Arnob Paul scite author profile

Khan

Podder

et al. 2015

Iris recognition system for identity authentication and verification is one of the most precise and accepted biometrics in the world. Portable iris system mostly used in law enforcement applications, has been increasing more rapidly. The portable device, however, requires a narrow-bandwidth communication channel to transmit iris code or iris image. Though a full resolution of iris image is preferred for accurate recognition of individual, to minimize time in a narrowbandwidth channel for emergency identification, image compression should be used to minimize the size of image. This paper has investigated the effects of compression particularly for iris image based on wavelet transformed image, using Spatialorientation tree wavelet (STW), Embedded Zero tree Wavelet (EZW) and Set Partitioning in hierarchical trees (SPIHT), to identify the most suitable image compression. In this paper, Haar wavelet transform is utilized for image compression and image decomposition, by varying the decomposition level. The results have been examined in terms of Peak signal to noise ratio (PSNR), Mean square Error (MSE), Bit per Pixel Ratio (BPP)and Compression ratio (CR). It has been evidently found that wavelet transform is more effective in the image compression, as recognition performance is minimally affected and the use of Haar transform is ideally suited. CASIA, MMU iris database have been used for this purpose. Keywords-iris recognition; image compression; mean square error; peak signal to noise ratio(PSNR); wavelet decompositionI.

Survey of the Protection Mechanisms to the SSL-based Session Hijacking Attacks

Hossain

Islam

et al. 2018

NPA

Web communications between the server and the client are being used extensively. However, session hijacking has become a critical problem for most of the client-server communications. Among different session hijacking attacks, SSL stripping is the most dangerous attack. There are a number of measures proposed to prevent SSL tripping-based session hijacking attacks. However, existing surveys did not summarize all the preventive measures in a comprehensive manner (without much illustration and categorization). The objective of this paper is to provide a comprehensive survey of existing measures against SSL stripping-based session hijacking attacks and compare those measures. In this paper, we have classified all the existing preventive measures for SSL stripping-based session hijacking attacks into two main categories: client-side measures and server-side measures. We have illustrated the proposed solutions comprehensively with useful diagrams for clarification. We have also compared them based on different performance criteria. This paper will help web security researchers to have a comparative analysis of all solutions for the SSL stripping based attacks, thereby improving existing solutions to better protect the users from session hijacking attacks.

Reconfigurable architecture design of FIR and IIR in FPGA

Khan

Podder

et al. 2015

Rushmore

Park

Kim

Sidhwani

et al. 2021

We present Rushmore, a system that securely displays static or animated images using TrustZone. The core functionality of Rushmore is to securely decrypt and display encrypted images (sent by a trusted party) on a mobile device. Although previous approaches have shown that it is possible to securely display encrypted images using TrustZone, they exhibit a critical limitation that significantly hampers the applicability of using TrustZone for display security. The limitation is that, when the trusted domain of TrustZone (the secure world) takes control of the display, the untrusted domain (the normal world) cannot display anything simultaneously. This limitation comes from the fact that previous approaches give the secure world exclusive access to the display hardware to preserve security. With Rushmore, we overcome this limitation by leveraging a well-known, yet overlooked hardware feature called an IPU (Image Processing Unit) that provides multiple display channels. By partitioning these channels across the normal world and the secure world, we enable the two worlds to simultaneously display pixels on the screen without sacrificing security. Furthermore, we show that with the right type of cryptographic method, we can decrypt and display encrypted animated images at 30 FPS or higher for mediumto-small images and at around 30 FPS for large images. One notable cryptographic method we adapt for Rushmore is visual cryptography, and we demonstrate that it is a light-weight alternative to other cryptographic methods for certain use cases. Our evaluation shows that in addition to providing usable frame rates, Rushmore incurs less than 5% overhead to the applications running in the normal world. CCS CONCEPTS• Security and privacy → Mobile platform security; Trusted computing.

A Novel Zone-Walking Protection for Secure DNS Server

Islam

Hossain

et al. 2022

A zone walking attack is to get all existing domain information from a secured DNS server. NSEC3 protocol was proposed to defend against zone walking attacks in a secured DNS server, although NSEC3 uses more CPU time. In this paper, the authors have proposed two novel solutions to defend against the zone walking attack by addressing the efficiency issue of secure DNS protocol. They have simulated the proposed solution and analyzed it with different scenarios of the secure DNS server and attackers. The result of the experiment shows that the proposed solution Low Profiling can be effective against zone walking attacks for up to certain server-side and client-side parameters. The work can help researchers to understand how a new approach in the DNSSEC server can defend against zone walking attacks.