Wednesday, June 24, 2015

"We've changed the romantic cybercriminal for profit oriented organizations with strong interests"

Enrique Cabello. Director of IT and Statistic Department at URJC. Speaker in the summer course Innovation in security applied to the protection of digital identity

Enrique Cabello works as a teacher at URJC since 1998, coordinator of the FRAV (Face Recognition and Artificial Vision) Research group. He was the Main Researcher in the European project Visor Base (fifth Program UE Frame) and in other projects funded both by the Minister and private funds. Member of the standardization committees ISO SC37 and CEN TC 224 WG18, being as well the editor of "Borders and Law Enforcement Application Profiles for mobile biometric identification systems", we've stolen him a little time to answer a few questions: 

How did you get into this?

When I started in the world of investigation, the facial verification systems were just beginning. It was a very innovative and motivating project. I started working in this field and little by little I expanded the target of the investigation. Starting in facial recognition, patterns recognition, bio inspired systems, another systems to help decisions, etc.

What motivates you moving forward?

In the research group we're really envolved in projects (funded by the European Union or by the government) so maintaining us in ultimate issues is a need. The fact of being accompanied by companies and top investigation centers in Europe creates a very interesting, with fair competition, coworking environment.

Besides investigation, as a teacher I try to make the most of these experiencies, transferring them to the classroom. I think the students could benefit that the teachers are in projects very close to the world of international cooperation they will find when they finish their studies.

The fact of being in a multinational investigation group is an incentive to keep working. Finally, your closer environment helps and supports you to go on. To research alone, locked in the lab, is almost impossible nowadays. It's a collective task. The research group is the environment where you develop the day by day and, in fact, working with the research group is a real privilege.

What matters you most of the current cybersecurity world?

How fast it is growing. We've changed the "cybercriminal", a little bit romantic (like the movie "War Games" for profit oriented organizations with strong interests (economic, political, etc.) It has been a long time I believe this romantic conception of cybercriminal has disappeared. More and more they are specialized networks looking for economical profit.

Do you have any sentence as your day by day motto? 

I don't think so. I love reading and I try to extract something from the books I read (novels, history, outreach, economy,etc.) More than a sentence, I have a complete mosaic of situations which I select in each case, if I consider they can help me.

With movements like the new iPhone and many top Android smartphones it seems that the biometric authentication factors start to success in the mass consumption market. Which advantages and disadvantages they have compared with the authentication factors based on knowledge?

With the increase of the power and availability of the smartphones, they will have a bigger influence in our lives. More and more they're systems which we will use to pay, enter an event, bring our personal data, etc etc etc. Finally, a system like a smartphone or a tablet will substitute our traditional personal computer and it will be the system of communication with another systems.

The disadvantages are that we still have the smartphone as a phone with new features. But nowadays, it's a system that in many cases substitutes the traditional computer.

Among all kind of biometric technologies, you're specialized in the facial and visual recognition. In which field do you think these kind of technologies will fit and which problems do you commonly have to apply these tools in generic devices (smartphones, laprops, etc.)?  

In general terms, mobile devices have big problems to be used in facial biometric. The environment is not controlled: one day a person takes a pic in the street with full sunlight and another one is at home. Besides, an image can be taken from one angle and the other with a totally different perspective. In fact, the mobile devices for facial biometric are a very complex challenge. There are many situations where is possible to decrease this difficulties, for example, when the user wants to be recognized.

For this, the user has to feel some advantage. This is what's happening in the facial verification systems used in airports, people who go through the automatic systems are faster than the ones who do it manually.

Where are we going to in digital authentication?

Right now there's a great interest in what's called: Antispoofing or person attack detection. This means, detecting that biometric data really come from a user.

Por ejemplo y en el caso de verificación facial, descubrir si el sujeto lleva una careta que hace que se parezca a otro sujeto. O que intenta falsificar las huellas dactilares.

For example in the case of the facial verification, to discover if a user carries a mask which makes him look like another one. Or he's trying to falsify the fingerprints.

Another very interesting fact is the one related to privacy from design. That means introducing privacy and data protection from the biometric application design.

Both issues define my next lecture.


Post a Comment