Secure DNA Forensics Using Microfluidic Biochips

Abstract

This proposal aims to modernize DNA forensics to address the needs of a world where the security and trust of information flows are no longer assumed due to the proliferation of cheap, powerful, highly networked devices. It will leverage concepts from computer security to provide a high level of confidence in the integrity of the DNA forensic science and process itself. Trustworthy DNA forensic science are particularly relevant to DOD and broader security needs. The project will create the science of secure DNA forensics by focusing on areas that have normally been addressed through employee training, regulatory standards, and government oversight. Problems such as the handling and transport of materials can be interpreted as potential attack vectors and techniques from hardware and embedded security, microfluidics engineering and biochemistry will be devised to address them systematically with provable guarantees. The integrity of DNA forensics maybe compromised even before DNA analysis even begins. DNA forensics assumes that the samples under analysis were collected in a trustworthy manner. That is, the samples do not have contamination or were not exposed to environmental conditions that would lead to fouling of the samples. In a more adversarial setting, trust in the collections requires that the samples are not intentionally replaced by a malicious actor. Once the DNA samples are collected, they must be processed and analyzed for comparison with reference samples or a DNA database. The instructions for carrying out the processing are specified with a bioassay that instructs when samples are mixed, heated, or split with other reagents to obtain a desired result, such as in PCR used for DNA amplification. Tampering of the bioassay can lead to the loss of precious samples that may be impossible to collect more of, or can lead to misleading results that are inconclusive. Finally the support systems that surround the DNA processing are potential attack surfaces that must be evaluated. Microfluidic biochips are often supported by computer-based controllers and sensor feedback. The results of sensors reading back the final results must be transmitted electronically, which could potentially be tampered with. Furthermore, the storage and disposal of samples leaves open questions about how secure the entire flow of information is. The proposed research is interdisciplinary. The knowledge needed to produce meaningful new scientific results will require a high level of collaboration among experts in DNA forensic science, science and engineering of microfluidics and security---each of which is a highly interdisciplinary scientific field in its own right. The NYU team is noted for important early contributions to hardware security while the Duke team is renowned for its pioneering research in digital microfluidic technology. The collaboration between Duke and NYU leverages their respective strengths and has so far produced promising initial results for the security of digital microfluidic devices. This proposal aims to advance these results as well as to push forward new ideas about what can be achieved in security research. The outcome of this research will have an impact on an application area where the mere existence or absence of actionable evidence can have tremendous impact on human lives. Unlike traditional security engineering problems ---where the costs of an insecure system are often measured in dollars of lost revenue or down-time from a denial-of-service attack---the costs of insecurity in DNA forensics are measured in the lives of individuals who may be wrongly sentenced or escape prosecution. Project deliverables will include formalization of the science of DNA forensics, threats to DNA forensics, biochemistry- and bio-assay based defenses, and security metrics. The dissemination activities will include presentations, tutorials, reports, conference/journal papers, benchmarks and open-source DMEB designs.

Document Details

Document Type

DoD Grant Award

Publication Date

Oct 17, 2018

Source ID

W911NF1710320

Entities

Tags