Digital Forensics and Cyber Crime. Second International ICST Conference, ICDF2C 2010, Abu Dhabi, United Arab Emirates, October 4-6, 2010, Revised Selected Papers

Research Article

Towards More Secure Biometric Readers for Effective Digital Forensic Investigation

Download
444 downloads
  • @INPROCEEDINGS{10.1007/978-3-642-19513-6_6,
        author={Zouheir Trabelsi and Mohamed Al-Hemairy and Ibrahim Baggili and Saad Amin},
        title={Towards More Secure Biometric Readers for Effective Digital Forensic Investigation},
        proceedings={Digital Forensics and Cyber Crime. Second International ICST Conference, ICDF2C 2010, Abu Dhabi, United Arab Emirates, October 4-6, 2010, Revised Selected Papers},
        proceedings_a={ICDF2C},
        year={2012},
        month={5},
        keywords={Fingerprint reader Iris reader Biometrics scanners Denial of Service attack (DoS) forensic investigation Firewall Intrusion Detection/Prevention Systems (IDS/IPS)},
        doi={10.1007/978-3-642-19513-6_6}
    }
    
  • Zouheir Trabelsi
    Mohamed Al-Hemairy
    Ibrahim Baggili
    Saad Amin
    Year: 2012
    Towards More Secure Biometric Readers for Effective Digital Forensic Investigation
    ICDF2C
    Springer
    DOI: 10.1007/978-3-642-19513-6_6
Zouheir Trabelsi1,*, Mohamed Al-Hemairy1,*, Ibrahim Baggili2,*, Saad Amin3,*
  • 1: UAE University
  • 2: Zayed University
  • 3: British University in Dubai
*Contact email: trabelsi@uaeu.ac.ae, m.hussien@uaeu.ac.ae, Ibrahim.Baggili@zu.ac.ae, Saad.Amin@BUiD.ac.ae

Abstract

This paper investigates the effect of common network attacks on the performance, and security of several biometric readers. Experiments are conducted using Denial of Service attacks (DoSs) and the ARP cache poisoning attack. The experiments show that the tested biometric readers are vulnerable to DoS attacks, and their recognition performance is significantly affected after launching the attacks. However, the experiments show that the tested biometric readers are secure from the ARP cache poisoning attack. This work demonstrates that biometric readers are easy targets for malicious network users, lack basic security mechanisms, and are vulnerable to common attacks. The confidentiality, and integrity of the log files in the biometric readers, could be compromised with such attacks. It then becomes important to study these attacks in order to find flags that could aid in a network forensic investigation of a biometric device.