VOLUME 91
The growing digitization is generating more and more need for cybersecurity. Compromising with cybersecurity may result in the release of confidential information which may be a threat to an individual or nation. The threat may be to an individual, group of individuals, an organization, or an authority.
Computers play an important role in our daily lives and its usage has grown manifolds today. With ever increasing demand of security regulations all over the world and large number of services provided using the internet in day to day life, the assurance of security associated with such services has become a crucial issue. Biometrics is a key to the future of data/cyber security.
The term cybersecurity refers to the security of computer systems, their hardware, or electronic data. And, a threat to the security of this is referred to as a cybersecurity threat. Many hackers and miscreants misuse the technology to do crimes and the crime which is related to these cyber systems is known as cybercrime. There has been a considerable growth in the cyber-crimes in the world and this needs to be stopped to protect the privacy of an individual.
In the terms of computer security, biometrics refers to authentication techniques that rely on measurable physiological and individual characteristics that can be automatically verified. A biometric system is a system for the automated recognition of individuals based on their behavioral and biological characteristics. A biometric system is called either a verification system or an identification system depending on the application where it is used.
Cyber security is a major issue in today’s digital world with cyber-crime is increasing day by day. The losses and distress caused by cyber-attacks are prompting the pioneers in the field of information security to look for reliable and robust security measures. The growing use of online banking, e-commerce has led to the use of biometric technology to secure these transactions. Biometrics provides a strong defense against cyber security attacks. Biometrics is considered as a safeguard against cyber-crime. Now a day, banks encourage the use of fingerprint to authenticate transactions. Applications are available in the markets which are used to unlock computer or phones using facial recognition, fingerprint recognition or iris recognition.
Physical Biometrics
• Fingerprint – Analyzing fingertip patterns
• Facial recognition/face location – Measuring facial characteristics
• Hand geometry – Measuring the shape of the hand
• Iris scan – Analyzing features of colored ring of the eye
• Retinal scan – Analyzing blood vessels in the eye
• DNA – Analyzing genetic makeup
• Ear print – This method is based on geometric distances, force field transformation
Behavioral Biometrics
• Speaker /voice recognition – Analyzing vocal behavior
• Signature/handwriting – Analyzing signature dynamics
• Keystroke/patterning – Measuring the time spacing of typed words
Biometrics is a rapidly evolving technology that is being used in forensics, such as criminal identification and prison security, and that has the potential to be used in large range of civilian application areas. Biometrics can be used to prevent unauthorized access to ATMs, cellular phones, smart cards, desktop PCs, workstations and computer networks. It can be used during transactions conducted by telephone and internet (electronic commerce and electronic banking).
A large majority of data breaches result from weak authentication protocols – cybercriminals can obtain the credentials of users and gain access to an organizations’ most valuable assets within their IT infrastructure. In fact, some reports suggest that four fifths of hacking related breaches involved the leveraging of either compromised or weak passwords. Like any security solution, biometric technology offers no guarantees when defending against a data breach, they are inevitably fallible – however, the goal here is to reduce the possible risk. Biometrics measure similarity, not identity. So, a match represents a probability of correct recognition. Likewise, a non-match represents a probability, rather than a definitive conclusion.
The first and foremost thing is to be strict on cybersecurity laws and give proper punishment to those who violate the law. It is not impossible to deal with cybersecurity threats of biometric systems. These are created by man and therefore can be prevented by man. Advanced technology must be used to protect a confidential information. Also, it is important to make individuals aware of such threats and suggest them precautions while using any confidential or personal information. This way cybersecurity threats can be reduced to a lot extent and the purpose of technology advancements in all fields will be fulfilled.
By:
Pabasara Ranasinghe
Pabasara is an undergraduate of the Sri Lanka Institute of information technology who is currently following Bachelor of Information Technology specializing in Cyber Security, currently, she is working as an Intern - Information Security Engineer at Sri Lanka CERT|CC
References
1. Statistics on the Internet growth in Sri Lanka
http://www.trc.gov.lk/images/pdf/statis_sep_2012.doc
2. The Dragon Research Group(DRG)
http://www.dragonresearchgroup.org/
3. TSUBAME (Internet threat monitoring system) from JPCERT | CC
https://www.jpcert.or.jp/english/tsubame/
4. Shadowserver Foundation
http://www.shadowserver.org/wiki/
5. Team Cymru
http://www.team-cymru.com