Researchers from New York University’s Tandon School of Engineering and Duke University have developed a technique to ensure that an increasingly popular method of genetic identification known as “DNA fingerprinting” continues to be secure against the malicious attacks or inadvertent mistakes in the field.
Secret primers, as the one shown in this photo, could be used to reveal genetic “barcodes” added to DNA samples taken in the field to ensure they arrived at the laboratory unaltered. Image Credit: Duke University.
This approach depends on adding genetic “barcodes” to DNA samples as they are obtained, and securely sends data that is critical to identifying these barcodes by laboratory technicians.
The system demonstrates one way to make sure that a sample collected in the field, sent to the laboratory, and processed for genetic identification is truly authentic.
The study results have appeared online in the IEEE Transactions on Information Forensics and Security journal on May 14th, 2020.
If you think about conventional encryption techniques, like security for a smartphone, there’s usually a passcode that only one person knows. Our idea is to inject non-harmful material into genetic samples immediately when they are collected in the field that act as a similar password. This would ensure that the samples are authentic when they reach the processing stage.”
Mohamed Ibrahim, PhD Graduate, Department of Electrical and Computer Engineering, Duke University
Ibrahim is also a system-on-chip design engineer at Intel Corporation.
DNA fingerprinting is a technique used to identify a particular person, disease, or organism depending on just a small amount of genetic material. Although around 99.9% of the DNA between two unrelated persons is the same, that still leaves about three million different base pairs.
Within the potentially identifying dataset, a few short segments of DNA sequences are relatively more likely than others to differ in composition from one person to another.
Researchers can target a handful of these short sequences for identification, rather than sequencing the entire genome of a person, which still costs over $1,000.
In DNA fingerprinting, a method known as polymerase chain reaction (PCR) repeatedly replicates the genetic sequences at these locations so that they can be read easily. Genetic samples can be matched to their sources depending on the particular combinations of nucleic acids at the various sites.
Information from hundreds of these sites would be required to make a definitive match, but they differ so much from one person to another that the Federal Bureau of Investigations has suggested that only 13 of them are required.
With the growing popularity of this DNA technique and its underlying PCR technology, many companies are competing to streamline the process and develop solutions that are more inexpensive. As these devices become smaller, more automated, and more complicated, it might offer more opportunities to attack the process.
According to new studies, these opportunities would increase unparalleled security concerns, generating a whole new category of possible weaknesses dubbed “cyberbiosecurity threats.”
Researchers have identified a diverse array of cyber biosecurity threats over the past few years. Our main goal is to become a part of the community trying to address these threats by focusing on one of the most vulnerable time periods, which is before a sample even gets to the lab.”
Krishnendu Chakrabarty, John Cocke Distinguished Professor, Department of Electrical and Computer Engineering, Duke University
In their latest study, Chakrabarty, Ibrahim, Tung-Che Liang, a present doctoral student in Chakrabarty’s laboratory, Ramesh Karri, a professor of electrical and computer engineering at NYU Tandon, and Kristin Scott, an adjunct assistant professor of molecular genetics and microbiology at Duke University, demonstrated the benefits of a genetic barcode to ensure that the samples collected in the field are not changed or otherwise tampered with on their route to the laboratory.
Deepening on Scott’s genetic PCR expertise, the scientists initially added two short stretches of synthetic DNA to the genetic samples bound for DNA fingerprinting. Since these are synthetic samples, they can be made in virtually any combination of the four available DNA base pairs imaginable.
At 190 and 280 base pairs each, the chances of accurately guessing the genetic combination are pathetically feeble.
We analyzed the conditions an adversary needs to satisfy to undermine the barcoding system. These conditions are related to the physical characteristics of the molecular barcode. By linking these conditions back to how barcodes are generated and the expansiveness of the search space, we show that the probability that an adversary can discover the barcode is negligibly low.”
Ramesh Karri, Professor, Department of Electrical and Computer Engineering, New York University Tandon School of Engineering
In the meantime, the primers required to amplify each barcode are delivered safely to laboratory technicians. For a PCR machine to repeatedly mimic a specific DNA segment, it must first know how that sequence actually begins and ends. Primers offer that data, and without it, an attacker would not have any chance to amplify the correct barcodes.
As soon as the technicians complete an initial PCR run with the primers and samples provided, both barcodes emerge as lines or peaks in the ensuing genetic data, based on the technique being used to detect them.
To ensure that the samples have not been tampered and are authentic, the technicians can easily make that both barcodes appear as anticipated.
According to Ibrahim, “When the right primers are used to unlock a barcode, you should get a positive result. If you don’t, then that means that the sample is not genuine. Some sort of switching or alteration has occurred.”
Although this system presently depends on the data being sent securely to the laboratory, there are ways to streamline the genetic barcodes into the technology, stated the researchers. For instance, the barcodes may be correlated in some way to the samples being transmitted, and technicians could check the right primers from a database.
With the help of the right hardware, this concept could conceivably be translated into the chips running the DNA analysis.
“This work is an excellent example of multiple disciplines coming together to develop new solutions to existing real-world problems,” Scott concluded.
Ibrahim, M., et al. (2020) Molecular Barcoding as a Defense against Benchtop Biochemical Attacks on DNA Fingerprinting and Information Forensics. IEEE Transactions on Information Forensics and Security. doi.org/10.1109/TIFS.2020.2994742.