Cyber Security Lab
The key concern of the Information Security team of a bank today is the targeted cyber-attacks that hits the bank’s cyber infrastructure and assets causing damage (financial, reputation or both types). Banking industry around the world has experienced several such attacks. The pain points are in the form of malware attacks, exploiting vulnerabilities to gain unauthorized controls in the system, and Denial-of-Service (DoS) attacks. Even though the traditional cyber infrastructure and assets of a bank are safeguarded behind traditional defense layers of firewall, intrusion prevention system (IPS), and anti-malware solutions, attacks today are becoming more and more sophisticated to breach the traditional defense practices.
Moreover, the attacks are hitting the digital devices of customers. A security breach in often not-so-well-protected devices (e.g., malware initiated stealing the identity of the customer for illicit financial gain) or a well-crafted social engineering attack (e.g., phishing) poses an authentication challenge for the bank.
The Institute’s Cyber Security Lab has been set up to address these pain points of banks and financial institutions and their customers through advancing the state-of-the-art research, disseminating relevant knowledge in the banking and financial sector through training, consultancy, and forum meetings.
The objective of cyber security lab is to provide thought leadership to the banking and financial sector in the field of cyber security through the following activities:
- Carrying out research and development in the field of cyber security
- Conducting cyber security drills
- Security testing
- Conducting related training programs
- Organizing CISO Forum Meeting
What’s on in Cyber Security Lab
Research and DevelopmentIn this lab, we carry out research to address confidentiality, integrity, and availability aspects of information security. The CIA principles of information security also refers to authentication of ‘intended users’. Hence, authentication is another research focus of the lab. The research activities in the lab include:
- Cryptographic key generation from fingerprint: Cryptographic keys play an important role in secure communication and storage. But securing these cryptographic keys is a challenge. We have developed gray code based methods to generate these cryptographic keys from the fingerprint of a user on a need basis. This reduces the misuse of the keys by the adversaries.
- Fusion in multi-biometrics: We are working on optimisation-based approaches for score level and rank level fusion of multi-biometrics. Genetic algorithm and particle swarm based optimisation approaches are proposed in this context. A novel method to factor in the quality aspects for a wild scenario is also being developed.
- Video KYC (Know-Your-Customer): In this work, we are developing a PoC for Blockchain and machine learning-powered Video KYC system. It is envisaged as a one-stop video KYC platform for the entire banking sector. This multi-institute project is funded by MeitY and IIT Bhilai Technology Innovation Hub. For this project, we are collaborating within the Institute with Dr. Mridula Verma (AI & ML Lab), Dr. N. V. Narendra Kumar (Distributed Ledger Technologies Lab) and Dr. Susmita Mandal (Digital Payments Lab). Further, this work is carried out in collaboration with Dr. Ankit Gangwal, Sudipta Banerjee (both from IIIT Hyderabad), Dr. Nitin Khanna and Prof. Santosh Biswas (both from IIT Bhilai)
- Hardware Trojan Detection in Printed Circuit Boards using x-ray images: Hidden Trojan in a PCB is a major concern for any system. In this work, we aim to detect Hardware Trojan by automated inspection of x-ray image of a PCB. This project is funded by DRDO.
- Reversible Data Hiding: Reversible data hiding ensures exact recovery of the cover media along with the extraction of hidden data. Such a technique is used to ensure integrity of the cover media. Moreover, exact recovery of the cover media is helpful in sensitive applications, where original cover media is required for the subsequent analysis. We have developed several novel algorithms for reversible data hiding in images. Moreover, we have conceptualised how the developed algorithms can be used to ensure integrity of check images in the context of Cheque Truncation System or digital cheque applications.
- Pen ink analysis for handwritten document forensics: Machine learning models have been developed to analyze scanned handwritten document images to detect usage of two different pen inks to alter the document. The work also focuses on usage of a suitable color model and texture features to distinguish ink characteristics.
Bank interfacing worksIn this lab, we also carry out works to disseminate the knowledge to the information security teams of the banks and financial institutions. Some of the important works in this direction are mentioned below:
- Conducting Executive Development Programs: These programs mainly target the audience from the information security and the information technology verticals of banks. Few of the topics which have been recently covered in these programs are: cyber defense for banks, web application security, cyber security for remote working scenario, malware analysis, and AI/ML for cyber security.
- Chief Information Security Officer’s Forum: These forum meetings are regularly conducted to discuss the recent trends in cyber attacks and defences. IDRBT’s role in thought leadership and guidance in this field helps the CISO community in the Indian banking sector to take appropriate measures to bolster the cyber defense of the banks.
- Cyber Security Drill: The cyber security drill exercises are periodically carried out to test the capability of the banks and other financial organizations in detecting simulated cyber attacks. The learning from these exercises helps the banks to rethink their cyber security posture and take corrective actions in security technology deployments.
G. Dhruva Manasa
Guide: Dr. Rajarshi Pal
Topic: Attacks in Machine Learning
E. Sai Hima Harshini
Guide: Dr. Rajarshi Pal
Topic: Attack Detection in Mitre Attack Framework