An Overview of Fingerprint-Based Authentication: Liveness Detection and Beyond

In this paper, we provide an overview of fingerprint sensing methods used for authentication. We analyze the current fingerprint sensing technologies, from algorithmic, as well as from hardware perspectives. We then focus on methods to detect physical liveness, defined as techniques that can be used to ensure that a living human user is attempting to authenticate on a system. We analyze how effective these methods are at preventing attacks where a malicious entity tries to trick a fingerprint-based authentication system to accept a fake finger as a real one (spoofing attacks). We then identify broader attack points against biometric data, such as fingerprints. Finally, we propose novel measures to protect fingerprint data.

To Make a Robot Secure: An Experimental Analysis of Cyber Security Threats Against Teleoperated Surgical Robots

Teleoperated robots are playing an increasingly important role in military actions and medical services. In the future, remotely operated surgical robots will likely be used in more scenarios such as battlefields and emergency response. But rapidly growing applications of teleoperated surgery raise the question; what if the computer systems for these robots are attacked, taken over and even turned into weapons? Our work seeks to answer this question by systematically analyzing possible cyber security attacks against Raven II, an advanced teleoperated robotic surgery system. We identify a slew of possible cyber security threats, and experimentally evaluate their scopes and impacts. We demonstrate the ability to maliciously control a wide range of robots functions, and even to completely ignore or override command inputs from the surgeon. We further find that it is possible to abuse the robot's existing emergency stop (E-stop) mechanism to execute efficient (single packet) attacks. We then consider steps to mitigate these identified attacks, and experimentally evaluate the feasibility of applying the existing security solutions against these threats. The broader goal of our paper, however, is to raise awareness and increase understanding of these emerging threats. We anticipate that the majority of attacks against telerobotic surgery will also be relevant to other teleoperated robotic and co-robotic systems.