Incorporating emotion detection in text-dependent speaker authentication
- van Rensburg, Ebenhaeser Otto Janse, Von Solms, Rossouw
- Authors: van Rensburg, Ebenhaeser Otto Janse , Von Solms, Rossouw
- Date: 2024-04
- Subjects: Automatic speech recognition , Biometric identification , Computer networks -- Security measures , Computer networks -- Access control
- Language: English
- Type: Doctoral theses , text
- Identifier: http://hdl.handle.net/10948/64566 , vital:73767
- Description: Biometric authentication allows a person to access sensitive information using unique physical characteristics. Voice, as a biometric authentication method, is gaining popularity due to its unique characteristics and widespread availability on smartphones and other devices. It offers a secure and user-friendly alternative to traditional password-based authentication and allows a less intrusive authentication method than fingerprint authentication. Furthermore, a vast amount of information is portrayed through voice, such as age, gender, health, and emotional state. Gaining illegitimate access to information becomes significantly more difficult as biometrics are difficult to steal, and countermeasures to techniques such as replay attacks are constantly being improved. However, illegitimate access can be gained by forcing a legitimate person to authenticate themselves through voice. This study investigates how the emotion(s) carried by voice can assist in detecting if authentication was performed under duress. Knowledge is contributed using a three-phased approach: information gathering, experimentation, and deliberation. The experimentation phase is further divided into three phases to extract data, implement findings, and assess the value of determining duress using voice. This phased approach to experimentation ensures minimal change in variables and allows the drawn conclusions to be relevant to each phase. The first phase examines datasets and classifiers; the second phase explores feature enhancement techniques and their impact; and the third phase discusses performance measurements and their value to emotion detection. , Thesis (DPhil) -- Faculty Of Engineering, the Built Environment and Technology, School of Information Technology, 2024
- Full Text:
- Date Issued: 2024-04
- Authors: van Rensburg, Ebenhaeser Otto Janse , Von Solms, Rossouw
- Date: 2024-04
- Subjects: Automatic speech recognition , Biometric identification , Computer networks -- Security measures , Computer networks -- Access control
- Language: English
- Type: Doctoral theses , text
- Identifier: http://hdl.handle.net/10948/64566 , vital:73767
- Description: Biometric authentication allows a person to access sensitive information using unique physical characteristics. Voice, as a biometric authentication method, is gaining popularity due to its unique characteristics and widespread availability on smartphones and other devices. It offers a secure and user-friendly alternative to traditional password-based authentication and allows a less intrusive authentication method than fingerprint authentication. Furthermore, a vast amount of information is portrayed through voice, such as age, gender, health, and emotional state. Gaining illegitimate access to information becomes significantly more difficult as biometrics are difficult to steal, and countermeasures to techniques such as replay attacks are constantly being improved. However, illegitimate access can be gained by forcing a legitimate person to authenticate themselves through voice. This study investigates how the emotion(s) carried by voice can assist in detecting if authentication was performed under duress. Knowledge is contributed using a three-phased approach: information gathering, experimentation, and deliberation. The experimentation phase is further divided into three phases to extract data, implement findings, and assess the value of determining duress using voice. This phased approach to experimentation ensures minimal change in variables and allows the drawn conclusions to be relevant to each phase. The first phase examines datasets and classifiers; the second phase explores feature enhancement techniques and their impact; and the third phase discusses performance measurements and their value to emotion detection. , Thesis (DPhil) -- Faculty Of Engineering, the Built Environment and Technology, School of Information Technology, 2024
- Full Text:
- Date Issued: 2024-04
Pursuing cost-effective secure network micro-segmentation
- Authors: Fürst, Mark Richard
- Date: 2018
- Subjects: Computer networks -- Security measures , Computer networks -- Access control , Firewalls (Computer security) , IPSec (Computer network protocol) , Network micro-segmentation
- Language: English
- Type: text , Thesis , Masters , MSc
- Identifier: http://hdl.handle.net/10962/131106 , vital:36524
- Description: Traditional network segmentation allows discrete trust levels to be defined for different network segments, using physical firewalls or routers that control north-south traffic flowing between different interfaces. This technique reduces the attack surface area should an attacker breach one of the perimeter defences. However, east-west traffic flowing between endpoints within the same network segment does not pass through a firewall, and an attacker may be able to move laterally between endpoints within that segment. Network micro-segmentation was designed to address the challenge of controlling east-west traffic, and various solutions have been released with differing levels of capabilities and feature sets. These approaches range from simple network switch Access Control List based segmentation to complex hypervisor based software-defined security segments defined down to the individual workload, container or process level, and enforced via policy based security controls for each segment. Several commercial solutions for network micro-segmentation exist, but these are primarily focused on physical and cloud data centres, and are often accompanied by significant capital outlay and resource requirements. Given these constraints, this research determines whether existing tools provided with operating systems can be re-purposed to implement micro-segmentation and restrict east-west traffic within one or more network segments for a small-to-medium sized corporate network. To this end, a proof-of-concept lab environment was built with a heterogeneous mix of Windows and Linux virtual servers and workstations deployed in an Active Directory domain. The use of Group Policy Objects to deploy IPsec Server and Domain Isolation for controlling traffic between endpoints is examined, in conjunction with IPsec Authenticated Header and Encapsulating Security Payload modes as an additional layer of security. The outcome of the research shows that revisiting existing tools can enable organisations to implement an additional, cost-effective secure layer of defence in their network.
- Full Text:
- Date Issued: 2018
- Authors: Fürst, Mark Richard
- Date: 2018
- Subjects: Computer networks -- Security measures , Computer networks -- Access control , Firewalls (Computer security) , IPSec (Computer network protocol) , Network micro-segmentation
- Language: English
- Type: text , Thesis , Masters , MSc
- Identifier: http://hdl.handle.net/10962/131106 , vital:36524
- Description: Traditional network segmentation allows discrete trust levels to be defined for different network segments, using physical firewalls or routers that control north-south traffic flowing between different interfaces. This technique reduces the attack surface area should an attacker breach one of the perimeter defences. However, east-west traffic flowing between endpoints within the same network segment does not pass through a firewall, and an attacker may be able to move laterally between endpoints within that segment. Network micro-segmentation was designed to address the challenge of controlling east-west traffic, and various solutions have been released with differing levels of capabilities and feature sets. These approaches range from simple network switch Access Control List based segmentation to complex hypervisor based software-defined security segments defined down to the individual workload, container or process level, and enforced via policy based security controls for each segment. Several commercial solutions for network micro-segmentation exist, but these are primarily focused on physical and cloud data centres, and are often accompanied by significant capital outlay and resource requirements. Given these constraints, this research determines whether existing tools provided with operating systems can be re-purposed to implement micro-segmentation and restrict east-west traffic within one or more network segments for a small-to-medium sized corporate network. To this end, a proof-of-concept lab environment was built with a heterogeneous mix of Windows and Linux virtual servers and workstations deployed in an Active Directory domain. The use of Group Policy Objects to deploy IPsec Server and Domain Isolation for controlling traffic between endpoints is examined, in conjunction with IPsec Authenticated Header and Encapsulating Security Payload modes as an additional layer of security. The outcome of the research shows that revisiting existing tools can enable organisations to implement an additional, cost-effective secure layer of defence in their network.
- Full Text:
- Date Issued: 2018
Network-layer reservation TDM for ad-hoc 802.11 networks
- Authors: Duff, Kevin Craig
- Date: 2008
- Subjects: Computer networks -- Access control , Computers -- Access control , Computer networks -- Management , Time division multiple access , Ad hoc networks (Computer networks)
- Language: English
- Type: Thesis , Masters , MSc
- Identifier: vital:4574 , http://hdl.handle.net/10962/d1002773 , Computer networks -- Access control , Computers -- Access control , Computer networks -- Management , Time division multiple access , Ad hoc networks (Computer networks)
- Description: Ad-Hoc mesh networks offer great promise. Low-cost ad-hoc mesh networks can be built using popular IEEE 802.11 equipment, but such networks are unable to guarantee each node a fair share of bandwidth. Furthermore, hidden node problems cause collisions which can cripple the throughput of a network. This research proposes a novel mechanism which is able to overcome hidden node problems and provide fair bandwidth sharing among nodes on ad-hoc 802.11 networks, and can be implemented on existing network devices. The scheme uses TDM (time division multiplexing) with slot reservation. A distributed beacon packet latency measurement mechanism is used to achieve node synchronisation. The distributed nature of the mechanism makes it applicable to ad-hoc 802.11 networks, which can either grow or fragment dynamically.
- Full Text:
- Date Issued: 2008
- Authors: Duff, Kevin Craig
- Date: 2008
- Subjects: Computer networks -- Access control , Computers -- Access control , Computer networks -- Management , Time division multiple access , Ad hoc networks (Computer networks)
- Language: English
- Type: Thesis , Masters , MSc
- Identifier: vital:4574 , http://hdl.handle.net/10962/d1002773 , Computer networks -- Access control , Computers -- Access control , Computer networks -- Management , Time division multiple access , Ad hoc networks (Computer networks)
- Description: Ad-Hoc mesh networks offer great promise. Low-cost ad-hoc mesh networks can be built using popular IEEE 802.11 equipment, but such networks are unable to guarantee each node a fair share of bandwidth. Furthermore, hidden node problems cause collisions which can cripple the throughput of a network. This research proposes a novel mechanism which is able to overcome hidden node problems and provide fair bandwidth sharing among nodes on ad-hoc 802.11 networks, and can be implemented on existing network devices. The scheme uses TDM (time division multiplexing) with slot reservation. A distributed beacon packet latency measurement mechanism is used to achieve node synchronisation. The distributed nature of the mechanism makes it applicable to ad-hoc 802.11 networks, which can either grow or fragment dynamically.
- Full Text:
- Date Issued: 2008
- «
- ‹
- 1
- ›
- »