How Businesses Can Fight Ransomware Attacks? Six Ways To Protect Your Organisation

Suggested: Cyber Security Predictions to Safeguard your Businesses

Source: Cybersecurity APAC 

Brain Waves Can be Used to Detect Potentially Harmful Personal Information

Cyber security and authentication have been under attack in recent months as, seemingly every other day, a new report of hackers gaining access to private or sensitive information comes to light. Just recently, more than 500 million passwords were stolen when Yahoo revealed its security was compromised.

Securing systems has gone beyond simply coming up with a clever password that could prevent nefarious computer experts from hacking into your Facebook account. The more sophisticated the system, or the more critical, private information that system holds, the more advanced the identification system protecting it becomes.

Fingerprint scans and iris identification are just two types of authentication methods, once thought of as science fiction, that are in wide use by the most secure systems. But fingerprints can be stolen and iris scans can be replicated. Nothing has proven foolproof from being subject to computer hackers.

“The principal argument for behavioral, biometric authentication is that standard modes of authentication, like a password, authenticates you once before you access the service,” said Abdul Serwadda a cybersecurity expert and assistant professor in the Department of Computer Science at Texas Tech University.

“Now, once you’ve accessed the service, there is no other way for the system to still know it is you. The system is blind as to who is using the service. So the area of behavioral authentication looks at other user-identifying patterns that can keep the system aware of the person who is using it. Through such patterns, the system can keep track of some confidence metric about who might be using it and immediately prompt for reentry of the password whenever the confidence metric falls below a certain threshold.”

One of those patterns that is growing in popularity within the research community is the use of brain waves obtained from an electroencephalogram, or EEG. Several research groups around the country have recently showcased systems which use EEG to authenticate users with very high accuracy.

However, those brain waves can tell more about a person than just his or her identity. It could reveal medical, behavioral or emotional aspects of a person that, if brought to light, could be embarrassing or damaging to that person. And with EEG devices becoming much more affordable, accurate and portable and applications being designed that allows people to more readily read an EEG scan, the likelihood of that happening is dangerously high.

“The EEG has become a commodity application. For $100 you can buy an EEG device that fits on your head just like a pair of headphones,” Serwadda said. “Now there are apps on the market, brain-sensing apps where you can buy the gadget, download the app on your phone and begin to interact with the app using your brain signals. That led us to think; now we have these brain signals that were traditionally accessed only by doctors being handled by regular people. Now anyone who can write an app can get access to users’ brain signals and try to manipulate them to discover what is going on.”

That’s where Serwadda and graduate student Richard Matovu focused their attention: attempting to see if certain traits could be gleaned from a person’s brain waves. They presented their findings recently to the Institute of Electrical and Electronics Engineers (IEEE) International Conference on Biometrics.

Brain waves and cybersecurity

Serwadda said the technology is still evolving in terms of being able to use a person’s brain waves for authentication purposes. But it is a heavily researched field that has drawn the attention of several federal organizations. The National Science Foundation (NSF), funds a three-year project on which Serwadda and others from Syracuse University and the University of Alabama-Birmingham are exploring how several behavioral modalities, including EEG brain patterns, could be leveraged to augment traditional user authentication mechanisms.

“There are no installations yet, but a lot of research is going on to see if EEG patterns could be incorporated into standard behavioral authentication procedures,” Serwadda said.

Assuming a system uses EEG as the modality for user authentication, typically for such a system, all variables have been optimized to maximize authentication accuracy. A selection of such variables would include:

The features used to build user templates.      

The signal frequency ranges from which features are extracted

The regions of the brain on which the electrodes are placed, among other variables.

Under this assumption of a finely tuned authentication system, Serwadda and his colleagues tackled the following questions:

If a malicious entity were to somehow access templates from this authentication-optimized system, would he or she be able to exploit these templates to infer non-authentication-centric information about the users with high accuracy?

In the event that such inferences are possible, which attributes of template design could reduce or increase the threat?

Turns out, they indeed found EEG authentication systems to give away non-authentication-centric information. Using an authentication system from UC-Berkeley and a variant of another from a team at Binghamton University and the University of Buffalo, Serwadda and Matovu tested their hypothesis, using alcoholism as the sensitive private information which an adversary might want to infer from EEG authentication templates.

In a study involving 25 formally diagnosed alcoholics and 25 non-alcoholic subjects, the lowest error rate obtained when identifying alcoholics was 25 percent, meaning a classification accuracy of approximately 75 percent.

When they tweaked the system and changed several variables, they found that the ability to detect alcoholic behavior could be tremendously reduced at the cost of slightly reducing the performance of the EEG authentication system.

Motivation for discovery

Serwadda’s motivation for proving brain waves could be used to reveal potentially harmful personal information wasn’t to improve the methods for obtaining that information. It’s to prevent it.

To illustrate, he gives an analogy using fingerprint identification at an airport. Fingerprint scans read ridges and valleys on the finger to determine a person’s unique identity, and that’s it.

In a hypothetical scenario where such systems could only function accurately if the user’s finger was pricked and some blood drawn from it, this would be problematic because the blood drawn by the prick could be used to infer things other than the user’s identity, such as whether a person suffers from certain diseases, such as diabetes.

Given the amount of extra information that EEG authentication systems are able glean about the user, current EEG systems could be likened to the hypothetical fingerprint reader that pricks the user’s finger. Serwadda wants to drive research that develops EEG authentication systems that perform the intended purpose while revealing minimal information about traits other than the user’s identity in authentication terms.

Currently, in the vast majority of studies on the EEG authentication problem, researchers primarily seek to outdo each other in terms of the system error rates. They work with the central objective of designing a system having error rates which are much lower than the state-of-the-art. Whenever a research group develops or publishes an EEG authentication system that attains the lowest error rates, such a system is immediately installed as the reference point.

A critical question that has not seen much attention up to this point is how certain design attributes of these systems, in other words the kinds of features used to formulate the user template, might relate to their potential to leak sensitive personal information. If, for example, a system with the lowest authentication error rates comes with the added baggage of leaking a significantly higher amount of private information, then such a system might, in practice, not be as useful as its low error rates suggest. Users would only accept, and get the full utility of the system, if the potential privacy breaches associated with the system are well understood and appropriate mitigations undertaken.

But, Serwadda said, while the EEG is still being studied, the next wave of invention is already beginning.

“In light of the privacy challenges seen with the EEG, it is noteworthy that the next wave of technology after the EEG is already being developed,” Serwadda said. “One of those technologies is functional near-infrared spectroscopy (fNIRS), which has a much higher signal-to-noise ratio than an EEG. It gives a more accurate picture of brain activity given its ability to focus on a particular region of the brain.”

The good news, for now, is fNIRS technology is still quite expensive; however there is every likelihood that the prices will drop over time, potentially leading to a civilian application to this technology. Thanks to the efforts of researchers like Serwadda, minimizing the leakage of sensitive personal information through these technologies is beginning to gain attention in the research community.

“The basic idea behind this research is to motivate a direction of research which selects design parameters in such a way that we not only care about recognizing users very accurately but also care about minimizing the amount of sensitive personal information it can read,” Serwadda said.

Enterprise Security with Data Integrity

A report by IBM stated that more than one billion personal records were attacked in 2014. The Enterprise Security Group (ESG) said that from 2013 to 2015, 49 percent of companies experienced data breaches. More on this: https://goo.gl/hVg8xM

Race captured by a drone looks like a race car game

China’s Xinhua news agency says it has developed an artificial intelligence news presenter, ready to take over 24/7, every single day of the year

The news anchor, based on the latest AI technology, has a male image with a voice, facial expressions and actions of a real person. “He” learns from live broadcasting videos by himself and can read texts as naturally as a professional news anchor.

Technology has transformed surveillance in the past years. A simple CCTV camera no longer cuts the mark; the possibilities and demands for surveillance are endless. In the 21st century, businesses need to consider a lot of aspects that probably didn't even exist a few years back. Here are four surveillance trends every CIO should know as the world is becoming smarter.

AI Leaps

For all the attention and the broad discussion, as a user of the electronic devices, we are aware that Artifical Intelligence is revolutionizing every industry drastically. AI has already made a significant impact by bringing advancement and making the life of humans a lot easier. Video surveillance is one of them. The machine learning or deep learning is mostly used for video analytics in many industries.

Video Surveilance

Better Results with AWS Monitoring

Most of the time, AWS continues to extend its market share and add new options and services at such a fast rate that even well-positioned corporations like Microsoft and Google find it exhausting to form a major contribution to the present market share. Cloud security and management of performance could be an exchange. The traditional applications will fail, and they cannot monitor data flaws in the cloud.

When a company uses the cloud, their management plane provides the power to work out associated management virtually everything that happens in the implementation on an unthinkable scale of detail in an on-the-spot data center. 

Indeed, the company management plane not only creates a rather intense single failure purpose within the cloud but it also conjointly establishes a rate level that’s difficult to stay with. The identical IP address might need to a separate server largely from minute to minute or it will stop.

Keep Reading

>> Top Homeland Security Companies

>> Top Cloud Consulting Companies

>> Top Cloud Solutions Companies

Technology Trends To Shape Future Healthcare

s technological advancements in healthcare evolve in the form of health tools, innovative health programs, analytic platforms and database systems, organizations willing to embrace these innovations are able to prosper in providing quality care and bringing productivity. 

Here are some health innovation trends that will impact the industry to resolve the industry related challenges and enhance care delivery.

Precision medicine: It is an emerging approach to treatment and prevention that takes into account individual variability in genes, environment, and lifestyle of each person. This will allow medical professionals to predict treatment and prevention strategies more accurately for particular diseases. This trend will greatly impact pharmaceutical research also. Precision medicine is anticipated to become more common in coming years, which is widely using in oncology already.

Know More: https://goo.gl/RwmtBU

How Scammers in China Manipulate Amazon

“Chinese sellers resort to a wide range of cunning techniques to manipulate product listings on Amazon and boost sales. WSJ’s Jon Emont investigates the fraudsters’ strategies and explains how consumers can detect sham listings”. Reblog with caption 🙃