It is widely acknowledged that most biometric systems are vulnerable to spoofing, also known as imposture. While vulnerabilities and countermeasures for other biometric modalities have been widely studied, e.g. face verification, speaker verification systems remain vulnerable. This paper describes some specific vulnerabilities studied in the literature and presents a brief survey of recent work...

Gait is a relatively new biometric modality which has a precious advantage over other modalities, such as iris and voice, in that it can be easily captured from a distance. While it has recently become a topic of great interest in biometric research, there has been little investigation into gait spoofing attacks where a person tries to imitate the clothing or walking style of someone else. We r...

Today's Internet hosts are threatened by IP spoofing attacks and large scale Distributed Denial-of-Service (DDoS) attacks. We propose a new defense mechanism, StackPi, which unlike previous approaches, allows the host being attacked, or its upstream ISP, to filter out attack packets and to detect spoofed source IP addresses, on a per-packet basis. In StackPi, a packet is marked deterministicall...

To achieve end-to-end security, traditional machine-to-machine security measures are insufficient if the integrity of the human-computer interface is compromised. GUI logic flaws are a category of software vulnerabilities that result from logic bugs in GUI design/implementation. Visual spoofing attacks that exploit these flaws can lure even security-conscious users to perform unintended actions...

The spoofing attack is one of the security threats of systems depending on the Global Navigation Satellite System (GNSS). There have been many GNSS spoofing detection methods, and each of them focuses on a characteristic of the GNSS signal or a measurement that the receiver has obtained. The method based on a single detector is insufficient against spoofing attacks in some scenarios. How to fus...

Recent evaluations such as ASVspoof 2015 and the similarly-named AVspoof have stimulated a great deal of progress to develop spoofing countermeasures for automatic speaker verification. This paper reports an approach which combines speech signal analysis using the constant Q transform with traditional cepstral processing. The resulting constant Q cepstral coefficients (CQCCs) were introduced re...

In spite of the use of standard web security measures, swindlers often clone sensitive web sites and/or present false credentials, causing substantial damages to individuals and corporations. Several papers presented such web spoofing attacks, and suggested countermeasures, mostly by improved browser user interface. However, we argue that these countermeasures are inappropriate to most non-expe...

Spoofing makes the task of identification and tracking back of the perpetrator / initiator in Cyber Crimes very difficult, e.g. the attacks by way of changing its network identifiers in WLANs. In such a scenario, spoof detection methods have gain wide attention. One way to prevent from spoofing is to authenticate the frames. However, in 802.11 WLANs, authentication and encryption for management...

We present an analysis of a class of attacks we call address spoofing. Fundamentals of internetwork routing and communication are presented, followed by a discussion of the address spoofing class. The attack class is made concrete with a discussion of a well known incident. We conclude by dispelling several myths of purported security solutions including the security provided by one-time passwo...

Biometric forms of authentication are becoming increasingly popular in mobile devices. Passwords and PINs are being replaced by this convenient and more secure form of identification. Although biometric forms of identification provide a higher level of security, hacking and spoofing techniques are also becoming more sophisticated. There are anti-spoofing technologies that can help defend agains...