Data security is an important term which plays a major role in computers as the cyber-crimes are constantly on the rise in today's world. Unauthorized access to ...
International Journal of Medical Toxicology & Legal Medicine Vol. 21 No. 3 & 4, July – Oct 2018
TRUSTED COMPUTING AND SECURITY FOR COMPUTER FOLDERS Dinesh Raj Mahendran1, Arshad Jamal2*, Rabab Alayham Abbas Helmi3, Mariam Aisha4 Abstract
The passwords based on text need to be keyed directly into the login fields and as a result it suffers from problems of its own like spyware attacks and shoulder surfing attacks. There are many other problems related to setting up the text as a password to safeguard security of the personal data on the computers like, passwords which are too small, or the effortless password which do not rely extensively on cognition. Such passwords are prone to be broken by means of hit and trail, brute force or even dictionary attacks1. One might want to get rid of the above mentioned shortcomings of the text based passwords by mechanisms such as setting complex rules and policies for creating a password like adding numbers, using different cases in a password and compulsory addition of special characters in the password. But then again they induce issues and shortcomings of their own like too much reliance on human cognitive abilities. Many more techniques have been prevalent in order to overcome the shortcomings of text based passwords like graphical passwords which works on the principle of recognition rather than recalling since visuals makes it easy to remember than recalling the textual passwords and biometrics passwords which may require additional hardware for its processing. The biometrics include options like fingerprints, face recognition, iris recognition, DNA, etc. In this research paper, one of the biometric technique is exploited to add on to the security for important data on a user’s computer in a selective manner. As mentioned above biometrics may require additional hardware, keeping this in mind voice based passwords using human’s voice as an authentication is one of the cheap and best possible biometrics solution. It is considered cheap as most of the modern computers and laptops do come equipped with an inbuilt microphone. And it is a reliable and secured way of protecting personal data on the computers as it helps to overcome the shortfalls of a text based password. The Trusted Computing and Security for Computer folders is designed to use one of the biometrics i.e. voice of a person to protect selected folder and files where a user may store his or her personal and confidential data. This helps to overcome the overhead of protecting the entire computer’s data which may have some sensitive as well as a lot of data which is not of a sensitive nature. Every human can be differentiated from each other based on their distinctive features. Biometric recognition or simply read as biometrics can be defined as an automated mechanism of identifying or classifying a person based on the human distinctive features like behavioral or psychological characteristics Conversing or speaking style of an individual is one of the distinguishing aspect that can be used for identifying a person. Voice, usually considered as a form of behavioral biometric is in fact a combination of both
Data security is an important term which plays a major role in computers as the cyber-crimes are constantly on the rise in today’s world. Unauthorized access to user’s personal data is a major problem of the computer users. In some cases, the user will not be able to protect their personal data from being transferred from the user’s personal device to another device without their knowledge leading to exposure of personal data. Besides that, due to these problems the user might not be able to identify the person who tries to access into their files or folders which may contains the personal data of the user. Providing extra security measures for such devices is a solution, but it may exhaust system resources in the process of securing all data on the device regardless of its sensitivity. Another solution for the problems, Trusted Computing and Security for Computer Folders is suggested. The first feature is a login system using biometric (voice based password) to access into the system for securing folders and files. Second is the encryption and decryption of selected files using AES algorithm. Lastly, an unauthorized user access image capture. These features helps to solve the problem stated. As a result, there will be a high possibility of protecting personal data of the user from being leaked without the owner’s knowledge. Introduction Trusted computing is a term which is used to refer to resolving basic security problems that many users have been facing in the cyber world. Text based passwords have been extensively used historically. Keywords: Biometrics, Fast Fourier Transform, Advance Encryption Standard, Voice Recognition. 1.� Final Year Graduate Student Faculty of Information Sciences & Engineering Management and Science University 2.� Lecturer Faculty of Information Sciences and Engineering Management and Science University 3.� Senior Lecturer Faculty of Information Sciences and Engineering Management and Science University 4.� Director Research Management Centre Management and Science University Corresponding Author Arshad Jamal Lecturer Faculty of Information Sciences & Engineering Management and Science University. https://doi.org/10.5958/0974-4614.2018.00036.0
94�
International Journal of Medical Toxicology & Legal Medicine Vol. 21 No. 3 & 4, July – Oct 2018
physiological and behavioral biometrics2. Having multiple levels of security for your confidential/personal data is an added advantage. To enable this a second level of security has been added whereby the files in the designated trusted folder can be encrypted using an Advanced Encryption Standard (AES). Amongst the various encryption algorithm like AES, Data Encryption Algorithm (DES) and Triple Data Encryption Algorithm (3DES), AES always performs much better than the later3,4. To assist the users in identifying the prospective intruders, the system also incorporates automated web cam accessibility to utilize the front camera of the laptops to capture the image of an intruder on three unsuccessful attempts. The image of the intruder also gets stored in the designated trusted folder for a later review. Thus, the combination of the above three features i.e dual layer protection which includes encrypting the data and a system which is based on biometrics of person along with an assurance of getting to know the possible breakers/data stealers increases the potential of protecting the user’s confidential data from being leaked out without the owner’s knowledge or being accessed by unauthorized sources.
�� ���� ������� ���
������������ ������� �������� ���� Fig 1: Development Methodology
Methods A few research methods have been used in this project to gain information and materials. Combining more than one data gathering techniques which involves qualitative as well as quantitative data gathering techniques helps in catering to the information and knowledge that has been acquired from the current times as well as historical data. On the other hand it also creates a caveat for the future5. By using a combination of research methodologies, more data related to the current situation has been gathered which includes the number of breaches taking place by means of shoulder surfing and dictionary attack or brute force attack on the text based passwords. Moreover, many of the attacks which may result in the data breach is usually a resultant of a weak password. A simple research methodology which uses the search and compare method has been implemented to formulate the working of the project (Fig. 1) using Agile Unified Process6 methodology of software development. The motivation behind the project was the data breach reports. According to the 2017 Data Breach Investigations Report (10th Edition), other than hacking and malware, 81% of the times hacking related breaches took the advantage of a stolen password or a weak password (Fig. 2). Two important aspects were covered in this project in order to safeguard the user’s data. The first one was the usage of the biometrics due to its uniqueness and the second was that of encryption. Both the aspects can be fulfilled by various algorithms and techniques. For this project, Fast Fourier Transform (FFT) based speech recognition system has been implemented.
Fig 2: Tactics Used for Stealing Data7 FFT uses signals produced in the speech and analyses the features of the speech8. Before this many researchers have used the FFT based speech recognition for building applications like small dictionaries, basic commands for guiding machines, etc. In this project, FFT is used to identify a person based on his or her voice-print. Using the FFT, feature of a person’s voice is recording by using multiple trials to train a voice. Once the voice has been trained enough, it is confirmed as a password. It is then, that this trained voice only is able to lock or unlock a pre chosen folder where all the sensitive information is stored. The training the voice feature works on the principle of identifying the spoken phrase from a person’s trained voice only. The next feature which is the encryption of the files is carried out which gives the data an additional security. The encryption of the file is carried out using the AES algorithm using a 128 bit encryption key. It has been one of the most widely used algorithms for encrypting and decrypting 95�
International Journal of Medical Toxicology & Legal Medicine Vol. 21 No. 3 & 4, July – Oct 2018
sensitive information. The AES takes the plain text/data and using 128 bit key generates a cipher algorithm and applies it on the plain text to generate the ciphered text (Fig. 3). The same secret key is required to decrypt the encrypted text in order to get the original text/data.
the image is encrypted using the same AES algorithm thus having a dual protection layer on the evidence as well.
Fig 4: Trusted Computing & Security for Computer Folders – Start Page For any software developed, testing is one of the core aspects. On the same lines it was necessary to test the application thoroughly post the development phase. This testing was done by the developer. But it is also important to give the product in the hands of the actual users. The application after being run through a thorough testing process, was sent for beta testing9 to the focused groups consisting of computer forensics students and lecturers. Pleasing results were obtained from the usability survey where by about 90% of the reviewers rated the product in the range of 4 and 5 on a scale of 1-5 (Fig. 5), 1 being lowest and 5 highest rating.
Fig 3: Working of the AES Algorithm The last feature which is capturing the image of an intruder who is trying to break into the secured folder gives an added comfort of making it possible to identify potential threats to the system. This process works in the background and the possible unauthorized user remains totally unaware of the fact as the laptop’s camera or an attached webcam takes the picture in the background without visibly invoking the camera application. This image too is stored in the biometric password protected folder in the encrypted format. This feature can help in tracking possible time of the attack as well as this is logged into the application logs. Results and Discussion The application Trusted Computing and Security for Computer Folders has been tested and the results have been promising. The usability of the application has been kept simple and attractive (Fig. 4). The user post installation just need to train his or her voice by speaking into the laptop or a desktop’s microphone. A phrase is to be chosen which needs to be repeated in order to train the voice. Once the voice is trained this chosen phrase is to be used to lock or unlock the folder. Like it has been earlier iterated in the paper above, the aim of the application is not protect all the data but selective sensitive information only, the application provides a predefined folder where all the sensitive information will be stored in a protected manner by the user. The application gives the option to modify the default folder and choose any other folder as well. The storing of the image of the intruder in a protected location avoids it from being tampered, which gives a possibility of it being used as an evidence as well in the event of courtroom proceeding. Also,
Fig 5: User Rating - Trusted Computing & Security for Computer Folders Also, maximum users acknowledged the fact that this new solution will help in enhancing the protection of the personal and confidential data for a user on their personal computers (Fig. 6).
96�
International Journal of Medical Toxicology & Legal Medicine Vol. 21 No. 3 & 4, July – Oct 2018
References 1.� Nizamani SZ, Hassan SR, Khanzada TJ, Jali MZ, A Text based Authentication Scheme for Improving Security of Textual Passwords, International Journal of Advanced Computer Science and Applications, 2017, Vol. 8, No. 7, pg. 513-521 2.� Rudrapal D, Debberma SD, N.K Debberma, Voice Recognition and Authentication as a Proficient Biometric Tool and its Application in Online Exam for P.H People, International Journal of Computer Applications, 2012, Vol 39 3.� Alaa Taqa, A.A Zaidan, B.B Zaidan, New Framework for High Secure Data Hidden in the MPEG Using AES Encryption Algorithm, International Journal of Computer and Electrical Engineering (IJCEE) 2009,Vol.1, No.5, pg. 566-571 4.� A.A.Zaidan, B.B.Zaidan, Hamid.A.Jalab, A New System for Hiding Data within (Unused Area Two + Image Page) of Portable Executable File using Statistical Technique and Advance Encryption Standard, International Journal of Computer Theory and Engineering (IJCTE), 2010, Vol 2, No. 2 5.� Ellen Huan-Niemi, Pasi Rikkonen, Jyrki Niemi, Olli Wuori, Janne Niemi, Combining quantitative and qualitative research methods to foresee the changes in the Finnish agri-food sector, Futures, 2016, Vol 83 , pg 88-99, 6.� Long H, An Empirical Review of Research Methodologies and Methods in Creativity Studies, Creativity Research Journal, 2014, Vol 26, No 4, pg. 427-438 7.� Data Breach Investigation Report, 2017, Accessed at https://www.ictsecuritymagazine.com/wpcontent/uploads/2017-Data-Breach-InvestigationsReport.pdf on 04-Jun-2018 8.� Singh L, Speech Signal Analysis using FFT and LPC, International Journal of Advanced Research in Computer Engineering & Technology(IJARCET), 2015, Vol. 4, Iss. 4, pg. 1658-1660 9.� Ghuman S.S, International Journal of Computer Science and Mobile Computing, 2014, Vol.3 Issue.10, pg. 988-993 10.� Nilu Singh, R.A. Khan, Raj Shree, Applications of Speaker Recognition, Procedia Engineering, 2012, Volume 38, pg. 3122-3126
Fig 6: User Acceptance Rate for the Trusted Computing & Security for Computer Folders Conclusion There exist a multiple range of products in the market which are utilizing multiple ways of locking and unlocking folders, logging into applications using multiple mechanisms like text password, graphical password and even different types of biometrics. Using voice is a cheap and easy way of using biometrics as a means of securing data as it uses the existing hardware without the need of upgrading hardware cost. Moreover, recognizing a speaker is an amalgamation of natural language recognition and biometrics10 which provides an enhanced security. The designed solution can be a potential cheap way of using biometrics which is one of the most secured ways of securing information due to its uniqueness to a person. The existing product does have some aspects which can be better worked upon like combining multiple mechanisms for speech identification to improve performance. Like all the voice based systems the shortcoming of a noisy environment is something which can be worked upon as a future recommendation.
97�
