1.SEPIA: Secure-PIN-Authentication-as-a-Service for ATM using Mobile and Wearable Devices
SEPIA: Secure-PIN-Authentication-as-a-Service for ATM using Mobile and Wearable Devices
Credit card fraud is a common problem in today’s world. Financial institutions have registered major loses till today due to users being exposed of their credit card information. Shoulder-surfing or observation attacks, including card skimming and video recording with hidden cameras while users perform PIN-based authentication at ATM terminals is one of the common threats for common users. Researchers have struggled to come up with secure solutions for secure PIN authentication. However, modern day ubiquitous wearable devices, such as the Google Glass have presented us with newer opportunities in this research area. In this paper, we propose Secure-PIN-Authentication-as-a- Service (SEPIA), a secure obfuscated PIN authentication protocol for ATM and other point-of-service terminals using cloud connected personal mobile and wearable devices. Our approach protects the user from shoulder-surfers and partial observation attacks, and is also resistant to relay, replay, and intermediate transaction attacks. A SEPIA user utilizes a Google Glass or a mobile device for scanning a QR code on the terminal screen to prove co-location to the cloud-based server and obtain a secure PIN template for point-of-service authentication. SEPIA ensures minimal task overhead on the user’s device with maximal computation offloaded to the cloud. We have implemented a proof-of-concept prototype to perform experimental analysis and a usability study for the SEPIA architecture.
2.Smart vehicle security system for defending against collaborative attacks by malware
Smart vehicle security system for defending against collaborative attacks by malware
Modern world vehicles are not just mechanical devices but are smart enough to make decisions and act based on real time inputs. This features also results in various technical vulnerabilities. So, Security systems are inevitably part of today’s life. Here in the proposed work a real time vehicle security system and malware detection system developed and implemented. The proposed system will ensure that the authorized person will be able to activate and use the car and thus ensuring that unauthorized access is prevented. When the car ignition is to be activated, the security system will initially check the person’s valid authentication and allow the valid user to access it. If it detects any unauthorized access, the proposed Person Authentication System (PAS) will prevent the person to operate the car and it will send the alert information image to the system controller. Also the malware system detects any spyware in the image to determine the authenticity of the image. The system is implemented integrating the hardware built on ARM core and user interface on java platform.