer." Regensburg : Universitätsbibliothek Regensburg, 2011. http://d-nb.info/102331214X/34.
Full text
22
Michaud, David 1975. "Screening vulnerabilities in water supply networks : risk analysis of infrastructure systems." Thesis, Massachusetts Institute of Technology, 2005. http://hdl.handle.net/1721.1/34817.
Full textAbstract:
Thesis (S.M.)--Massachusetts Institute of Technology, System Design & Management Program, 2005.<br>Includes bibliographical references (p. 93-96).<br>The extreme importance of critical infrastructures to modern society is widely known. Recognizing that society cannot afford the costs associated with absolute protection, it is necessary to prioritize the vulnerabilities in these infrastructures. This Thesis presents a methodology for the identification and prioritization of vulnerabilities in a water supply system. Existing methods are mostly based either on an adaptation of the minimal-cut-set concept or rely on experts to do this. We suggest that for complex systems a systematic scenario-based approach is possible. We argue that the infrastructure system's capacity constraints both on the production resources and on the carrying network need to be considered in this approach. We model the infrastructure as a network, making use of its natural hierarchical structure to aggregate users into groups. We create one scenario for each system's element, seeking to understand its related vulnerability. For any given scenario, we employ short path algorithms to evaluate the supply level to each user considering the capacity of the paths connecting it to the resources. We then proceed to compute the disutility of each scenario using multiattribute utility theory. The impact of losing service to a given number of users is evaluated using a value tree that reflects the perceptions and values of the decision maker and the relevant stakeholders. These results are provided to the decision maker for use in risk management. The methodology is illustrated through the presentation of the analysis conducted on the water supply network of a 250,000 inhabitants city. Keywords: Risk Assessment, Infrastructure, Vulnerability, Water Supply<br>by David Michaud.<br>S.M.
23
Cook, Hugh Stephen Thomas. "The reality of a 'High Performance Work System' : internal and external vulnerabilities." Thesis, University of Leeds, 2012. http://etheses.whiterose.ac.uk/4378/.
Full textAbstract:
This thesis contributes to knowledge and understanding about the implementation of systems of Human Resource Management. It does this through intensive case based research at Ultico, the largest private sector employer in the UK and the leading UK food retail establishment. Much literature exists on HRM systems and their relationship with performance, yet significantly less has addressed the complex internal social processes associated with their implementation. Similarly, while research has considered the importance of the external context on HRM, little has addressed the processes through which this effect takes place. Internal tensions and contradictions are found, resulting from variable implementation of HRM systems by line managers, who lack skills in HRM delivery and struggle to deliver practices alongside operational duties. Furthermore, transparency and trust are eroded by senior managers manipulating HRM practices to increase profits and achieve monitored targets. The Retail Colleague‟s Union (RCU) interacts internally with Ultico‟s HRM strategy and through the vehicle of social partnership, maintains a degree of influence over HRM implementation, enabling mitigation of the negative impacts of variable implementation by management. However this influence is limited. Finally the processes through which external economic fluctuations impact on HRM systems are uncovered, in terms of management capitalising on changes to the labour market to increase profit per employee. Taken together these findings expose vulnerabilities, both internal and external, of HRM systems to losing their soft outcomes because they are derailed by management seeking to increase profits. The thesis demonstrates the channels through which HRM systems are used to improve profitability, which is typically through work intensification, by illuminating the complex social processes through which this is achieved.
24
Lee, Jae Hyung S. M. Massachusetts Institute of Technology. "Systematic approach to analyzing security and vulnerabilities of blockchain systems." Thesis, Massachusetts Institute of Technology, 2019. https://hdl.handle.net/1721.1/121793.
Full textAbstract:
Thesis: S.M. in Engineering and Management, Massachusetts Institute of Technology, System Design and Management Program, 2019<br>Cataloged from PDF version of thesis. Page 150 blank.<br>Includes bibliographical references (pages 119-149).<br>Recent hacks into blockchain systems and heists from such systems have raised serious questions about whether this new technology can be secured from ongoing, evolving cyberattacks. While the technology is known to provide an environment that is fundamentally safer than other existing centralized systems offer, security professionals warn that the current blockchain ecosystem is still immature, harboring many known as well as unknown defects [1]. This thesis draws upon a number of research studies and various other inquiries into blockchain systems security. In addition, this paper gathers and summarizes information regarding 78 recent blockchain cyberattacks and heists, analyzing and categorizing them as to their cause: platform breach, dApps exploit, access point attack, or endpoint hacking. Two of these attacks (the Ethereum blockchain system and the Bitfinex cryptocurrency exchange) are analyzed in detail using Causal Analysis using System Theory (CAST) method. A novel top-down security assessment method inspired by System Theoretic Process Analysis for Security (STPA-Sec) is used to evaluate a sample blockchain system, such as might be proposed for voting. An analysis of possible vulnerabilities is conducted, and suggestions for remediation and protection.<br>by Jae Hyung Lee.<br>S.M. in Engineering and Management<br>S.M.inEngineeringandManagement Massachusetts Institute of Technology, System Design and Management Program
25
Okonoboh, Matthias Aifuobhokhan, and Sudhakar Tekkali. "Real-Time Software Vulnerabilities in Cloud Computing : Challenges and Mitigation Techniques." Thesis, Blekinge Tekniska Högskola, Sektionen för datavetenskap och kommunikation, 2011. http://urn.kb.se/resolve?urn=urn:nbn:se:bth-2645.
Full textAbstract:
Context: Cloud computing is rapidly emerging in the area of distributed computing. In the meantime, many organizations also attributed the technology to be associated with several business risks which are yet to be resolved. These challenges include lack of adequate security, privacy and legal issues, resource allocation, control over data, system integrity, risk assessment, software vulnerabilities and so on which all have compromising effect in cloud environment. Organizations based their worried on how to develop adequate mitigation strategies for effective control measures and to balancing common expectation between cloud providers and cloud users. However, many researches tend to focus on cloud computing adoption and implementation and with less attention to vulnerabilities and attacks in cloud computing. This paper gives an overview of common challenges and mitigation techniques or practices, describes general security issues and identifies future requirements for security research in cloud computing, given the current trend and industrial practices. Objectives: We identified common challenges and linked them with some compromising attributes in cloud as well as mitigation techniques and their impacts in cloud practices applicable in cloud computing. We also identified frameworks we consider relevant for identifying threats due to vulnerabilities based on information from the reviewed literatures and findings. Methods: We conducted a systematic literature review (SLR) specifically to identify empirical studies focus on challenges and mitigation techniques and to identify mitigation practices in addressing software vulnerabilities and attacks in cloud computing. Studies were selected based on the inclusion/exclusion criteria we defined in the SLR process. We search through four databases which include IEEE Xplore, ACM Digital Library, SpringerLinks and SciencDirect. We limited our search to papers published from 2001 to 2010. In additional, we then used the collected data and knowledge from finding after the SLR, to design a questionnaire which was used to conduct industrial survey which also identifies cloud computing challenges and mitigation practices persistent in industry settings. Results: Based on the SLR a total of 27 challenges and 20 mitigation techniques were identified. We further identified 7 frameworks we considered relevant for mitigating the prevalence real-time software vulnerabilities and attacks in the cloud. The identified challenges and mitigation practices were linked to compromised cloud attributes and the way mitigations practices affects cloud computing, respectively. Furthermore, 5 and 3 additional challenges and suggested mitigation practices were identified in the survey. Conclusion: This study has identified common challenges and mitigation techniques, as well as frameworks practices relevant for mitigating real-time software vulnerabilities and attacks in cloud computing. We cannot make claim on exhaustive identification of challenges and mitigation practices associated with cloud computing. We acknowledge the fact that our findings might not be sufficient to generalize the effect of the different service models which include SaaS, IaaS and PaaS, and also true for the different deployment models such as private, public, community and hybrid. However, this study we assist both cloud provider and cloud customers on the security, privacy, integrity and other related issues and useful in the part of identifying further research area that can help in enhancing security, privacy, resource allocation and maintain integrity in the cloud environment.<br>Kungsmarksvagen 67 SE-371 44 Karlskrona Sweden Tel: 0737159290
26
Khan, Shaharyar S. M. Massachusetts Institute of Technology. "Using a system-theoretic approach to identify cyber- vulnerabilities and mitigations in industrial control systems." Thesis, Massachusetts Institute of Technology, 2019. https://hdl.handle.net/1721.1/122437.
Full textAbstract:
Thesis: S.M. in Engineering and Management, Massachusetts Institute of Technology, System Design and Management Program, 2019<br>Cataloged from PDF version of thesis.<br>Includes bibliographical references (pages 123-128).<br>Recent cyber-physical attacks, such as Stuxnet, Triton etc., have invoked an ominous realization about the lethality of such attacks and the vulnerability of critical infrastructure, including power, gas and water distribution control systems. The traditional industrial practice to enhance security posture by utilizing IT security-biased protection methods narrowly focuses on improving cyber hygiene and individual component protection. Albeit essential and a good countermeasure against indiscriminate, non-targeted attacks, the reality of modern industrial control systems is that they are highly complex, interdependent and software-intensive sociotechnical systems. This makes traditional methods of defense largely impotent in the face of targeted attacks by advanced cyber-adversaries - as was demonstrated by Stuxnet.<br>A new realization is aggressively permeating through the industry about the need to use a holistic approach that integrates safety and security considerations to rethink, reengineer and redesign these complex control systems. System-Theoretic Accident Model & Processes (STAMP) offers a powerful, holistic, structured framework to analyze safety and security of complex cyber-physical systems in an integrated fashion. The electric grid is universally acknowledged as the holy grail of a target for an advanced cyberadversary. In light of this, this work demonstrates the use of a STAMP-based analysis method on the electric generation and distribution system of the MIT central utilities plant. The analysis is presented in a robust and structured format which can be emulated to analyze larger systems.<br>Several hazardous control actions such as out-of-sync breaker closure, generator overfluxing, turbine overspeed etc., are identified which could be exploited to cause permanent physical damage to the plant. While traditional counter-measures exist, it is argued that they need to be rethought in the face of potential cyber-attacks by advanced adversaries. Finally, several new functional requirements are presented which do not only span individual technical components but also the broader socio-organizational system.<br>by Shaharyar Khan.<br>S.M. in Engineering and Management<br>S.M.inEngineeringandManagement Massachusetts Institute of Technology, System Design and Management Program
27
Feng, Yicheng. "Template protecting algorithms for face recognition system." HKBU Institutional Repository, 2007. http://repository.hkbu.edu.hk/etd_ra/832.
Full text
28
Abraham, Arya. "It is I: An Authentication System for a Reconfigurable Radio." Thesis, Virginia Tech, 2002. http://hdl.handle.net/10919/34353.
Full textAbstract:
The security of a radio system hinges on its ability to effectively authenticate a user. This work proposes a two-factor authentication scheme using a token and a biometric. The users' access rights are determined during authentication and the users are served only those channels of data that they are privileged to receive. The strengths and the weaknesses of the implementation in reconfigurable hardware are identified. The capabilities of the scheme are put into perspective by comparing it to a high-end authentication system and by evaluating the use of standardized APIs and low-end authentication devices. Modifications to the system are suggested to improve the level of security the scheme provides. Finally, a baseline study is carried out to measure the data processing performance of a radio developed in reconfigurable hardware, which uses the proposed authentication scheme.<br>Master of Science
29
Louw, Lloyd A. B. "Automated face detection and recognition for a login system." Thesis, Link to the online version, 2007. http://hdl.handle.net/10019/438.
Full text
30
Lam, Lawrence G. "Digital Health-Data platforms : biometric data aggregation and their potential impact to centralize Digital Health-Data." Thesis, Massachusetts Institute of Technology, 2015. http://hdl.handle.net/1721.1/106235.
Full textAbstract:
Thesis: S.M. in Engineering and Management, Massachusetts Institute of Technology, School of Engineering, System Design and Management Program, Engineering and Management Program, 2015.<br>Cataloged from PDF version of thesis.<br>Includes bibliographical references (page 81).<br>Digital Health-Data is being collected at unprecedented rates today as biometric micro sensors continue to diffuse into our lives in the form of smart devices, wearables, and even clothing. From this data, we hope to learn more about preventative health so that we can spend less money on the doctor. To help users aggregate this perpetual growth of biometric "big" data, Apple HealthKit, Google Fit, and Samsung SAMI were each created with the hope of becoming the dominant design platform for Digital Health-Data. The research for this paper consists of citings from technology strategy literature and relevant journalism articles regarding recent and past developments that pertain to the wearables market and the digitization movement of electronic health records (EHR) and protected health information (PHI) along with their rules and regulations. The culmination of these citations will contribute to my hypothesis where the analysis will attempt to support my recommendations for Apple, Google, and Samsung. The ending chapters will encompass discussions around network effects and costs associated with multi-homing user data across multiple platforms and finally ending with my conclusion based on my hypothesis.<br>by Lawrence G. Lam.<br>S.M. in Engineering and Management
31
McMillan, Stephen. "Design and analysis of a biometric access control system using an electronic olfactory device to identify human odour characteristics." Thesis, University of Greenwich, 2000. http://gala.gre.ac.uk/13136/.
Full textAbstract:
The use of an electronic olfactory device, termed an electronic 'nose', was investigated for the detection of unique human odour characteristics. The detection of these unique odours was applied to the field of biometrics for access control, where a human's unique characteristics were used to authenticate a user of an access control system. An electronic odour sensing device was designed and constructed using an array of conducting polymer gas sensors in order to facilitate the regular screening of a group of human subjects over a period of six weeks. A static sampling method was used to measure odour levels from human hands, which were found to contain a reliable source of human odour. Human odour levels were low so dynamic sampling proved to be unsuitable for this application due to the dilution of the odour mixture. Feature analysis results revealed that the features of adsorption and desorption gradient contained discriminatory information in addition to the commonly used maximum divergence. Pattern recognition revealed that neural network architectures produced superior results when compared to statistical methods as a result of their ability to model the non-linearities in the data set. The highest recognition rate was 73% which was produced using a Multi-Layer Perceptron (MLP) neural network compared to 63% obtained using the best statistical method of Parzen windows. The majority of the recognition error was caused by a minority of the humans. Analysis of sensor data revealed that only 30% of the sensor array were contributing discriminatory information so it was deduced that performance would undoubtedly improve if a full array of effective sensors were available. Exploratory data analysis revealed that human odour changed from day to day and often an increasing divergence with time was observed. A time-adaptive method was devised which increased the recognition to 89%, but was still too low for use as a biometric recognition device. However, use as a verification device demonstrated acceptable levels of performance but resulted in high levels of user frustration caused by a high proportion of users being falsely rejected. This work demonstrated that an olfactory based biometric access control system could be a realistic proposition but requires further work, especially in the areas of sensor development and unique human odour research, before an operational system could be produced.
32
Graziano, Timothy Michael. "Establishment of a Cyber-Physical Systems (CPS) Test Bed to Explore Traffic Collision Avoidance System (TCAS) Vulnerabilities to Cyber Attacks." Thesis, Virginia Tech, 2021. http://hdl.handle.net/10919/104624.
Full textAbstract:
Traffic Collision Avoidance Systems (TCAS) are safety-critical, unauthenticated, ranging
systems required in commercial aircraft. Previous work has proposed TCAS vulnerabilities
to attacks from malicious actors with low cost software defined radios (SDR) and inexpensive
open-source software (GNU radio) where spoofing TCAS radio signals in now possible. This
paper outlines a proposed threat model for several TCAS vulnerabilities from an adversarial
perspective. Periodic and aperiodic attack models are explored as possible low latency solutions
to spoof TCAS range estimation. A TCAS test bed is established with commercial
avionics to demonstrate the efficacy of proposed vulnerabilities. SDRs and Vector Waveform
Generators (VWGs) are used to achieve desired latency. Sensor inputs to the TCAS system
are spoofed with micro-controllers. These include Radar Altimeter, Barometric Altimeter,
and Air Data Computer (ADC) heading and attitude information transmitted by Aeronautical
Radio INC (ARINC) 429 encoding protocol. TCAS spoofing is attempted against the
test bed and analysis conducted on the timing results and test bed performance indicators.
The threat model is analyzed qualitatively and quantitatively.<br>Master of Science<br>Traffic Collision Avoidance Systems (TCAS), or Airborne Collision Avoidance Systems
ACAS), are safety-critical systems required by the Federal Aviation Administration (FAA)
in commercial aircraft. They work by sending queries to surrounding aircraft in the form of
radio transmission. Aircraft in the who receive these transmissions send replies. Information
in these replies allow the TCAS system to determine if a nearby aircraft may travel too close
to itself. TCAS can then determine help both pilots avoid a mid-air collision. Information in
the messages can be faked by a malicious actor. To explore these vulnerabilities a test bed
is built with commercial grade TCAS equipment. Several types of attacks are evaluated.
33
Nadipelly, Vinaykumar. "Dynamic Scoping for Browser Based Access Control System." TopSCHOLAR®, 2012. http://digitalcommons.wku.edu/theses/1149.
Full textAbstract:
We have inorganically increased the use of web applications to the point of using them for almost everything and making them an essential part of our everyday lives. As a result, the enhancement of privacy and security policies for the web applications is becoming increasingly essential. The importance and stateless nature of the web infrastructure made the web a preferred target of attacks. The current web access control system is a reason behind the victory of attacks. The current web consists of two major components, the browser and the server, where the effective access control system needs to be implemented. In terms of an access control system, the current web has adopted the inadequate same origin policy and same session policy for the browser and server, respectively. The current web access control system policies are sufficient for the earlier day's web, which became inadequate to address the protection needs of today's web.
In order to protect the web application from un-trusted contents, we provide an enhanced browser based access control system by enabling the dynamic scoping. Our security model for the browser will allow the client and trusted web application contents to share a common library and protect web contents from each other, while they still get executed at different trust levels. We have implemented a working model of an enhanced browser based access control system in Java, under the Lobo browser.
34
Костомаха, Марія Володимирівна, та Mariia Kostomakha. "Комп’ютерна система біометричної аутентифікації особи за відбитком пальця". Bachelor's thesis, Тернопільський національний технічний університет імені Івана Пулюя, 2021. http://elartu.tntu.edu.ua/handle/lib/35567.
Full textAbstract:
У кваліфікаційній роботі спроектовано комп’ютерну систему біометричної аутентифікації особи за відбитком пальців, що відповідає вимогам технічного завдання.
Основними апаратними пристроями спроектованої системи є: сканер відбитків пальців на основі ZFM-20; пристрій керування процесом зчитування та аутентифікації особи Raspberry PI Model B; компонента виводу інформаційних повідомлень для взаємодії з користувачем LCD 2*16.
Взаємодію між сканером відбитків пальців і Raspberry PI забезпечено шляхом використання USB Serial адаптера. Логіку роботи програмного забезпечення реалізовано засобами мови програмування Python, що підтримується обраним однокристальним міні-комп’ютером.<br>In the qualification work, a computer system of biometric authentication of a person by fingerprint is designed, which meets the requirements of the technical task. The goal of the work was achieved through the use of sound hardware and developed software.
The main hardware devices of the designed system are: fingerprint scanner based on ZFM-20; Raspberry PI Model B reading and authentication process control device; component for outputting information messages for interaction with the user LCD 2 * 16.
The interaction between the fingerprint scanner and the Raspberry PI is provided by using a USB Serial adapter. The success of the authentication is additionally signaled by the LED. The logic of the software is implemented using Python programming language supported by the selected single-chip mini-computer.<br>ПЕРЕЛІК ОСНОВНИХ УМОВНИХ ПОЗНАЧЕНЬ, СИМВОЛІВ І СКОРОЧЕНЬ 8
ВСТУП 9
1 АНАЛІЗ ВИМОГ ТЕХНІЧНОГО ЗАВДАННЯ ТА МЕТОДІВ БІОМЕТРИЧНОЇ АУТЕНТИФІКАЦІЇ ОСОБИ 10
1.1 Аналіз вимог технічного завдання на проектування комп’ютерної системи біометричної аутентифікації особи за відбитком пальця 10
1.2 Методи і засоби аутентифікації особи 16
2 РОЗРОБКА ПРОЕКТУ КОМП’ЮТЕРНОЇ СИСТЕМИ БІОМЕТРИЧНОЇ АУТЕНТИФІКАЦІЇ ОСОБИ ЗА ВІДБИТКОМ ПАЛЬЦІВ 22
2.1 Архітектура комп’ютерної системи біометричної аутентифікації 22
2.2 Обґрунтування вибору та аналіз технічних характеристики Raspberry PI 24
2.3 Аналіз технічних характеристик сканера відбитків пальців 28
2.4 Особливості застосування LCD-дисплея 32
2.5 Перетворювач USB – UART 35
2.6 Побудова схеми комп’ютерної системи біометричної аутентифікації особи за відбитком пальця 36
3 ПРОГРАМНЕ ЗАБЕЗПЕЧЕННЯ КОМП’ЮТЕРНОЇ СИСТЕМИ БІОМЕТРИЧНОЇ АУТЕНТИФІКАЦІЇ ОСОБИ ЗА ВІДБИТКОМ ПАЛЬЦІВ 41
3.1 Реалізація логіки роботи програмного забезпечення комп’ютерної системи біометричної аутентифікації 41
3.2 Тестування комп’ютерної системи аутентифікації особи 53
РОДІЛ 4 БЕЗПЕКА ЖИТТЄДІЯЛЬНОСТІ, ОСНОВИ ОХОРОНИ ПРАЦІ 56
4.1 Вплив виробничого середовища на працездатність та здоров'я користувачів
комп'ютерів 56
4.2 Захист населення у надзвичайних ситуаціях від впливу радіації 59
ВИСНОВКИ 56
СПИСОК ВИКОРИСТАНИХ ДЖЕРЕЛ 57
Додаток A. Технічне завдання
Додаток Б. Програмне забезпечення комп’ютерної системи біометричної аутентифікації особи за відбитком пальця
35
Varshney, Rimpu. "Towards Designing Open Secure IoT System - Insights for practitioners." Thesis, Malmö universitet, Fakulteten för teknik och samhälle (TS), 2018. http://urn.kb.se/resolve?urn=urn:nbn:se:mau:diva-20199.
Full textAbstract:
IoT industry is growing at a rapid pace since everyone wants to connect everything to internet in order to use various services and applications using shared data. Openness is observed as an emerging trend in IoT industry. Security & privacy of the data are very important aspects in the design and deployment of the connected devices or Internet of Things. Fast growth in number of connected devices, heterogeneity, constrained resources, privacy, software upgrades and operational environment create important security related challenges in this domain. It is difficult to address challenges even with the considerable amount of existing work that has been done for decades in the area of security & privacy. In this research, a semi-systematic literature survey of the state of the art is conducted related to security & privacy aspects within the IoT area. The results were validated by conducting qualitative survey with IoT practitioners. The efforts have resulted towards identifying several security trends & challenges and security design aspects that can be considered by IoT practitioners in order to design an open and secure IoT system.It can be concluded from the study that security is not only needed but is a mandatory characteristic for IoT. However, there are no general guidelines that can be proposed to address security issues since security is not only a technical problem but is more of an awareness, mindset, people and process issue. In this thesis, a novel model is proposed with openness and security characteristics. This model is grounded based on the theoretical findings and empirical data obtained from IoT practitioners. Each of the characteristics has its own design aspects that needs to be considered by IoT practitioners to design a more secure IoT system.
36
Boudermine, Antoine. "A dynamic attack graphs based approach for impact assessment of vulnerabilities in complex computer systems." Electronic Thesis or Diss., Institut polytechnique de Paris, 2022. http://www.theses.fr/2022IPPAT046.
Full textAbstract:
De nos jours, les réseaux informatiques sont utilisés dans de nombreux domaines et leur défaillance peut avoir un fort impact sur notre vie quotidienne. L'évaluation de leur sécurité est une nécessité pour réduire le risque de compromission par un attaquant. Néanmoins, les solutions proposées jusqu'à présent sont rarement adaptées à la grande complexité des systèmes informatiques modernes. Elles reposent souvent sur un travail humain trop important et les algorithmes utilisés ne sont pas assez performants. De plus, l'évolution du système dans le temps est rarement modélisée et n'est donc pas prise en compte dans l'évaluation de sa sécurité. Dans cette thèse, nous proposons un nouveau modèle de graphe d'attaque construit à partir d'une description dynamique du système. Nous avons mis en évidence à travers nos expériences que notre modèle permettait d'identifier davantage de chemins d'attaque qu'un modèle de graphe d'attaque statique. Nous avons ensuite proposé un algorithme de simulation d'attaques permettant d'approximer les chances de succès de compromission du système par un acteur malveillant. Nous avons également prouvé que notre solution était capable d'analyser la sécurité de systèmes complexes. La complexité en temps dans le pire des cas a été évaluée pour chaque algorithme utilisé et plusieurs tests ont été réalisés pour mesurer leurs performances réelles. Pour terminer, nous avons appliqué notre solution sur un réseau IT composé de plusieurs milliers d'éléments. De futurs travaux devraient être réalisés pour améliorer les performances de l'algorithme de génération des graphes d'attaque afin de permettre d'analyser des systèmes toujours plus complexes. Des solutions devraient également être trouvées pour faciliter l'étape de modélisation du système qui reste encore à ce jour une tâche difficile à réaliser, surtout par des humains. Enfin, l'algorithme de simulation pourrait être amélioré pour être plus réaliste et tenir compte des réelles capacités de l'attaquant. Il serait également intéressant d'évaluer l'impact des attaques au niveau de l'organisation et de ses processus métiers<br>Nowadays, computer networks are used in many fields and their breakdown can strongly impact our daily life. Assessing their security is a necessity to reduce the risk of compromise by an attacker. Nevertheless, the solutions proposed so far are rarely adapted to the high complexity of modern computer systems. They often rely on too much human work and the algorithms used don't scale well. Furthermore, the evolution of the system over time is rarely modeled and is therefore not considered in the evaluation of its security.In this thesis, we propose a new attack graph model built from a dynamic description of the system. We have shown through our experimentations that our model allows to identify more attack paths than a static attack graph model. We then proposed an attack simulation algorithm to approximate the chances of success of system compromise by a malicious actor.We also proved that our solution was able to analyze the security of complex systems. The worst-case time complexity was assessed for each algorithm used. Several tests were performed to measure their real performances. Finally, we applied our solution on an IT network composed of several thousand elements.Future work should be done to improve the performance of the attack graph generation algorithm in order to analyze increasingly complex systems. Solutions should also be found to facilitate the system modeling step which is still a difficult task to perform, especially by humans. Finally, the simulation algorithm could be improved to be more realistic and take into account the real capabilities of the attacker. It would also be interesting to assess the impact of the attacks on the organization and its business processes
37
Semerád, Lukáš. "Generování kryptografického klíče z biometrických vlastností oka." Master's thesis, Vysoké učení technické v Brně. Fakulta informačních technologií, 2014. http://www.nusl.cz/ntk/nusl-236038.
Full textAbstract:
The main topic of the thesis is creation of formulas for the amount of information entropy in biometric characteristics of iris and retina. This field of science in biometrics named above is unstudied yet, so the thesis tries to initiate research in this direction. The thesis also discusses the historical context of security and identification fields according to biometric characteristics of a human being with an overlap for potential usage in biometrics of iris and retina. The Daugman’s algorithm for converting iris image into the binary code which can be used as a cryptographic key is discussed in detail. An application implementing this conversion is also a part of the thesis.
38
PASI, RICCARDO. "Flood impact over urban system : how to assess and manage urban vulnerabilities to adapt spatial planning practices at the municipal scale." Doctoral thesis, Università IUAV di Venezia, 2017. http://hdl.handle.net/11578/278743.
Full text
39
Li, Jiawei. "Person re-identification with limited labeled training data." HKBU Institutional Repository, 2018. https://repository.hkbu.edu.hk/etd_oa/541.
Full textAbstract:
With the growing installation of surveillance video cameras in both private and public areas, it is an immediate requirement to develop intelligent video analysis system for the large-scale camera network. As a prerequisite step of person tracking and person retrieval in intelligent video analysis, person re-identification, which targets in matching person images across camera views is an important topic in computer vision community and has been received increasing attention in the recent years. In the supervised learning methods, the person re-identification task is formulated as a classification problem to extract matched person images/videos (positives) from unmatched person images/videos (negatives). Although the state-of-the-art supervised classification models could achieve encouraging re-identification performance, the assumption that label information is available for all the cameras, is impractical in large-scale camera network. That is because collecting the label information of every training subject from every camera in the large-scale network can be extremely time-consuming and expensive. While the unsupervised learning methods are flexible, their performance is typically weaker than the supervised ones. Though sufficient labels of the training subjects are not available from all the camera views, it is still reasonable to collect sufficient labels from a pair of camera views in the camera network or a few labeled data from each camera pair. Along this direction, we address two scenarios of person re-identification in large-scale camera network in this thesis, i.e. unsupervised domain adaptation and semi-supervised learning and proposed three methods to learn discriminative model using all available label information and domain knowledge in person re-identification. In the unsupervised domain adaptation scenario, we consider data with sufficient labels as the source domain, while data from the camera pair missing label information as the target domain. A novel domain adaptive approach is proposed to estimate the target label information and incorporate the labeled data from source domain with the estimated target label information for discriminative learning. Since the discriminative constraint of Support Vector Machines (SVM) can be relaxed into a necessary condition, which only relies on the mean of positive pairs (positive mean), a suboptimal classification model learning without target positive data can be those using target positive mean. A reliable positive mean estimation is given by using both the labeled data from the source domain and potential positive data selected from the unlabeled data in the target domain. An Adaptive Ranking Support Vector Machines (AdaRSVM) method is also proposed to improve the discriminability of the suboptimal mean based SVM model using source labeled data. Experimental results demonstrate the effectiveness of the proposed method. Different from the AdaRSVM method that using source labeled data, we can also improve the above mean based method by adapting it onto target unlabeled data. In more general situation, we improve a pre-learned classifier by adapting it onto target unlabeled data, where the pre-learned classifier can be domain adaptive or learned from only source labeled data. Since it is difficult to estimate positives from the imbalanced target unlabeled data, we propose to alternatively estimate positive neighbors which refer to data close to any true target positive. An optimization problem for positive neighbor estimation from unlabeled data is derived and solved by aligning the cross-person score distributions together with optimizing for multiple graphs based label propagation. To utilize the positive neighbors to learn discriminative classification model, a reliable multiple region metric learning method is proposed to learn a target adaptive metric using regularized affine hulls of positive neighbors as positive regions. Experimental results demonstrate the effectiveness of the proposed method. In the semi-supervised learning scenario, we propose a discriminative feature learning using all available information from the surveillance videos. To enrich the labeled data from target camera pair, image sequences (videos) of the tagged persons are collected from the surveillance videos by human tracking. To extract the discriminative and adaptable video feature representation, we propose to model the intra-view variations by a video variation dictionary and a video level adaptable feature by multiple sources domain adaptation and an adaptability-discriminability fusion. First, a novel video variation dictionary learning is proposed to model the large intra-view variations and solved as a constrained sparse dictionary learning problem. Second, a frame level adaptable feature is generated by multiple sources domain adaptation using the variation modeling. By mining the discriminative information of the frames from the reconstruction error of the variation dictionary, an adaptability-discriminability (AD) fusion is proposed to generate the video level adaptable feature. Experimental results demonstrate the effectiveness of the proposed method.
40
Jomaa, Diala. "Fingerprint Segmentation." Thesis, Högskolan Dalarna, Datateknik, 2009. http://urn.kb.se/resolve?urn=urn:nbn:se:du-4264.
Full textAbstract:
In this thesis, a new algorithm has been proposed to segment the foreground of the fingerprint from the image under consideration. The algorithm uses three features, mean, variance and coherence. Based on these features, a rule system is built to help the algorithm to efficiently segment the image. In addition, the proposed algorithm combine split and merge with modified Otsu. Both enhancements techniques such as Gaussian filter and histogram equalization are applied to enhance and improve the quality of the image. Finally, a post processing technique is implemented to counter the undesirable effect in the segmented image. Fingerprint recognition system is one of the oldest recognition systems in biometrics techniques. Everyone have a unique and unchangeable fingerprint. Based on this uniqueness and distinctness, fingerprint identification has been used in many applications for a long period. A fingerprint image is a pattern which consists of two regions, foreground and background. The foreground contains all important information needed in the automatic fingerprint recognition systems. However, the background is a noisy region that contributes to the extraction of false minutiae in the system. To avoid the extraction of false minutiae, there are many steps which should be followed such as preprocessing and enhancement. One of these steps is the transformation of the fingerprint image from gray-scale image to black and white image. This transformation is called segmentation or binarization. The aim for fingerprint segmentation is to separate the foreground from the background. Due to the nature of fingerprint image, the segmentation becomes an important and challenging task. The proposed algorithm is applied on FVC2000 database. Manual examinations from human experts show that the proposed algorithm provides an efficient segmentation results. These improved results are demonstrating in diverse experiments.
41
Kwaa-Aidoo, Ephrem K. "Culturally aligned security in banking. A system for rural banking in Ghana." Thesis, University of Bradford, 2010. http://hdl.handle.net/10454/4433.
Full textAbstract:
This thesis is an investigation into the unique rural banking system in Ghana and the role of information systems in fraud control. It presents a robust information security and internal control model to deal with fraud for the banking system. The rural banking industry has been noted for poor internal control leading to fraud. This has resulted in poor performance and even the collapse of some banks. The Focus of the study was on the processes used to deliver banking services.
To design a protection system, a number of rural banks were visited. This was to understand the environment, regulatory regimes and the structure and banking processes of the industry and banks. Systemic vulnerabilities within the industry which could be exploited for fraud were found. The lack of structures like an address system and unreliable identification documents makes it difficult to use conventional identification processes. Also the lack of adequate controls, small staff numbers and the cross organisational nature of some transactions among other cultural issues reduces the ability to implement transaction controls. Twenty fraud scenarios were derived to illustrate the manifestation of these vulnerabilities.
The rural banking integrity model was developed to deal with these observations. This protection model was developed using existing information security models and banking control mechanisms but incorporating the nature of the rural banking industry and culture of its environment. The fraud protection model was tested against the fraud scenarios and was shown to meet the needs of the rural banking industry in dealing with its systemic vulnerabilities. The proposed community-based identification scheme deals with identification weaknesses as an alternative to conventional identity verification mechanisms. The Transaction Authentication Code uses traditional adinkra symbols. Whilst other mechanisms like the Transaction Verification Code design
v
internal controls into the banking processes. This deals with various process control weaknesses and avoids human discretion in complying with controls. Object based separation of duties is also introduced as a means of controlling conflicting tasks which could lead to fraud.
42
Öberg, Fredrik. "Investigation on how presentation attack detection can be used to increase security for face recognition as biometric identification : Improvements on traditional locking system." Thesis, Mittuniversitetet, Institutionen för informationssystem och –teknologi, 2021. http://urn.kb.se/resolve?urn=urn:nbn:se:miun:diva-42294.
Full textAbstract:
Biometric identification has already been applied to society today, as today’s mobile phones use fingerprints and other methods like iris and the face itself. With growth for technologies like computer vision, the Internet of Things, Artificial Intelligence, The use of face recognition as a biometric identification on ordinary doors has become increasingly common. This thesis studies is looking into the possibility of replacing regular door locks with face recognition or supplement the locks to increase security by using a pre-trained state-of-the-art face recognition method based on a convolution neural network. A subsequent investigation concluded that a networks based face recognition are is highly vulnerable to attacks in the form of presentation attacks. This study investigates protection mechanisms against these forms of attack by developing a presentation attack detection and analyzing its performance. The obtained results from the proof of concept showed that local binary patterns histograms as a presentation attack detection could help the state of art face recognition to avoid attacks up to 88\% of the attacks the convolution neural network approved without the presentation attack detection. However, to replace traditional locks, more work must be done to detect more attacks in form of both higher percentage of attacks blocked by the system and the types of attack that can be done. Nevertheless, as a supplement face recognition represents a promising technology to supplement traditional door locks, enchaining their security by complementing the authorization with biometric authentication. So the main contributions is that by using simple older methods LBPH can help modern state of the art face regognition to detect presentation attacks according to the results of the tests. This study also worked to adapt this PAD to be suitable for low end edge devices to be able to adapt in an environment where modern solutions are used, which LBPH have.
43
Kwaa-Aidoo, Ephrem Kwaku. "Culturally aligned security in banking : a system for rural banking in Ghana." Thesis, University of Bradford, 2010. http://hdl.handle.net/10454/4433.
Full textAbstract:
This thesis is an investigation into the unique rural banking system in Ghana and the role of information systems in fraud control. It presents a robust information security and internal control model to deal with fraud for the banking system. The rural banking industry has been noted for poor internal control leading to fraud. This has resulted in poor performance and even the collapse of some banks. The Focus of the study was on the processes used to deliver banking services. To design a protection system, a number of rural banks were visited. This was to understand the environment, regulatory regimes and the structure and banking processes of the industry and banks. Systemic vulnerabilities within the industry which could be exploited for fraud were found. The lack of structures like an address system and unreliable identification documents makes it difficult to use conventional identification processes. Also the lack of adequate controls, small staff numbers and the cross organisational nature of some transactions among other cultural issues reduces the ability to implement transaction controls. Twenty fraud scenarios were derived to illustrate the manifestation of these vulnerabilities. The rural banking integrity model was developed to deal with these observations. This protection model was developed using existing information security models and banking control mechanisms but incorporating the nature of the rural banking industry and culture of its environment. The fraud protection model was tested against the fraud scenarios and was shown to meet the needs of the rural banking industry in dealing with its systemic vulnerabilities. The proposed community-based identification scheme deals with identification weaknesses as an alternative to conventional identity verification mechanisms. The Transaction Authentication Code uses traditional adinkra symbols. Whilst other mechanisms like the Transaction Verification Code design v internal controls into the banking processes. This deals with various process control weaknesses and avoids human discretion in complying with controls. Object based separation of duties is also introduced as a means of controlling conflicting tasks which could lead to fraud.
44
Svoboda, Jan. "System for Recognition of 3D Hand Geometry." Master's thesis, Vysoké učení technické v Brně. Fakulta informačních technologií, 2014. http://www.nusl.cz/ntk/nusl-412913.
Full textAbstract:
V posledním desetiletí došlo ke zvýšení zájmu o užití 3D dat k biometrické identifikaci osob. Možná vůbec největší výzkum proběhl v oblasti 3D rozpoznávání podle obličeje, přičemž je v současné době dostupných vícero komerčních zařízení. V oblastni rozpoznávání podle 3D geometrie ruky byl v minulých letech proveden určitý výzkum jehož výsledkem však nebylo žádné komerční zařízení. Nezávisle na tomto výzkumu se v posledních letech velmi rozšířil trh s cenově dostupnými 3D sensory, což potenciálně umožňuje jejich nasazení v mnoha typech biometrických systémů. Hlavním cílem této práce je vytvořit funkční vzorek bezdotykového systému pro rozpoznávání osob podle 3D geometrie ruky, který bude používat novou levnou kameru RealSense 3D vyvíjenou v současné době firmou Intel. Jedním z problémů při použití RealSense kamery je její velmi malý form factor, který je příčinou nižší kvality výsledných snímků v porovnání s velmi drahými alternativami, které byly použity v již dříve zmíněném výzkumu 3D biometrických systémů. Práce se snaží analyzovat robustnost různých 2D a 3D příznaků a vyzkoušet několik různých přístupů k jejich fúzi. Rovněž je vyhodnocena výkonnost výsledného systému, kde je ukázáno, že navržené řešení dosahuje výsledků porovnatelných se state-of-the-art.
45
Mehdi, Ali. "Developing a Computer System for the Generation of Unique Wrinkle Maps for Human Faces. Generating 2D Wrinkle Maps using Various Image Processing Techniques and the Design of 3D Facial Ageing System using 3D Modelling Tools." Thesis, University of Bradford, 2011. http://hdl.handle.net/10454/5144.
Full textAbstract:
Facial Ageing (FA) is a very fundamental issue, as ageing in general, is part of our daily life process. FA is used in security, finding missing children and other applications. It is also a form of Facial Recognition (FR) that helps identifying suspects. FA affects several parts of the human face under the influence of different biological and environmental factors. One of the major facial feature changes that occur as a result of ageing is the appearance and development of wrinkles. Facial wrinkles are skin folds; their shapes and numbers differ from one person to another, therefore, an advantage can be taken over these characteristics if a system is implemented to extract the facial wrinkles in a form of maps. This thesis is presenting a new technique for three-dimensional facial wrinkle pattern information that can also be utilised for biometric applications, which will back up the system for further increase of security. The procedural approaches adopted for investigating this new technique are the extraction of two-dimensional wrinkle maps of frontal human faces for digital images and the design of three-dimensional wrinkle pattern formation system that utilises the generated wrinkle maps. The first approach is carried out using image processing tools so that for any given individual, two wrinkle maps are produced; the first map is in a binary form that shows the positions of the wrinkles on the face while the other map is a coloured version that indicates the different intensities of the wrinkles. The second approach of the 3D system development involves the alignment of the binary wrinkle maps on the corresponding 3D face models, followed by the projection of 3D curves in order to acquire 3D representations of the wrinkles. With the aid of the coloured wrinkle maps as well as some ageing parameters, simulations and predictions for the 3D wrinkles are performed.
46
Janečka, Petr. "Multimodální biometrický systém kombinující duhovku a sítnici." Master's thesis, Vysoké učení technické v Brně. Fakulta informačních technologií, 2015. http://www.nusl.cz/ntk/nusl-234910.
Full textAbstract:
This diploma thesis focuses on multibiometric systems, specifically on biometric fusion. The thesis describes eye biometrics, i.e. recognition based on retina and iris. The key part consists of design and implementation specification of a biometric system based on retina and iris recognition.
47
Falcão, Thiago Azevedo. "Comparação do desempenho do classificador de novidades com o classificador do vizinho mais próximo no reconhecimento facial." Universidade Federal do Amazonas, 2014. http://tede.ufam.edu.br/handle/tede/3297.
Full textAbstract:
Made available in DSpace on 2015-04-22T22:00:50Z (GMT). No. of bitstreams: 1
Thiago Falcao.pdf: 1370921 bytes, checksum: ec7b9ab219f2028eded75407403140be (MD5)
Previous issue date: 2014-01-13<br>This work proposes the new classifier for face recognition, novelty classifier, which is based on novelty filter proposed by Kohonen. In order to evaluate the new classifier performance, it is performed a comparison with nearest neighboard classifier, which uses the Euclidian distance as distance metric. ORL face database was chosen to be used in this comparison. There was not any pre-processing (photometric or geometric) on face images. It was used the following feature extraction methods: PCA, 2DPCA and (2D)2PCA. Some results in identification mode are exposed through rank 1 recognition rate and CMC curves. In verification mode, the results were presented by Correct Acceptance Rate (CAR), Equivalent Error Rate (EER), ROC curves and Area under the ROC curve (AUC). Results shown that the proposed classifier performs better than others previously published, when the 10-fold Cross Validation method is employed as a test strategy. Recognition rate of 100% is achieved with this test methodology.<br>Este trabalho propõe a utilização do classificador de novidades para reconhecimento de faces, o qual é baseado no filtro de novidades, proposto por Kohonen. Para avaliar o desempenho do novo classificador é feita uma comparação com o classificador do vizinho mais próximo, usando a métrica da distância euclidiana. A base de dados utilizada para essa comparação foi a base ORL. A informação da face é extraída utilizando os métodos PCA, 2DPCA e (2D)2PCA, sem usar qualquer tipo de pré-processamento (fotométrico ou geométrico). Os seguintes resultados são apresentados no modo de identificação: taxa de reconhecimento rank 1 e as curvas CMC, no modo verificação: as taxas de correta aceitação (CAR), de erro equivalente (EER), as curvas ROC e área sob a curva ROC (AUC). Os resultados obtidos mostraram que o classificador proposto tem um desempenho melhor do que o desempenho do vizinho mais próximo e do que outros classificadores anteriormente publicados usando a mesma base, quando a estratégia de validação cruzada 10-fold é usada, com essa estratégia a taxa de reconhecimento obtida foi de 100%
48
Alsolami, Eesa. "An examination of keystroke dynamics for continuous user authentication." Thesis, Queensland University of Technology, 2012. https://eprints.qut.edu.au/54730/1/Eesa_Alsolami_Thesis.pdf.
Full textAbstract:
Most current computer systems authorise the user at the start of a session and do not detect whether the current user is still the initial authorised user, a substitute user, or an intruder pretending to be a valid user. Therefore, a system that continuously checks the identity of the user throughout the session is necessary without being intrusive to end-user and/or effectively doing this. Such a system is called a continuous authentication system (CAS).
Researchers have applied several approaches for CAS and most of these techniques are based on biometrics. These continuous biometric authentication systems (CBAS) are supplied by user traits and characteristics. One of the main types of biometric is keystroke dynamics which has been widely tried and accepted for providing continuous user authentication. Keystroke dynamics is appealing for many reasons. First, it is less obtrusive, since users will be typing on the computer keyboard anyway. Second, it does not require extra hardware. Finally, keystroke dynamics will be available after the authentication step at the start of the computer session.
Currently, there is insufficient research in the CBAS with keystroke dynamics field. To date, most of the existing schemes ignore the continuous authentication scenarios which might affect their practicality in different real world applications.
Also, the contemporary CBAS with keystroke dynamics approaches use characters sequences as features that are representative of user typing behavior but their selected features criteria do not guarantee features with strong statistical significance which may cause less accurate statistical user-representation. Furthermore, their selected features do not inherently incorporate user typing behavior. Finally, the existing CBAS that are based on keystroke dynamics are typically dependent on pre-defined user-typing models for continuous authentication. This dependency restricts the systems to authenticate only known users whose typing samples are modelled.
This research addresses the previous limitations associated with the existing CBAS schemes by developing a generic model to better identify and understand the characteristics and requirements of each type of CBAS and continuous authentication scenario. Also, the research proposes four statistical-based feature selection techniques that have highest statistical significance and encompasses different user typing behaviors which represent user typing patterns effectively. Finally, the research proposes the user-independent threshold approach that is able to authenticate a user accurately without needing any predefined user typing model a-priori.
Also, we enhance the technique to detect the impostor or intruder who may take over during the entire computer session.
49
Laurinavičiūtė, Viktorija. "Nekilnojamojo turto įmonės darbo efektyvumo didinimas naudojant biometrinę pelytę." Master's thesis, Lithuanian Academic Libraries Network (LABT), 2009. http://vddb.library.lt/obj/LT-eLABa-0001:E.02~2009~D_20090615_104023-15073.
Full textAbstract:
Baigiamajame magistro darbe nagrinėjamas nekilnojamojo turto įmonių darbuotojų darbo efektyvumas ir jo didinimo galimybės panaudojant naujausias technologijas – biometrinę kompiuterio pelytę bei VGTU studentų ir dėstytojų sukurtą internetinę ekspertinę sistemą, duodančią patarimus darbuotojų našumui didinti. Darbe apibendrintai aprašomas Lietuvos ūkio darbo našumas, jo pasikeitimai per pastaruosius metus, bei veiksniai, turintys didžiausią įtaką darbo našumui. Taip pat darbe aprašomos biometrinės technologijos, apžvelgiamas jų panaudojimas nekilnojamojo turto sektoriuje ir galimybė jas pritaikyti darbo efektyvumui didinti. Atlikus stebėjimus biometrine kompiuterio pelyte ir nustačius didžiausią įtaką darbuotojų našumui darančius veiksnius, remiantis A. Maslowo poreikių teorija buvo sukurta ekspertinė darbo našumo didinimo sistema. Išanalizavus darbo su biometrine pelyte ir sukurta ekspertine sistema rezultatus, darbo gale pateikiamos darbo išvados ir pasiūlymai.<br>The labour productivity problem and possibility to improve labour productivity by using biometric technologies and web-based expert system, developed by students and academics of VGTU is analyzed in this thesis. Summarized description of the labour productivity in general, its progress during few past years in Lithuania and factors that make the biggest influence on the level of labour productivity are described. Also the work contains overview of the biometric systems, usage of them in real estate and the possibility to increase labour productivity. After making observations during work with biometric mouse and identifying factors that affect productivity the most, the expert system, based on the A.Maslows hierarchy of needs was developed. Conclusion and suggestions were made after performing the analysis of the results of working with the biometric mouse and web-based expert system.
50
LAUDATO, Gennaro. "Innovative information systems to monitor biomedical parameters during high demanding tasks." Doctoral thesis, Università degli studi del Molise, 2021. http://hdl.handle.net/11695/100496.
Full textAbstract:
The objective of this PhD project is, as its research core, the application of Machine Learning techniques and Big Data analytics to monitor, in a non-invasive way, vital parameters of individuals engaged in tasks that require a high psychophysical effort.
The industrial partners of this project are Formula Medicine (as Italian industrial partner with advisor Dr. Riccardo Ceccarelli) and AOTech (foreign industrial partner with advisor mr. Sebastien Philippe).
Formula Medicine is a sports medicine center able to offer medical assistance and training programs both physical and mental. Its strength is represented by the Mental Economy Gym, a gym dedicated to the optimization of mental resources. AOTech, on the other hand, is a partner company of Formula Medicine and a leader in the definition of high-tech products and services for the automotive industry and motorsport. AOTech has designed a sport driving simulator, able to reproduce all the main world circuits.
The simulator, thanks to the equipment of a hydraulic system, allows to relive physical and mental
sensations very similar to those perceived during real driving. The software system also allows vehicle’s data extraction.
Within the present project, also taking into account the research domain of the industrial partners, the focus has been addressed to the monitoring of athletes belonging to motorsport with two linked but distinct objectives: the first, strictly related to the analysis of the drivers’ body performances and the second dedicated to the automatic identification of cardiac pathologies starting from electrocardiographic data.
Finally, the know-how on the monitoring of biomedical parameters, acquired during the first years of this PhD project in the field of motorsport, was exported to the field of software engineering with the aim of verifying the possibility of predicting the correctness of a programming task that a software developer performs, based on the continuous monitoring of his body parameters.
As a first result of the PhD, novel metrics have been defined to objectify effort, physical consumption, stress, and other factors. These metrics have been included in the software in use in Formula Medicine to have a measure of performance. In addition, part of them were correlated with the race performance of the drivers, through the integration of the body data with the data derived from the driving simulator used in AOTech.
With regards to the second research focus, a decision support system was defined in the context of
early diagnosis of cardiac diseases. The recommendation system consists of several algorithms that accept as input a digital electrocardiographic lead and identify the presence of a possible cardiac pathology.
Finally, in the software engineering research field, the production of a developer was measured by evaluating the absence of defects in the source code.
Preliminary results show that the proposed approach—that takes into account biomedical and code-based features—allows to discriminate with fair accuracy the outcome of a programming task, reaching an accuracy higher than 80%.
This result was compared to state of the art metrics based on measures on the source code. It was higher than source code metrics, thus demonstrating the importance of biometric measurements in the identification of correctness of a coding task.