Madalina Baltatu

Entropy Analysis and New Constructions of Biometric Key Generation Systems

In this paper, a new, soft two-level approach for the generation of multiple and revocable biometric keys, adapted to the analog nature of biometric signals, is proposed. It consists of a novel randomized soft code-offset construction for the Euclidean metric, at the first level, and a code-redundancy construction for the Hamming metric, possibly based on a Reed-Solomon code, at the second level. The Shannon entropy analysis shows that the new construction achieves optimal security with respect to biometric template protection, whereas the previously proposed constructions for the Euclidean metric are shown to be insecure in the multiple-key setting. In addition, a general code-offset construction for the Hamming metric is analyzed in terms of the Shannon entropy instead of the usual min entropy. This allows a nice characterization of the codes that provide biometric template protection in the multiple-key scenario as well as a further differentiation among these codes with respect to the achievable security level.

NEMESYS: Enhanced Network Security for Seamless Service Provisioning in the Smart Mobile Ecosystem

As a consequence of the growing popularity of smart mobile devices, mobile malware is clearly on the rise, with attackers targeting valuable user information and exploiting vulnerabilities of the mobile ecosystems. With the emergence of large-scale mobile botnets, smartphones can also be used to launch attacks on mobile networks. The NEMESYS project will develop novel security technologies for seamless service provisioning in the smart mobile ecosystem, and improve mobile network security through better understanding of the threat landscape. NEMESYS will gather and analyze information about the nature of cyber-attacks targeting mobile users and the mobile network so that appropriate counter-measures can be taken. We will develop a data collection infrastructure that incorporates virtualized mobile honeypots and a honeyclient, to gather, detect and provide early warning of mobile attacks and better understand the modus operandi of cyber-criminals that target mobile devices. By correlating the extracted information with the known patterns of attacks from wireline networks, we will reveal and identify trends in the way that cyber-criminals launch attacks against mobile devices.

NIS03-4: Implementing Biometrics-Based Authentication for Mobile Devices

This paper presents a face recognition system for mobile devices running the Symbian operating system. The recognition algorithm is based on a one-class classification approach implemented by means of support vector machines. It discusses important aspects related to the practical implementation of the algorithm on Symbian 60 Series mobile phones, and gives some preliminary results outlining the performances achieved by the recognition system with several different configurations.

User Authentication based on Face Recognition with Support Vector Machines

The present paper proposes an authentication scheme which relies on face biometrics and one-class Support Vector Machines. The proposed recognition procedures are based on both a global approach and on a combination of a global and a component-based approaches. Two different features extraction methods and three light compensation algorithms are tested. The combined system outperforms the global system and yields a significant performance enhancement with respect to the prior results obtained with the one-class Support Vector Machines approach for face recognition.

Security for smart mobile networks: The NEMESYS approach

The growing popularity of smart mobile devices such as smartphones and tablets has made them an attractive target for cyber-criminals, resulting in a rapidly growing and evolving mobile threat as attackers experiment with new business models by targeting mobile users. With the emergence of the first large-scale mobile botnets, the core network has also become vulnerable to distributed denial-of-service attacks such as the signaling attack. Furthermore, complementary access methods such as Wi-Fi and femtocells introduce additional vulnerabilities for the mobile users as well as the core network. In this paper, we present the NEMESYS approach to smart mobile network security, to develop novel security technologies for seamless service provisioning in the smart mobile ecosystem, and to improve mobile network security through a better understanding of the threat landscape.

Soft generation of secure biometric keys

A new, soft two-level approach for the generation of multiple and revocable biometric keys, adapted to the analog nature of biometric signals, is proposed. It consists of a novel soft code-offset construction for theEuclideanmetric, applied at the first level, and a code-redundancy construction for the Hamming metric, preferably based on a Reed-Solomon code, applied at the second level.The Shannon entropy analysis shows that the new construction achieves maximal possible security. It is also shown that the previously proposed constructions for the Euclidean metric are vulnerable to biometric template reconstruction in the multiple-key scenario.

A Face Recognition System for Mobile Phones

The present paper proposes a biometrics-based authentication system for mobile devices running the Symbian Operating System. Mobile devices are becoming more and more similar to personal computers, hence they are also becoming repositories for sensitive information. In this context a more powerful authentication mechanism than simple passwords becomes essential. The paper describes a face recognition approach for mobile devices, discusses some important issues related to the practical implementation of the authentication scheme, and gives some preliminary results outlining the performances and the limits of proposed recognition system.

NEMESYS: First Year Project Experience in Telecom Italia Information Technology

In 2011, when mobile malware quadrupled in volume, it became clear that malware for mobile platforms would experience a rapid increase. During 2012 it continued to grow steadily, closely following the spreading of smartphones all over the world. For mobile network operators it is also clear that this growing phenomenon must be at least constantly monitored, if not prevented altogether. At the present moment there are no effective tools to achieve this purpose. NEMESYS comes to fill in this vacuum. This paper presents the vision, position and activities of Telecom Italia Information Technology as part of the NEMESYS project. The emphasis is given to the perception and practical experience of mobile threats and mobile security in Telecom Italia Mobile Network, and on the advances in the art that our company is hoping to achieve from its active participation to the project.

Toward Ubiquitous Acceptance of Biometric Authentication: Template Protection Techniques

The present paper provides a study of theoretical and practical security issues related to the deployment of generic reliable authentication mechanisms based on the use of biometrics and personal hardware tokens, like smart cards. The analysis covers various possible authentication infrastructures, but is mainly focused on the definition of basic requirements and constraints of a particular security scheme, namely client-side authentication. The deployment of such a scheme proves to be necessary when specific application deployment constraints are encountered, particularly when there is a conspicuous need to guarantee the privacy of the users. The paper suggests several solutions to this problem, and proposes a particular template protection technique based on a secure secret sharing scheme. The fundamental goal of this technique is to secure biometric systems sensitive to privacy issues and which rely, at some extent, on authentication performed at the client end of the application.