Securing the Future of Biotechnology : A Study of Emerging Bio-Cyber Security Threats to DNA-Information Systems
出版項
2019
說明
1 online resource (125 pages)
文字
text
無媒介
computer
成冊
online resource
附註
Source: Dissertations Abstracts International, Volume: 81-04, Section: B
Advisor: Kohno, Tadayoshi
Thesis (Ph.D.)--University of Washington, 2019
Includes bibliographical references
Advances in biotechnology have made DNA manipulation and information processing ubiquitous. It is now an essential tool in many fields including medicine, genomics, forensics, and bioengineering. DNA technology increasingly resembles information technology: DNA, like any form of information, can be read (sequenced), written (synthesized), analyzed (with bioinformatics utilities), and stored (in genetic databases). However, the increasing computerization of DNA technology, and biotechnology more generally, raises new bio-cyber security concerns. Vulnerabilities that are typically associated with traditional computer systems -- like the processing of untrusted input, side-channel leaks, poor authentication, falsified data, and vulnerabilities in cyber-physical systems -- now exist in biotechnology.In this dissertation I explore three new bio-cyber security threats to DNA-information systems. I show how popular bioinformatics programs that process DNA data are vulnerable to malicious input and experimentally demonstrate, with a proof-of-concept, how physical DNA molecules could be used as a vector to compromise bioinformatics programs. Next, I explore a new side-channel vulnerability in next-generation DNA sequencers that arises in multiplexed sequencing, a common technique used to sequence multiple DNA samples in parallel. I demonstrate how this side-channel vulnerability can be used by an adversary to corrupt the genetic interpretation in other, concurrently sequenced genomic samples. Finally, I evaluate the security of popular genetic genealogy services that store consumer genetic data. I show how these databases are vulnerable to a number of attack including genotype extraction and forged relative attacks because an adversary can upload falsified and unauthenticated genetic data
Electronic reproduction. Ann Arbor, Mich. : ProQuest, 2020
