Thesis Submitted to Kurukshetra University For the …ckverma.com/Downloads/CKThesis.pdf1 Efficiency...
Transcript of Thesis Submitted to Kurukshetra University For the …ckverma.com/Downloads/CKThesis.pdf1 Efficiency...
1
Efficiency and Security Optimization for
Fingerprint Biometric System Thesis Submitted to Kurukshetra University
For the Award of Degree
Of
Doctor of Philosophy In Computer Science and Applications
Submitted By:
Chander Kant
Under the supervision of
Dr. Rajender Nath Reader, Department of Computer Science & Applications
Kurukshetra University, Kurukshetra
Department of Computer Science & Applications Kurukshetra University, Kurukshetra
2009
2
CERTIFICATE
This is to certify that the thesis entitled “Efficiency and Security optimization for
Fingerprint Biometric System” submitted by Mr. Chander Kant for the award of
degree of Doctor of Philosophy in Computer Science and Applications to
Kurukshetra University, Kurukshetra is a record of bonafide research work carried
out by him under my supervision and guidance. The thesis in my opinion, worthy for
consideration for the award of Doctor of Philosophy in accordance with the
regulations of Kurukshetra University, Kurukshetra. The results embodied in this
thesis have not been submitted to any other institute or university for the award of
any degree or diploma.
(Rajender Nath) Reader, Department of Computer Science & Applications Kurukshetra University, Kurukshetra
DEPARTMENT OF COMPUTER SCIENCE & APPLICATIONS KURUKSHETRA UNIVERSITY KURUKSHETRA
HARYANA (INDIA)
No: ____________
Dated: __________
3
No one can do everything all without someone’s help and guidance. Here I would like to mention the
name of those concerned persons, without their guidance and support I might not have been able to
complete this research work.
First of all I would like to thank my supervisor Dr. Rajender Nath, Reader, Department of Computer
Science & Applications, Kurukshetra University, Kurukshetra, for providing me the opportunity to
work under his guidance in an exciting and challenging field of research. His constant motivation,
support and infectious enthusiasm has guided me throughout my research work. I have been
privileged to work under his supervision, and I truly appreciate his help. His encouraging words
have often pushed me to put in my best possible efforts.
I express my sincere thanks to Prof. R.K. Chauhan, Chairman, Deptt. of Computer Science &
Application, Kurukshetra University, Kurukshetra for providing me computer and library facilities
in the Department. I also thank to all my colleagues in the Department for helping me directly and
indirectly.
My Special thanks goes to Sh. Layak Ram Dabbas, Inspector General, Madhuban, Karnal for
helping me acclimatize to the Forensic Science Laboratory during the research. I also thank
Inspector Sh. Ranbir Singh, Sh. Mahavir Singh and Sub Inspector Sh. Ramvir Singh, Sh. Bharat
Singh for their assistance in conducting the experimental work in the biometrics research
laboratory.
I am also thankful to Dr. Surya Kant and Dr. (Mrs.) Pragya Kant, Scientists at University of Guelph,
Canada for their help and support in the field of biometrics.
Finally, I would like to thank my parents and in-laws for their blessings and cooperation. I also
thank to my wife Sheetal Verma for her valuable suggestions during research work and my sweet
daughter Vaanya for providing cheerful environment throughout my research work.
Chander Kant
Acknowledgement
4
Table of Contents List of publications 1
List of Figures 10
List of Tables 12
Abstract 13
Chapter1. Introduction 15
1.1 Methods of Identification and Verification 17
1.2 Biometric Techniques 18
1.2.1 Physical Characteristics Based Techniques 18
1.2.2 Behavioral Characteristics Based Techniques 21
1.3 Fingerprints as Biometric Trait 24
1.3.1 Fingerprint Patterns 24
1.3.2 Minutia Points 24
1.3.3 Fingerprint Matching 25
1.4 Fingerprint Classification 26
1.4.1 Fingerprint Feature Extraction 29
1.4.2 Accuracy and Integrity of System 30
1.4.3 Types of Biometric Scanners 30
1.5 Multibiometrics 33
1.5.1 Sources of Biometric Information 33
1.5.2 Levels of Fusion 36
1.6 Soft Biometric 38
Chapter 2. Literature Survey 42
2.1 Comparison of various Biometric Technologies 61
Chander Kant
5
Chapter 3. Improving Security in Biometric Systems 67
3.1 Introduction 67
3.1.1 Threat Categorization in Biometric Security Systems 72
3.2 Securing Data using Biometric Cryptography 74
3.2.1 Problems to generate Biometric Cryptographic Key 75
3.2.2 Methods to Secure Biometric Key 76
3.2.3 Existing System: Traditional Cryptography 77
3.2.4 Proposed System: Biometric Cryptography 78
3.2.5 Enrollment / Verification Process 78
3.2.6 Biometric Encryption using other Biometric Templates 80
3.2.7 Advantages of Biometric Encryption 81
3.3 Securing Biometric Data Using Steganography 82
3.3.1 Steganographic Methods 83
3.3.2 LSB Insertion Method of Steganography 85
3.3.3 Limitations of LSB Insertion 87
3.3.4 Steganography in Biometrics 88
3.3.5 Applying Steganography in Biometrics 89
3.3.6 What happens to Pixel Value during Insertion? 91
3.4 Securing Biometric Data Using Cancelable Biometrics 93
3.4.1 Cancelable Biometrics 95
3.4.2 Proposed Work: Protection of Biometric Template 97
3.5 Summary 101
Chapter 4. Making Biometric Systems More Efficient 103
4.1 Introduction 103
6
4.2 Reducing Process-Time for Fingerprint Identification System 105
4.2.1 Henry Classification Scheme 107
4.2.2 The Proposed Method to Speed-up Fingerprint Matching Process 110
4.3 Performance Elevation of Fingerprint Verification System 116
4.3.1 Critical Factors Identified Affecting the Performance of 117 Biometric System
4.3.2 Memory Requirements for Biometric Templates 119
4.3.3 The Proposed Approach to Improve Response Time of 119 Biometric System
4.3.4 Performance Estimation for the Proposed Approach 122
4.4 Performance Improvement by using Soft Biometric Traits 123
4.4.1 The Proposed Scheme to Integrate Soft Biometrics with 127 Primary Biometrics 4.4.2 Performance Estimation of Proposed Scheme 128
4.5 Summary 130
Chapter 5. Conclusion and Future Scope 132
Bibliography 137
7
List of Publications
Publications in International Journals
1) “Improving Biometric security using Cryptography” published in
International Journal of Advance Research in Computer Engineering Vol-I Jan-
Dec 2007 PP 33-38. ISSN 0974-4320.
2) "Elevating Fingerprint Verification System", published in International
Journal of Physical Sciences. Vol. 19 (I) April 2007. PP 35-38 ISSN 0970-9150.
3) “Fingerprint As Biometric Traits: An Overview” Published in International
journal of Computer Science and knowledge Engineering Vol-I Jan-Dec 2007 PP
33-38. ISSN 0973-6735.
4) “Biometrics Security using Steganography” published in CSC online Journal
“International Journal of Security” Malashiya Vol-II Issue-I, PP 1-5 2008.
www.cscjournals.com. ISSN 1985-2320.
5) “Secure online Business: Exploring the security threats to e-commerce”
published in International journal of Intelligent Information Processing Vol-I
Jan-Dec 2007 PP 1-8. ISSN 0973-3892.
6) “Reducing Process-Time for Fingerprint Identification System” published in
“International Journals of Biometric and Bioinformatics” Malaysia Vol-III Issue–
I, 2009 PP 1-9. www.cscjournals.com ISSN 1985-2347.
7) "Soft Biometric: An Asset for Personal Recognition" published in
International Journal of Computing Science & Communication Technologies
[IJCSCT]. Vol-I, Issue-II, 2009 PP 160-163. ISSN - 0974-3375.
8
Publications in Book
1. "Biometric Sensor Based on Optical Frustrated Total Internal Reflection"
in the Book titled “Bioinformatics Computing” published by Narosa Publication,
New Delhi 2007 PP 118-123, ISBN: 978-817319-794-9.
Publications in International-Level Conferences
1. "Protection of Database Template using Cancelable Biometric" published in
IEEE-International advance computing conference 6-7 March 2009, Thapar
University, Patiala.
2. "Improving Fingerprint Verification System” Published in International
Conference on Intelligent Systems & Networks, IISN-2007, Feb. 23-25 2007. PP
298-300.
3. "Soft Biometric: An Asset for Personal Recognition" published in
International Conference on Advanced Computing & Communication
Technologies at APIIT India, Panipat, November 08-09, 2008.
4. "Challenges in Biometrics" published in International Conference on Emerging
trends in Computer Sc. & IT April 23, 2008 at AL-FALAH School of
Engineering & Tech, Faridabad PP 69-77.
9
Publications in National-Level Conference/Seminar
1. "Off-line Optical Frustrated Total Internal Reflection" Published in the
proceedings of National Seminar on “Information and Communication
Technology- Recent Advances & Applications ICT-2006 PP 237-240 Feb 09-11,
2006 at JMIT, Radaur Yamuna Nagar.
2. “Web security using Biometrics” published in National Conference on Total
Quality Management held at Vaish College of Engg, Rohtak 10th March 2007.
3. “Biometric Recognition System: An Introduction” published in National level
seminar on Convergence of IT and Management on 24-Nov.2007 at TIMT,
Yamunanagar.
4. “Role of Biometrics in Modern Business” published in National seminar on
"Emerging Challenges in Commerce and Management", Govt. College for
Women, KARNAL 18-19 March, 2008.
10
List of Figures
Figure1.1 Enrollment Process in Biometrics System
Figure1.2 Verification and Identification Process
Figure 1.3 Basic patterns of fingerprint
Figure 1.4 Minutiae points in fingerprint
Figure 1.5 Matching minutiae points in two fingerprints
Figure 1.6 Fingerprint categories
Figure 1.7 Flowchart for fingerprint classification algorithm.
Figure 1.8 Steps for Extraction of minutiae points from input fingerprint
Figure 1.9 (a) Optical Sensor and (b) Solid State Sensor.
Figure 1.10 Various source of biometric information
Figure 1.11 Fusion at various levels in a biometric system.
Figure 1.12 Commonly used Soft biometric traits
Figure3.1. Eight different attack points in a biometric authentication system.
Figure3.2. Traditional cryptography system
Figure 3.3 Enrollment process for Biometric Encryption
Figure 3.4 Decryption process for Biometric at verification end
Figure 3.5 Use of Steganography for creating secret Templates
Figure 3.6 Image morphing using Cancelable Biometric
Figure 3.7 Overview of Attack System.
Figure3.8 Blocks in the original image are subsequently scrambled randomly.
Figure 4.1 Block diagram of Fingerprint Identification system.
Figure 4.2 Palmprints of a single person.
Figure 4.3 Proposed Classifier for Fingerprint Identification.
Figures 4.4 Position of Deltas in different Fingerprints.
Figure 4.5 Minutiae- points on a fingerprint.
Figure 4.6 Working of proposed Fingerprint classifier
11
Figure 4.7 Steps for Extraction of minutiae points from input fingerprint
Figure 4.8 Measuring Thumb Dimensions during Phase-I
Figure 4.9 Architecture of Proposed Approach
Figure 4.10 Existing Soft Biometric System for person recognition.
Figure 4.11 Architecture of Personal Identification using Primary Biometrics and
Soft Biometric.
12
List of Tables Table 1.1 Identification Technologies
Table 2.1 Comparison of various biometric traits.
Table 3.1 Working of the first algorithm for insertion of bit 0 in image pixel value.
Table 3.2 Working of the first algorithm for insertion of bit 1 in image pixel value.
Table 4.1 Henry classification table
Table 4.2 Data Size for Biometric Templates
13
Abstract Efficiency and Security optimization for Fingerprint Biometric System
User authentication systems that are based on knowledge such as password or
physical tokens such as ID card are not able to meet strict security performance
requirements of a number of modern computer applications. These applications
generally use computer networks (e.g., Internet), affect a large portion of population,
and control financially valuable tasks (e.g., e-commerce). Biometrics-based
authentication systems are good alternatives to the traditional methods. These
systems are more reliable as biometric data can not be lost, forgotten, or guessed and
more user-friendly because we don’t need to remember or carry anything. In spite of
these advantages of biometric systems over traditional systems, there are many
unresolved issues, for example, how secure are biometric systems against attacks?
How can we guarantee the integrity of biometric templates? How can we combine
cryptography with biometrics to increase overall system security? Can we improve
the feature of existing biometric system, in respect of accuracy and speed?
In this dissertation, we address these issues and develop algorithms and techniques to
eliminate the above said problems and also improve the overall functioning of
biometric devices. First, we analyze the weak points of biometrics and develop
algorithms to make it strong by applying cryptography, steganography and
cancelable biometrics. The proposed approaches are shown to be very successful in
improving the security of biometric devices. Further, we have also developed various
schemes to enhance the accuracy and speed of a biometric system.
14
Thesis Contributions
In this dissertation, the problems namely, (i) Biometric systems against imposter
attacks, (ii) Protection of biometric templates, (iii) Enhancement the capabilities of
biometric devices (iv) Combining cryptography and steganography with biometrics,
has been analyzed and provided appropriate solutions for them. The dissertation
includes:
1. Design and development of biometric system to enhance the capability of
fingerprint verification system.
2. Design and development of biometric system to protect the database templates
against imposter attack using cancelable biometrics.
3. Design and development of biometric system using steganography to increase the
security of image based biometric templates.
4. Design and development of a practical biometric cryptosystem utilizing fingerprint
features that combine the biometric systems with cryptographic systems.
15
Chapter 1
Introduction
Biometric recognition refers to the use of distinctive physiological (fingerprint, face,
retina, hand geometry, iris etc.) and behavioral (voice, gait, signature etc.)
characteristics, called biometric identifiers or simply biometrics. A reliable
identification system is a critical component in several applications that contribute
their services specifically to genuine users. Examples of such applications include
physical access control to a secure facility, e-commerce, access to computer
networks, attendance mark etc. Traditional methods of establishing a person’s
identity include knowledge-based (e.g., passwords) and token-based (e.g., ID cards)
mechanisms. These representations of the identity can easily be lost, shared or stolen
as stated by Jain A.K [JAI, 1999]. Therefore, they are not sufficient for identity
verification in the modern day world.
A biometric system is essentially a pattern recognition system that operates by
acquiring biometric data from an individual, extracting a feature set from the
acquired data, and comparing this feature set against the template set in the database.
Depending on the application context, a biometric system may operate either in
verification mode or identification mode. Before the system can be put into
16
verification or identification mode, a system database consisting of biometric
templates must be created through to process of enrollment.
Enrollment is the process where a user’s initial biometric sample(s) are collected,
assessed, processed, and stored for ongoing use in a biometric system as shown in
Figure 1.1. If users are experiencing problems with a biometric system then they
have to re-enroll to gather higher quality data.
Figure1.1 Enrollment Process in Biometrics System
Biometric system provides two main functionalities viz. verification and
identification. Figure 1.2 shows the flow of information in verification and
identification systems. In verification, also called authentication, the user claims an
identity and the system verifies whether the claim is genuine. If the user’s input and
the template of the claimed identity have a high degree of similarity, then the claim
is accepted as “genuine”. Otherwise, the claim is rejected and the user is considered
as “fraud”. In Identification, the user’s input is compared with the templates of all
the persons enrolled in the database and the identity of the person whose template
has the highest degree of similarity with the user’s input is output by the biometric
system. Typically, if the highest similarity between the input and all the templates is
less than a fixed minimum threshold, the system rejects the input, which implies that
17
the user presenting the input is not one among the enrolled users. Therefore, the
matching is 1:N in an identification system.
Figure1.2 Verification and Identification Process
1.1 Methods of identification and verification
A user can be identified or verified on the basis of – (i) Something he knows: e.g. a
password, a PIN etc. (ii) Something he holds: e.g. a credit card, a key, or a passport
(iii) Something he is (biometrics): e.g. a fingerprint, face, iris etc as shown in
Table1.1.
18
Using something we know and hold are two easy identification/verification solutions
widely used today. Using something we know only requires a good memory, but
sometime can easily be guessed. An item we hold can be stolen and later on can be
used or copied. Biometrics is the only thing which doesn’t need to be remembered or
carried out.
Table 1.1 Identification Technologies Methods Examples Problems What we Know Password, PIN,
ID Forgotten, Shared, easy to guess
What we have Key, Cards, etc Lost or Stolen, Can be duplicated
What we are Fingerprint, Face, Iris…
Non-repudiable authentication
Since fingerprints, iris patterns, etc. all are parts of our body and thus not easily
misplaced, stolen, forged, or shared. One way to increase security in an
identification/verification system is to combine two or more different biometric
traits.
1.2 Biometric techniques There are many different techniques available to identify/verify a person based on
biometrics as suggested by U.K. Biometric Working Group [UKBWG, 2003]. These
techniques can be divided into physical characteristics and behavioral characteristics
based techniques.
1.2.1 Physical characteristics Based Techniques Biometrics techniques based on physical characteristics of human being such as
finger print, hand geometry; palm print etc are called physical characteristics based
19
techniques. Following are examples of biometric techniques based on physical
characteristics [MAL, 2003].
Fingerprint recognition: Finger printing takes an image (either using ink or a digital
scan) of a person's fingertips and records its characteristics. Whorls, arches, and
loops are recorded along with the patterns of ridges, furrows, and minutiae. This
information may then be processed or stored as an image or as an encoded computer
algorithm to be compared with other fingerprint records.
In this technique, the user presses his finger gently against a small reader surface
(optical or silicon) usually of about 2 inch square size. This reader is attached to a
computer and takes the information from the scan and sends it to the database. There
it is compared to the information within. The user is usually required to leave his
finger on the reader for less than 5 seconds during which time the identification or
verification takes place
Hand geometry: Hand goemetry involves the measurement and analysis of the shape
of one's hand. It is a fairly simple procedure and is surprisingly accurate. Though it
requires special hardware to use, it can be easily integrated into other devices or
systems. Unlike fingerprints, the human hand isn't unique. Individual hand features
are not descriptive enough for identification. However, it is possible to devise a
method by combining various individual features and measurements of fingers and
hands for verification purposes.
In this technique, the user places the palm of his hand on a metal surface which has
guidance pegs on it. The hand is properly aligned by the pegs so the device can read
the hand attributes. The device then checks its database for verification of the user.
The process usually takes less than 5 seconds. Current hand geometry scanners do
20
not have any way to detect whether a hand is living or not and therefore can be
fooled by a fake hand if pressure is applied to the plate correctly.
Face recognition: Facial recognition analyzes the characteristics of a person's face
images input through a digital video camera. It measures the overall facial structure,
including distances between eyes, nose, mouth, and jaw edges. These measurements
are retained in a database and used as a comparison when a user stands before the
camera. This biometric has been widely, and perhaps wildly, touted as a fantastic
system for recognizing potential threats (whether terrorist, scam artist, or known
criminal) but so far has been unproven in high-level usage. It is currently used in
verification only systems with a good deal of success.
In this technique, the user faces the camera, standing about two feet from it. The
system will locate the user's face and perform matches against the claimed identity or
the facial database. It is possible that the user may need to move and reattempt the
verification based on his facial position. The system usually comes to a decision in
less than 5 seconds.
Vein pattern recognition: Vascular patterns are best described as a picture of the
veins in a person's hand or face. The thickness and location of these veins are
believed to be unique enough to an individual to be used to verify a person's identity.
The most common form of vascular pattern readers are hand-based, requiring the
user to place their hand on a curved reader that takes an infrared scan. This scan
creates a picture that can then be compared to a database to verify the user's stated
identity
Retina recognition: Retinal scanning analyses the layer of blood vessels at the back
of the eye. Scanning involves using a low-intensity light source and an optical
21
coupler and can read the patterns at a great level of accuracy. It does require the user
to remove glasses, place their eye close to the device, and focus on a certain point.
Whether the accuracy can outweigh the public discomfort is yet to be seen.
In this technique, the user looks through a small opening in the device at a small
green light. The user must keep their head still and eye focused on the light for
several seconds during that time period the device will verify his identity. This
process takes about 10 to 15 seconds in total. There is no known way to replicate a
retina, and a retina from a dead person would deteriorate too fast to be useful, so no
extra precautions have been taken with retinal scans to be sure the user is a living
human being.
Iris recognition: Iris scans analyze the features that exist in the colored tissue
surrounding the pupil which has more than 200 points that can be used for
comparison, including rings, furrows and freckles. The scans use a regular video
camera style and can be done from further away than a retinal scan. It will work
through glasses fine and in fact has the ability to create an accurate enough
measurement that it can be used for identification purposes, and not just for
verification.
In this technique, the user places himself so that he can see his own eye's reflection
in the device. The user may be able to do this from up to 2 feet away or may need to
be as close as a couple of inches depending on the device. Verification time is
generally less than 5 seconds, though the user will only need to look into the device
for a couple of moments. To prevent a fake eye from being used to fool the system,
these devices may vary the light shone into the eye and watch for pupil dilation.
22
1.2.2 Behavioral Characteristics based Techniques Those Biometrics techniques which are based on the behavior of human being such
as voice, signature, gait, keystroke etc. are called behavioral characteristics based
techniques. Following are examples of biometric techniques based on behavioral
characteristics.
Voice recognition: Voice recognition systems use characteristics of the voice, such
as pitch, tone, and frequency. Focuses on differences resulting from the shape of
vocal tracts and learned speaking habits. This operates best when there’s no
background noise.
Signature recognition: The text involved in a signature, in general is continuous and
regular in nature. The user signs on a tablet or on paper that laying over a sensor
tablet. The device records the signature and compares it to its database. In this
technique, the verification takes about 5 seconds.
Keystrokes dynamics: The user types his password or phrase on the keyboard. The
system then records the timing of the typing and compares the password itself and
the timing to its database. Here, verification takes less than 5 seconds.
In ‘Handbook of Fingerprint Recognition’ Maltoni D, Maio. D., Jain A.K, and
Prabhakar.S [MAL, 2003] suggests that biometric identifiers can also be
combination of distinctive physiological and behavioral characteristics. We can
compare different physiological and behavioral biometrics on the basis of various
parameters and apply them to any security system on these parameters.
23
1.3 Fingerprint as Biometrics traits Among all the biometric techniques, fingerprint-based identification is the oldest
method, which has been successfully used in numerous applications. Everyone is
known to have unique, immutable fingerprints. The uniqueness of a fingerprint can
be determined by the pattern of ridges and furrows as well as the minutiae points. A
smoothly flowing pattern formed by ridges and furrows on the hand is called a palm
print. A fingerprint is believed to be unique to each person. Fingerprints of even
identical twins are different. Fingerprints are one of the most mature biometric
technologies and are also considered legitimate proofs of evidence in courts of law
all over the world. Fingerprints are, therefore, used in forensic divisions worldwide
for criminal investigations. More recently, an increasing number of civilian and
commercial applications are either using or actively considering using fingerprint-
based identification because of a better understanding of fingerprints as well as
demonstrated matching performance than any other existing biometric technology
[HIL, 2001]. The analysis of fingerprints for matching purposes generally requires
the comparison of several features of the print pattern. These include patterns, which
are aggregate characteristics of ridges, and minutia points, which are unique features
found within the patterns [JAI, 1999A]. It is also necessary to know the structure and
properties of human skin in order to successfully employ some of the imaging
technologies.
1.3.1 Fingerprint Patterns
The three basic patterns of fingerprint ridges are the arch, loop, and whorl as shown
in Figure 1.3. An arch is a pattern where the ridges enter from one side of the finger,
rise in the center forming an arc, and then exit the other side of the finger (see Figure
1.3 a). The loop is a pattern where the ridges enter from one side of a finger, form a
curve, and tend to exit from the same side they enter (see Figure 1.3 b).
24
(a) Arch (b) Loop (c) Whorl
Figure 1.3 Basic Patterns of Fingerprint
In the whorl pattern, ridges form circularly around a central point on the finger (see
Figure 1.3 c). Scientists have found that family members often share the same
general fingerprint patterns, leading to the belief that these patterns are inherited
[JON, 2005].
1.3.2 Minutia Points The major Minutia points in fingerprint are: ridge ending, bifurcation, and short ridge or dot as shown in Figure 1.4.
(a) Ridges Ending (b) Ridges Bifurcation (c) Dot Figure 1.4 Minutiae points in fingerprint
25
The ridge ending is the point at which a ridge terminates (see Figure 1.4 a).
Bifurcations are points at which a single ridge splits into two ridges (see Figure 1.4
b). Short ridges or dots are ridges which are significantly shorter than the average
ridge length on the fingerprint (see Figure 1.4 c). Minutiae and patterns are very
important in the analysis of fingerprints since no two fingers have been shown to be
identical.
1.3.3 Fingerprint Matching
A fingerprint is made up of a series of ridges and furrows on the surface of the
finger. The uniqueness of a fingerprint can be determined by the pattern of ridges
and furrows as well as the minutiae points. Minutiae points are local ridge
characteristics that occur at either a ridge bifurcation or a ridge ending. Fingerprint
matching techniques can be divided into two categories: minutiae-based and
correlation based. Minutiae-based techniques first find minutiae points and then map
their relative placement on the finger as shown in Figure 1.5
Figure 1.5 Matching minutiae points in two fingerprints
However, there are some difficulties when using this approach. It is difficult to
extract the minutiae points accurately when the fingerprint is of low quality. Also
26
this method does not take into account the global pattern of ridges and furrows. The
correlation-based method is able to overcome some of the difficulties of the
minutiae-based approach. However, it has some of its own shortcomings.
Correlation-based techniques require the precise location of a registration point and
are affected by image translation and rotation. Fingerprint matching based on
minutiae has problems in matching different sized (unregistered) minutiae patterns.
Local ridge structures can not be completely characterized by minutiae. A
commercial fingerprint-based authentication system requires a very low False Reject
Rate (FAR) for a given False Accept Rate (FAR).
1.4 Fingerprint Classification
To reduce the search time and computational complexity, it is desirable to classify
the fingerprints in an accurate and consistent manner so that the input fingerprint is
required to be matched only with a subset of the fingerprints in the database. Figure
1.6 shows the different classifications of fingerprint pattern.
Figure 1.6 Fingerprint categories: (a) arch, (b) tented arch, (c) left loop, (d) right
loop, (e) whorl, and (f) twin loop.
27
Fingerprint classification is a technique to assign a fingerprint into one of the several
pre-specified types, which can provide an indexing mechanism. Fingerprint
classification can be viewed as a coarse level matching of the fingerprints.
Figure 1.7 Flowchart for fingerprint classification algorithm.
28
An input fingerprint is first matched at a coarse level to one of the pre-specified
types and then, at a finer level, it is compared to the subset of the database containing
that type of fingerprints only. An algorithm (as shown in Figure 1.7 above) has been
developed to extract the classification of fingerprint i.e. whether it is whorl, right
loop, left loop, arch, or tented arch. The classification algorithm summarized here for
determining the class of a fingerprint and conducts simpler tests in the decision tree.
The algorithm works on the basis of calculating singular points, symmetry and ridge
structures as explained below:
1. Singular Points: Number of delta (ND) and core (NC) are main singular points in a
fingerprint to determine the fingerprint classification. The algorithm shown in Figure
1.7 is based on singular points and ridges orientation.
2. Symmetry: The feature extraction stage also estimates an axis locally symmetric to
the ridge structures at the core and computes � the number of ridges crossing the line
segment joining core and delta. The relative position, R, of delta with respect to
symmetry axis is determined as follows R = 1 if the delta is on the right side of
symmetry axis otherwise R = 0.
3. Ridge Structure: The classifier not only uses the orientation information but also
utilizes the structural information in the extracted ridges. This feature summarizes
the overall nature of the ridge flow in the fingerprint.
The algorithm summarized here for determining the class of a fingerprint. Two deltas
points are typically detected for a whorl, which is an easier condition to detect.
Further if it does not detect two deltas, it proceeds on the basis of single delta and
find Left-Loop, Right-Loop or Tented Arch with the help of � and R as shown in
Figure 1.7. In last if no deltas is found then algorithm marks the fingerprint as Arch.
29
1.4.1 Fingerprint Feature Extraction
The main reason behind the use of fingerprint biometric is that it is the most proven
technique to authenticate the individual. The fingerprint is basically the combination
of ridges and valleys on the surface of the finger. The lines that create fingerprint
pattern are called ridges and the spaces between the ridges are called valleys or
furrows. The major steps involved in fingerprint recognition using minutiae
matching approach after image acquisition are image enhancement, minutiae
extraction as shown in figure 1.8.
Figure 1.8 Steps for Extraction of minutiae points from input fingerprint
Once a high-quality image is captured, there are a several steps required to convert
its distinctive features into a compact template. This process is known as feature
extraction. If the image is grayscale, areas lighter than a particular threshold are
discarded, and those darker are made black. The goal of fingerprint enhancement is
to increase the clarity of ridge structure so that minutiae points can be easily and
correctly extracted [multimodal system for efficient human recognition]. The
enhanced fingerprint image is binarized and submitted to the thinning algorithm
which reduces the ridge thickness to one pixel wide for precise location of endings
and bifurcations. Minutiae localization begins with this processed image. The
30
processed image is used to extract minutiae points which are the points of ridge
endings and bifurcations. The location of minutiae points along with the orientation
is extracted and stored to form feature set. A minutia based matching consists of
finding alignment between the template and the input minutiae sets that result in the
maximum number of minutiae pairings.
1.4.2 Accuracy and Integrity of System
With any security system users always wonder that, “Can this security system be
beaten”? In most cases, false negatives (a failure to recognize a legitimate user) are
more likely than false positives. Overcoming a fingerprint system by presenting it
with a "false or fake" fingerprint is likely to be a difficult deed. However, such
scenarios can be tried, and the sensors on the market use a variety of means to
circumvent them. For instance, someone may attempt to use latent print residue on
the sensor just after a legitimate user accesses the system. At the other end of the
scale, there is the gruesome possibility of presenting a finger to the system that is no
longer connected to its owner. Therefore, sensors attempt to determine whether a
finger is live, and not made of latex (or worse). Detectors for temperature, blood-
oxygen level, pulse; blood flow, humidity, or skin conductivity would be integrated.
1.4.3 Types of Biometric Scanners
Acquiring high-quality images of distinctive fingerprint ridges and minutiae is a
complicated task. The fingerprint is a small area from which to take measurements,
and the wear of daily life affects which ridge patterns show most prominently.
Increasingly sophisticated mechanisms have been developed to capture the
31
fingerprint image with sufficient detail and resolution. The technologies in use today
are optical, silicon, and ultrasound.
Optical technology is the oldest and most widely used. The finger is placed on a
coated platen, usually built of hard plastic but proprietary to each company. In most
devices, a charged coupled device (CCD) converts the image of the fingerprint, with
dark ridges and light valleys, into a digital signal. The brightness is either adjusted
automatically (preferable) or manually (difficult), leading to a usable image.
Optical devices have several strengths over the other types of scanners: i) they are
the most proven over time, ii) they can withstand, to some degree, temperature
fluctuations; iii) they are fairly inexpensive; and iv) they can provide resolutions up
to 500 dpi. Drawbacks to the technology include size - the platen must be of
sufficient size to achieve a quality image - and latent prints. Latent prints are leftover
prints from previous users. This can cause image degradation, as severe latent prints
can cause two sets of prints to be superimposed. Also, the coating and CCD arrays
can wear with age, reducing accuracy.
Optical is the most widely used technology. Thus most prominent fingerprint
companies utilize optical technology. Though majority of companies use optical
technology yet increasing number of vendors also use silicon technology.
Silicon technology has gained considerable acceptance since its introduction in the
late 90's. Most silicon, or chip, technology is based on DC capacitance. The silicon
sensor acts as one plate of a capacitor, and the finger is the other. The capacitance
between platen and the finger is converted into an 8-bit grayscale digital image. With
32
the exception of AuthenTec, whose technology employs AC capacitance and reads to
the live layer of skin, all silicon fingerprint vendors use a variation of this type of
capacitance.
Silicon generally produces better image quality, with less surface area, than optical.
Since the chip is comprised of discreet rows and columns - between 200-300 lines in
each direction on a 1cmx1.5cm wafer - it can return exceptionally detailed data. The
reduced size of the chip means that costs should drop significantly, now that much of
the R&D necessary to develop the technology is bearing fruit. Silicon chips are small
enough to be integrated into many devices which cannot accommodate optical
technology.
Figure 1.9 (a) Optical Sensor (b) Solid State Sensor.
Silicon's durability, especially in sub-optimal conditions, has yet to be proven.
Although manufacturers use coating devices to treat the silicon, and claim that the
surface is 100x more durable than optical, this has to be proven. Also, with the
reduction in sensor size, it is even more important to ensure that enrolment and
verification are done carefully - a poor enrollment may not capture the center of the
33
fingerprint, and subsequent verifications are subject to the same type of placement.
Many major companies have recently moved into the silicon field. Infineon (the
semiconductor division of Siemens) and Sony have developed chips to compete with
Veridicom (a spin-off of Lucent), the leader in silicon technology.
Ultrasound technology, though considered perhaps the most accurate of the
fingerprint technologies, is not yet widely used. It transmits acoustic waves and
measures the distance based on the impedance of the finger, the platen, and air.
Ultrasound is capable of penetrating dirt and residue on the platen and the finger,
countering a main drawback to optical technology.
Until ultrasound technology gains more widespread usage, it will be difficult to
assess its long-term performance. However, preliminary usage of products from
Ultra-Scan Corporation (USC) indicates that this is a technology with significant
promise. It combines a strength of optical technology, large platen size and ease of
use, with a strength of silicon technology, the ability to overcome sub-optimal
reading conditions.
1.5 Multibiometric
A Multibiometric system uses multiple sensors for data acquisition. It captures
multiple samples of a single biometric trait (called multi-sample biometrics) or
samples of multiple biometric traits (called multi-source or multimodal biometrics).
Multibiometric systems promise significant improvement over single biometric
systems, for example, higher accuracy and increased resistance to spoofing. They
also claim to be more universal by enabling a user who does not possess a particular
34
biometric identifier to still enroll and authenticate using other traits, thus eliminating
enrollment problems.
1.5.1 Sources of Biometric Information A Multibiometric system relies on the evidence presented by multiple sources of
biometric information. Based on the nature of these sources, a Multibiometric system
can be classified into one of the following five categories as shown in Figure 1.10.
(1) Multiple Instances: In these systems, a single sensor is used to acquire multiple
instances of same biometric trait in order to account for the variations that can occur
in the trait. For example, a face system may capture (and store) the frontal profile of
a person’s face along with the left and right profiles in order to account for variations
in the facial pose as explained by Uludag U. [ULU, 2004]. It is an inexpensive way
of improving system performance since this system requires neither multiple sensors
nor multiple feature extraction and matching modules.
(2) Multiple Sensors: These biometric systems capture information from different
sensors for the same biometric trait. For example, optical, solid-state, and ultrasound
based sensors are available to capture fingerprints; an infrared sensor may be used in
conjunction with a visible-light sensor to acquire the face image of a person [JAI
2006] , a multi-spectral camera may be used to acquire images of the iris, face or
finger [ULU, 2005].
(3) Multiple Representations: In these systems, the same biometric data is processed
using multiple algorithms in order to improve matching performance. They can use
either multiple feature sets (i.e. multiple representations) extracted from the same
biometric data or multiple matching schemes operating on a single feature set.
35
Figure 1.10 Various Source of Biometric Information
(4) Multiple units: These systems use multiple units of the same biometric trait. For
example, the left and right index fingers, or the left and right irises of an individual
may be used to verify authenticity of a person Ratha N [RAT, 2001]. These systems
are beneficial for those users whose biometric traits cannot be reliably captured due
to inherent problems. These systems also ensure the presence of a live user by asking
the user to provide a random subset of biometric measurements (e.g., left middle
finger followed by right index finger).
36
(5) Multiple biometric traits: In these systems, multiple biometric traits of an
individual are used to establish the identity. Such systems employ multiple sensors to
acquire data pertaining to different traits. Voderhobli K [VOD 2006] used the face
and voice traits of an individual for identification. The cost of deploying these
systems is substantially more due to the requirement of new sensors and,
consequently, the development of appropriate user interfaces. The number of traits
used in a specific application is governed by practical considerations such as the cost
of deployment, enrollment time, expected error rate, etc. However, first four
scenarios still suffer from some of the problems faced by unimodal systems. Fifth
scenario, i.e. a multimodal biometric system based on multiple traits is expected to
be more robust to noise, address the problem of non-universality, improve the
matching accuracy, and provide reasonable protection against spoof attacks.
1.5.2 Levels of Fusion A generic biometric system has four important modules: (a) the sensor module which
captures the trait in the form of raw biometric data; (b) the feature extraction module
which processes the data to extract a feature set that is a compact representation of
the trait; (c) the matching module which employs a classifier to compare the
extracted feature set with the templates residing in the database to generate matching
scores; (d) the decision module which uses the matching scores to either determine
an identity or validate a claimed identity. In multimodal biometric system
information reconciliation can occur in any of these modules (see Figure1.11). (a)
Fusion at the sensor level: It refers to the consolidation of raw data obtained using
multiple sensors or multiple snapshots of a biometric using a single sensor. (b)
Fusion at feature extraction level: Either the data itself or the feature sets originating
from multiple sensors/sources are fused. (c) Fusion at the match score level: The
scores generated by multiple classifiers pertaining to different modalities are
combined. (d) Fusion at the decision level: the final outputs of multiple classifiers
37
are consolidated via techniques such as majority voting. Biometric systems that
integrate information at an early stage of processing are believed to be more effective
than those systems which perform integration at a later stage [CHA, 1999].
Figure 1.11: Fusion at various levels in a biometric system. FE: Feature Extraction Level; MM: Matching Level; DM: Decision Level; FM: fusion module
Since the feature set contains richer information about the input biometric data than
the matching score or the output decision of a matcher, fusion at the feature level is
expected to provide better recognition results. However, fusion at this level is
difficult to achieve in practice because (i) the feature sets of the various modalities
may not be compatible (e.g., eigen-coefficients of face and minutiae set of finger),
38
and (ii) most commercial biometric systems do not provide access to the feature sets
(nor the raw data) which they use in their products. Fusion at the decision level is
considered to be rigid due to the availability of limited information. Thus, fusion at
the match score level is usually preferred, as it is relatively easy to access and
combine the scores presented by the different modalities.
1.6 Soft Biometric
Soft biometric traits are those characteristics of human being that provide some
information about the individual, but lack of the distinctiveness and permanence to
sufficiently differentiate any two individuals. We define soft biometric traits as
characteristics that provide some information about the individual, but lack the
distinctiveness and permanence to sufficiently differentiate any two individuals. The
soft biometric traits can either be continuous (e.g., height and weight) or discrete
(e.g., gender, eye color, ethnicity, etc.) as shown in Figure 1.12. First personal
identification system developed by Alphonse Bertillon [BER, 1896] for
identification of criminals was based on three sets of features: (i) body measurements
(anthropometry) like height and length of the arm, (ii) morphological description of
the appearance and shape of the body like eye color and anomalies of the fingers,
and (iii) peculiar marks observed on the body like moles, scars, and tattoos.
Although the Bertillon system was very useful in tracking criminals, it had an
unacceptably high rate of false identification. This was due to two reasons. Firstly,
several individuals can have the same set of values for these measurements.
Secondly, for the same individual, these values can change over time.
39
Figure 1.12 Commonly used Soft biometric traits
In other words, these characteristics do not have the distinctiveness and permanence
to uniquely identify an individual over a period of time and hence we refer them as
soft biometric traits. A system that is completely based on soft biometric traits
cannot provide the required accuracy in the recognition of individuals. In fact, the
Bertillon system had a relatively short life since immediately after it was introduced;
the Henry system for fingerprint classification [IBI, 2003] was adopted by the
Scotland Yard for keeping track of criminals. However, soft biometric traits can be
used to improve the performance of a traditional biometric system (e.g., fingerprint,
hand-geometry) in many ways. [WAY, 1997] proposed the use of soft biometric
traits like gender and age, for filtering a large biometric database. Filtering refers to
40
limiting the number of entries in a database to be searched, based on characteristics
of the interacting user. For example, if the user can somehow be identified as a
middle-aged male, the search can be restricted only to the subjects with this profile
enrolled in the database. This greatly improves the speed or the search efficiency of
the biometric system. Filtering reduces the probability of obtaining a wrong match,
but this is offset by the fact that the errors in filtering also reduce the probability of
obtaining a correct match. Hence, in general, filtering drastically reduces the time
required for identification but can degrade the recognition performance. In addition
to filtering, the soft biometric traits can also be used for tuning the parameters of the
biometric system. Biometric systems recognize users based on their physiological
and behavioral characteristics [JAI, 1999]. Unimodal biometric systems make use of
a single biometric trait for user recognition. It is difficult to achieve very high
recognition rates using unimodal systems due to problems like noisy sensor data and
non-universality and/or lack of distinctiveness of the chosen biometric trait.
Multimodal biometric systems address some of these problems by combining
evidence obtained from multiple sources [HON, 1999]. A multimodal biometric
system that utilizes a number of different biometric identifiers like face, fingerprint,
hand-geometry, and iris can be more robust to noise and minimize the problem of
non-universality and lack of distinctiveness. However, a multimodal system will
require a longer verification time thereby causing inconvenience to the users. A
multimodal biometric system based on different biometric identifiers can be
expected to be more robust to noise, address the problem of non-universality,
improve the matching accuracy, and provide reasonable protection against spoof
attacks. However, such a system will have two limitations. Firstly, the overall cost
involved in building the multimodal system can be prohibitively high due to the need
for multiple high quality sensors and increased storage and computational
requirements. Secondly, the system will require a longer verification time thereby
causing inconvenience to the users. Due to these limitations, the number of
41
identifiers in a multimodal biometric system is usually restricted to two or three. A
possible solution to the problem of designing a reliable and user-friendly biometric
system is to use additional information about the user like height, weight, age,
gender, ethnicity, and eye color to improve the performance of the primary biometric
system [KAN, 2008].
The rest of the thesis is divided into the four Chapters.
Chapter 2 discusses the literature survey and analyses the existing work in the field
of biometric in general and fingerprint technology in specific.
Chapter 3 presents three approaches for improving the security of biometric systems.
Chapter 4 discusses three different methods to enhance the performance of biometric
systems by reducing response time.
At last, Chapter 5 presents the conclusion of thesis and gives the scope of future
work.
42
Chapter 2
Literature Survey
For the purpose of this thesis, the literature survey covers a period of 1997 to 2008.
The literature work on “Efficiency and Security optimization for Fingerprint
Biometric System” divided into three main areas.
1. Security issues in Biometric System.
2. Performance issues in Biometric System.
3. Comparison of various Biometric Systems.
J. D. Woodward [WOO, 1997] in his paper “Biometrics: Privacy’s Foe or Privacy’s
Friend?” the author state that- Both the public and private sectors are making
extensive use of biometrics for human recognition. As this technology becomes more
economically viable and technically perfected, and thus more commonplace, the
field of biometrics will spark legal and policy concerns. Critics inevitably compare
biometrics to Big Brother and the loss of individual privacy. The biometric lobby
generally stresses the greater security and improved service that the technology
provides. Is biometrics privacy’s friend or privacy’s foe? This paper explores the
various arguments for and against biometrics and contends that while biometrics may
43
pose legitimate privacy concerns, these issues can be adequately addressed. In the
final analysis, biometrics emerges as privacy’s friend.
L. Hong and A. K. Jain [HON, 1998] in their paper “Integrating Faces and
Fingerprints for Personal Identification” -An automatic personal identification
system based solely on fingerprints or faces is often not able to meet the system
performance requirements. Face recognition is fast but not extremely reliable, while
fingerprint verification is reliable but inefficient in database retrieval. We have
developed a prototype biometric system which integrates faces and fingerprints. The
system overcomes the limitations of face recognition systems as well as fingerprint
verification systems. The integrated prototype system operates in the identification
mode with an admissible response time. The identity established by the system is
more reliable than the identity established by a face recognition system. In addition,
the proposed decision fusion scheme enables performance improvement by
integrating multiple cues with different confidence measures. Experimental results
demonstrate that our system performs very well. It meets the response time as well as
the accuracy requirements. Experimental results demonstrate that the system
performs very well. It meets the response time as well as the accuracy requirements.
BelCn Ruiz-Mezcua, D.G. Plaza, C.Fernandez, P.D.Garcia and F. Fernandez [BEL,
1999] in their paper “Biometrics verification in a real environment” describes some
of the biometrics verification applications developed: Multimodal Verification for
Teleservices and Security Applications. These prototypes provide identity
authentication in two of the most promising application areas of biometrics: Secured
access to financial services (ATM and Internet Teleservices) and building security
applications. The verification modalities implemented into the prototypes are face
and speech verification, these are potentially the best accepted by users since they
are the less intrusive and the more inexpensive. To achieve higher levels of security,
44
the results obtained by each modality are combined using a fusion method, which
decides the user acceptance or rejection. Every prototype has been tested by end-
users in a close to real environment.
Yeung and Pankanti [YEU, 1999] describe an invisible fragile watermarking
technique to detect regions in a fingerprint image that have been tampered by an
attacker. In the proposed scheme, a chaotic mixing procedure is employed to
transform a visually perceptible watermark to a random-looking textured image in
order to make it resilient against attacks. This “mixed” image is then embedded in a
fingerprint image. The authors show that the presence of the watermark does not
affect the feature extraction process. The use of a watermark also imparts copyright
capability by identifying the origin of the raw fingerprint image.
Souheil Ben-Yacoub, Yousri Abdeljaoued, and Eddy Mayoraz [BEN, 1999] in
“Fusion of Face and Speech Data for Person Identity Verification” says that
Biometric person identity authentication is gaining more and more attention. The
authentication task performed by an expert is a binary classification problem: reject
or accept identity claim. Combining experts, each based on a different modality
(speech, face, fingerprint, etc.), increases the performance and robustness of identity
authentication systems. In this context, a key issue is the fusion of the different
experts for taking a final decision (i.e., accept or reject identity claim). We propose
to evaluate different binary classification schemes (support vector machine,
multilayer perceptron, C4.5 decision tree, Fisher’s linear discriminant, Bayesian
classifier) to carry on the fusion.
Anil Jain, Arun Ross and Salil Prabhakar [JAI, 2001] in ”Fingerprint matching using
minutiae and Texture Features” state that the advent of solid-state fingerprint
sensors presents a fresh challenge to traditional fingerprint matching algorithms.
45
These sensors provide a small contact area ( apx. 0.6" X 0.6") for the fingertip and,
therefore, sense only a limited portion of the fingerprint. Thus multiple impressions
of the same fingerprint may have only a small region of overlap. Minutiae based
matching algorithms, which consider ridge activity only in the vicinity of minutiae
points, are not likely to perform well on these images due to the insufficient number
of corresponding points in the input and template images. We present a hybrid
matching algorithm that uses both minutiae (point) information and texture (region)
information for matching the fingerprints. Results obtained on the MSU
VERIDICOM database shows that a combination of the texture-based and minutiae-
based matching scores leads to a substantial improvement in the overall matching
performance
Ratha et al. [RAT, 2001A] propose the use of distortion functions to generate
biometric data that can be canceled if necessary. They use a non-invertible
transformation function that distorts the input biometric signal (e.g., face image)
prior to feature extraction or, alternately, modifies the extracted feature set (e.g.,
minutiae points) itself. When a stored template is compromised, then the current
transformation function is replaced with a new function thereby “canceling” the
current (compromised) template and generating a new one. This also permits the use
of the same biometric trait in several different applications by merely adopting an
application-specific transformation function. However, it is not clear how matching
can be accomplished in the transformed domain. In the realm of template
transformation, the so-called biometric cryptosystems are gaining popularity (for a
survey on existing techniques, see [ULU, 2004]. These systems combine biometrics
and cryptography at a level that allows biometric matching to effectively take place
in the cryptographic domain, hence exploiting the associated higher security.
46
Arun Ross, Anil Jain, James Reisman [ARU, 2002] in their paper “A hybrid
fingerprint matcher” the authors states that most fingerprint matching systems rely
on the distribution of minutiae on the fingertip to represent and match "fingerprints.
While the ridge flow pattern is generally used for classifying "fingerprints, it is
seldom used for matching. This paper describes a hybrid "fingerprint matching
scheme that uses both minutiae and ridge flow information to represent and match
"fingerprints. A set of 8-Gabor filters, whose spatial frequencies correspond to the
average inter-ridge spacing in fingerprints, is used to capture the ridge strength at
equally spaced orientations. A square tessellation of the filtered images is then used
to construct an eight-dimensional feature map, called the ridge feature map. The
ridge feature map along with the minutiae set of a fingerprint image is used for
matching purposes. The proposed technique has the following features: (i) the entire
image is taken into account while constructing the ridge feature map; (ii) minutiae
matching is used to determine the translation and rotation parameters relating the
query and the template images for ridge feature map extraction; (iii) filtering and
ridge feature map extraction are implemented in the frequency domain thereby
speeding up the matching process; (iv) filtered query images are catched to greatly
increase the one-to-many matching speed. The hybrid matcher performs better than a
minutiae-based fingerprint matching system. The genuine accept rate of the hybrid
matcher is observed to be apx. 10% higher than that of a minutiae-based system at
low FAR values. Fingerprint verification (one-to-one matching) using the hybrid
matcher on a Pentium III, 800 MHz system takes apx. 1.4 s, while "fingerprint
identification (one-to-many matching) involving 1000 templates takes apx. 0.2 s per
match. Currently, minutiae information is being used to align the query and the
template images, before computing the ridge feature map of the query image. We are
working on non-minutiae based alignment techniques that make use of orientation
field and ridge feature map information to align image pairs. The following areas of
improvement are also being studied: (1) New matching methods for comparing the
47
ridge feature maps of two images. (2) Development of fusion architectures to
improve performance of the hybrid matcher.
Ferri et al [FER, 2002] propose an algorithm to embed dynamic signature features
into face images present on ID cards. These features are transformed into a binary
stream after compression (used in order to decrease the amount of payload data). A
computer-generated hologram converts this stream into the data that is finally
embedded in the blue channel of a face image. During verification, the signature
features hidden in the face image are recovered and compared against the signature
obtained on-line.
O’Gorman [GOR, 2003] in “Comparing Passwords, Tokens, and Biometrics for User
Authentication states” that before the computer age, authenticating a user was a
relatively simple process. One person could authenticate another by visual
recognition, interpersonal communication, or, more formally, mutually agreed upon
authentication methods. With the onset of the computer age, authentication has
become more complicated. Face-to-face visual authentication has largely dissipated,
with computers and networks intervening. Sensitive information is exchanged daily
between humans and computers, and from computer to computer. This complexity
demands more formal protection methods; in short, authentication processes to
manage our routine interactions with such machines and networks. Authentication is
the process of positively verifying identity, be it that of a user, device, or entity in a
computer system. Often authentication is the prerequisite to accessing system
resources. Positive verification is accomplished by means of matching some
indicator of identity, such as a shared secret prearranged at the time a person was
authorized to use the system. The most familiar user authenticator in use today is the
password. The secure sockets layer (SSL) is an example of machine to machine
authentication. Human–machine authentication is known as user authentication and
48
it consists of verifying the identity of a user: is this person really who he claims to
be? User authentication is much less secure than machine authentication and is
known as the Achilles’ heel of secure systems. This paper introduces various human
authenticators and compares them based on security, convenience, and cost. The
discussion is set in the context of a larger analysis of security issues, namely,
measuring a system’s vulnerability to attack. The focus is kept on remote computer
authentication. Authenticators can be categorized into three main types: secrets (what
we know), tokens (what we have), and IDs (who we are). A password is a secret
word, phrase, or personal identification number. Although passwords are
ubiquitously used, they pose vulnerabilities, the biggest being that a short mnemonic
password can be guessed or searched by an ambitious attacker, while a longer,
random password is difficult for a person to remember. A token is a physical device
used to aid authentication. Examples include bank cards and smart cards. A token
can be an active device that yields one-time passcodes (time-synchronous or
challenge–response). This paper defines tokens as portable, secure storage devices
accessed at the client via a password to obtain a passcode (a secret, machine-
generated, and stored number). A biometric ID is a distinguishing feature of the
human body that can be used for authentication. Examples include fingerprints, eyes,
face, hand, voice, and signature. Inherently, a biometric links the authenticator to the
owner, unlike a password, which can be lent or stolen. As such, biometrics are useful
for non-repudiation of a transaction, wherein a user cannot reject or disclaim having
participated in a transaction. Contrary to common assumptions, a biometric can be
counterfeited or copied, albeit with difficulty. Biometrics can be classified further
into subtypes: physical and behavioral. Physical biometrics are based on body
features. Behavioral biometrics are based on learned gestures such as signatures.
This paper proposes a more precise classification nomenclature for biometric signals:
stable and alterable. Stable signals are relatively constant and unchanging. Alterable
signals derive from an underlying stable biometric and a variable.
49
A.K. Jain and U. Uludag [JAI, 2003] in their work “Hiding Biometric Data” states
that with the wide spread utilization of biometric identification systems, establishing
the authenticity of biometric data itself has emerged as an important research issue.
The fact that biometric data is not replaceable and is not secret, combined with the
existence of several types of attacks that are possible in a biometric system, make the
issue of security/integrity of biometric data extremely critical. We introduce two
applications of an amplitude modulation-based watermarking method, in which we
hide a user’s biometric data in a variety of images. This method has the ability to
increase the security of both the hidden biometric data (e.g., eigen-face coefficients)
and host images (e.g., fingerprints). Image adaptive data embedding methods used in
our scheme lead to low visibility of the embedded signal. Feature analysis of host
images guarantees high verification accuracy on watermarked (e.g., fingerprint)
images. The ability of biometrics-based personal identification techniques to
differentiate between an authorized person and an impostor who fraudulently
acquires the access privilege of an authorized person is one of the main reasons for
their popularity compared to traditional identification techniques. However, the
security and integrity of the biometric data itself are important issues. Encryption,
watermarking, and steganography are possible techniques to secure biometric data.
In this paper, two applications of watermarking to secure that data are presented. In
addition to watermarking, encryption can also be used to further increase the security
of biometric data. The first application is related to increasing the security of
biometric data exchange, which is based on steganography. In the second
application, we embed facial information in fingerprint images. In this application,
the data is hidden in such a way that the features that are used in fingerprint
matching are not significantly changed during encoding/decoding. As a consequence,
the verification accuracy based on decoded watermarked images is very similar to
that with original images. The proposed method utilizes several properties of the
50
human visual system to keep the visibility of the changes made to the host image
low. We are currently working on increasing the data hiding capacity of the host
images. Another topic for future research is to investigate how different (e.g., robust
and fragile) watermarking schemes can be combined.
Jain and Uludag [JAI, 2003] suggest the use of steganography principles to hide
biometric data (e.g., fingerprint minutiae) in host images (e.g., faces). This is
particularly useful in distributed systems where the raw biometric data may have to
be transmitted over a non-secure communication channel. Embedding biometric data
in an innocuous host image prevents an eavesdropper from accessing sensitive
template information. The authors also discuss a novel application wherein the facial
features of a user (i.e., eigen-coefficients) are embedded in a host fingerprint image
(of the user). In this scenario, the watermarked fingerprint image of a person may be
stored in a smart card issued to that person. At an access control site, the fingerprint
of the person possessing the card will first be compared with the fingerprint present
in the smart card. The eigen-coefficients hidden in the fingerprint image can then be
used to reconstruct the user’s face thereby serving as a second source of
authentication.
Anil K. Jain,Arun Ross,and Salil Prabhakar [JAI, 2004] in “An Introduction to
Biometric Recognition” says that a wide variety of systems requires reliable personal
recognition schemes to either confirm or determine the identity of an individual
requesting their services. The purpose of such schemes is to ensure that the rendered
services are accessed only by a legitimate user and no one else. Examples of such
applications include secure access to buildings, computer systems, laptops, cellular
phones, and ATMs. In the absence of robust personal recognition schemes, these
systems are vulnerable to the wiles of an impostor. Biometric recognition or, simply,
biometrics refers to the automatic recognition of individuals based on their
51
physiological and/or behavioral characteristics. By using biometrics, it is possible to
confirm or establish an individual’s identity based on “who he is,” rather than by
“what he possesses” (e.g., an ID card) or “what he remembers” (e.g., a password). In
this paper, we give a brief overview of the field of biometrics and summarize some
of its advantages, disadvantages, strengths, limitations, and related privacy concerns.
Biometric-based systems also have some limitations that may have adverse
implications for the security of a system. While some of the limitations of biometrics
can be overcome with the evolution of biometric technology and a careful system
design, it is important to understand that foolproof personal recognition systems
simply do not exist and perhaps, never will. Security is a risk management strategy
that identifies, controls, eliminates, or minimizes uncertain events that may adversely
affect system resources and information assets. The security level of a system
depends on the requirements (threat model) of an application and the cost-benefit
analysis. In our opinion, properly implemented biometric systems are effective
deterrents to perpetrators. There are a number of privacy concerns raised about the
use of biometrics. A sound trade-off between security and privacy may be necessary;
collective accountability/acceptability standards can only be enforced through
common legislation. Biometrics provides tools to enforce accountable logs of system
transactions and to protect an individual’s right to privacy. As biometric technology
matures, there will be an increasing interaction among the market, technology, and
the applications. This interaction will be influenced by the added value of the
technology, user acceptance, and the credibility of the service provider. It is too early
to predict where and how biometric technology would evolve and get embedded in
which applications. But it is certain that biometric-based recognition will have a
profound influence on the way we conduct our daily business.
Umut Uludag, Anil K. Jain [ULU, 2004A] in “Attacks on Biometric Systems: A Case
Study in Fingerprints” authors gives an idea that in spite of numerous advantages of
52
biometrics based personal authentication systems over traditional security systems
based on token or knowledge, they are vulnerable to attacks that can decrease their
security considerably. In this paper, we analyze these attacks in the realm of a
fingerprint biometric system. We propose an attack system that uses a hill climbing
procedure to synthesize the target minutia templates and evaluate its feasibility with
extensive experimental results conducted on a large fingerprint database. Several
measures that can be utilized to decrease the probability of such attacks and their
ramifications are also presented.
[2004, Anil K. Jain, Sharath Pankanti, Salil Prabhakar, Lin Hong, and Arun Ross
[JAI, 2004D] in “Biometrics: A Grand Challenge” state that Reliable person
identification is an important problem in diverse businesses. Biometrics,
identification based on distinctive personal traits, has the potential to become an
irreplaceable part of any identification system. While successful in some niche
markets, the biometrics technology has not yet delivered its promise of foolproof
automatic identification. With the availability of inexpensive biometric sensors and
computing power, it is becoming increasingly clear that widespread usage of
biometric person identification is being stymied by our lack of understanding of
three fundamental problems: (i) How to accurately and efficiently represent and
recognize biometric patterns? (ii) How to guarantee that the sensed measurements
are not fraudulent? and (iii) How to make sure that the application is indeed
exclusively using pattern recognition for the expressed purpose? Solving these core
problems will not only catapult biometrics into mainstream applications but will also
stimulate adoption of other pattern recognition applications for providing effective
automation of sensitive tasks without jeopardizing our individual freedoms. For these
reasons, we view biometrics as a grand challenge - "a fundamental problem in
science and engineering with broad economic and scientific impact".
53
Arun Ross and Anil Jain [ROS, 2004] in “Biometric Sensor Interoperability: A Case
Study In Fingerprints” The problem of biometric sensor interoperability has received
limited attention in the literature. Most biometric systems operate under the
assumption that the data (viz., images) to be compared are obtained using the same
sensor and, hence, are restricted in their ability to match or compare biometric data
originating from different sensors. Although progress has been made in the
development of common data exchange formats to facilitate the exchange of feature
sets between vendors, very little effort has been invested in the actual development
of algorithms and techniques to match these feature sets. In the Fingerprint
Verification Competition (FVC 2002), for example, the evaluation protocol only
matched images originating from the same sensor although fingerprint data from 3
different commercial sensors was available. This is an indication of the difficulty in
accommodating sensor interoperability in biometric systems. In this paper we discuss
this problem and present a case study involving two different fingerprint sensors.
Almost every biometric indicator is affected by the sensor interoperability problem.
However, no systematic study has been conducted to ascertain its effect on real-
world systems. Normalization at the raw data and feature set levels of a biometric
system may be needed to handle this problem. There is also a definite need to
develop matching algorithms that do not implicitly rely on sensor characteristics to
perform matching. Biometric vendors and independent test groups (e.g., NIST, IBG)
should begin incorporating interoperable scenarios in their testing protocol. This
would help in understanding the effect of changing sensors on a biometric system
and would encourage the development of cross-compatible feature extraction
(representation) and matching algorithms.
Arun Ross and Anil K. Jain [ROS, 2004A] in “MULTIMODAL BIOMETRICS: AN
OVERVIEW” the authors feel that unimodal biometric systems have to contend with
a variety of problems such as noisy data, intra-class variations, restricted degrees of
54
freedom, non-universality, spoof attacks, and unacceptable error rates. Some of these
limitations can be addressed by deploying multimodal biometric systems that
integrate the evidence presented by multiple sources of information. This paper
discusses the various scenarios that are possible in multimodal biometric systems,
the levels of fusion that are plausible and the integration strategies that can be
adopted to consolidate information. We also present several examples of multimodal
systems that have been described in the literature. By combining multiple sources of
information, these systems improve matching performance, increase population
coverage, deter spoofing, and facilitate indexing. Various fusion levels and scenarios
are possible in multimodal systems. Fusion at the match score level is the most
popular due to the ease in accessing and consolidating matching scores. Performance
gain is pronounced when uncorrelated traits are used in a multimodal system.
Incorporating user-specific parameters can further improve performance of these
systems. With the widespread deployment of biometric systems in several civilian
and government applications, it is only a matter of time before multimodal biometric
systems begin to impact the way in which identity is established in the 21st century.
Anil K. Jain, Sarat C. Dass and Karthik Nandakumar [JAI, 2004A] in “Can soft
biometric traits assist user recognition?” states that Biometrics is rapidly gaining
acceptance as the technology that can meet the ever increasing need for security in
critical applications. Biometric systems automatically recognize individuals based on
their physiological and behavioral characteristics. Hence, the fundamental
requirement of any biometric recognition system is a human trait having several
desirable properties like universality, distinctiveness, permanence, collectability,
acceptability, and resistance to circumvention. However, a human characteristic that
possesses all these properties has not yet been identified. As a result, none of the
existing biometric systems provide perfect recognition and there is a scope for
improving the performance of these systems. Although characteristics like gender,
55
ethnicity, age, height, weight and eye color are not unique and reliable, they provide
some information about the user. We refer to these characteristics as “soft” biometric
traits and argue that these traits can complement the identity information provided by
the primary biometric identifiers like fingerprint and face. This paper presents the
motivation for utilizing soft biometric information and analyzes how the soft
biometric traits can be automatically extracted and incorporated in the decision
making process of the primary biometric system. Preliminary experiments were
conducted on a fingerprint database of 160 users by synthetically generating soft
biometric traits like gender, ethnicity, and height based on known statistics. The
results show that the use of additional soft biometric user information significantly
improves (apx. 6%) the recognition performance of the fingerprint biometric system.
D. Swangpol and T. Chalidabhongse [SWA, 2005] in “Automatic Person
identification using Multiple Cues” describes a method for vision-based person
identification that can detect, track, and recognize person from video using multiple
cues: height and dressing colors. The method does not require constrained target’s
pose or fully frontal face image to identify the person. First, the system, which is
connected to a pan-tilt-zoom camera, detects target using motion detection and
human cardboard model. The system keeps tracking the moving target while it is
trying to identify whether it is a human and identify who it is among the registered
persons in the database. To segment the moving target from the background scene,
we employ a version of background subtraction technique and some spatial filtering.
Once the target is segmented, we then align the target with the generic human
cardboard model to verify whether the detected target is a human. If the target is
identified as a human, the card board model is also used to segment the body parts to
obtain some salient features such as head, torso, and legs. The whole body silhouette
is also analyzed to obtain the target’s shape information such as height and slimness.
We then use these multiple cues (at present, we uses shirt color, trousers color, and
56
body height) to recognize the target using a supervised self-organization process. We
preliminary tested the system on a set of 5 subjects with multiple clothes. The
recognition rate is 100% if the person is wearing the clothes that were learned before.
In case a person wears new dresses the system fail to identify. This means height is
not enough to classify persons. We plan to extend the work by adding more cues
such as skin color, and face recognition by utilizing the zoom capability of the
camera to obtain high resolution view of face; then, evaluate the system with more
subjects.
Anil K. Jain Arun Ross Umut Uludag [JAI, 2005] in “BIOMETRIC TEMPLATE
SECURITY: CHALLENGES AND SOLUTIONS” gives their ideas that a biometric
system is vulnerable to a variety of attacks aimed at undermining the integrity of the
authentication process. These attacks are intended to either circumvent the security
afforded by the system or to deter the normal functioning of the system. We describe
the various threats that can be encountered by a biometric system. We specifically
focus on attacks designed to elicit information about the original biometric data of an
individual from the stored template. A few algorithms presented in the literature are
discussed in this regard. We also examine techniques that can be used to deter or
detect these attacks. Furthermore, we provide experimental results pertaining to a
hybrid system combining biometrics with cryptography, that converts traditional
fingerprint templates into novel cryptographic structures. Cancelable biometrics may
be used to “reset” the biometric template of a user in the event that the user’s
template is compromised. Also, biometric cryptosystems can contribute to template
security by supporting biometric matching in secure cryptographic domains.
Uludag et al. [ULU, 2005] convert fingerprint templates (minutiae data) into point
lists in 2D space, which implicitly hide a given secret (e.g., a 128-bit key). The list
does not reveal the template data, since it is augmented with chaff points to increase
57
security. The template data is identified only when matching minutiae data from an
input fingerprints available. The system is observed to operate at a Genuine Accept
Rate (GAR) of 76% with no false accepts on a database comprising of 229 users.
Although several techniques have been proposed to enhance the security of a user’s
template, government regulations will also have to be established in order to address
the issue of template privacy. For example, issues related to the sharing of biometric
templates across agencies (e.g., medical companies and law-enforcement agencies)
and the inferring of personal information about an enrolled user from biometric data
(e.g., “Is this person prone to diabetes?”) have to be countered by establishing an
appropriate legal framework.
Anil K. Jain, Arun Ross, and Sharath Pankanti [JAI 2006] in their paper “Biometrics:
A Tool for Information Security” state that establishing identity is becoming critical
in our vastly interconnected society. Questions such as “Is he really who he claims to
be?,” “Is this person authorized to use this facility?” or “Is he in the watchlist posted
by the government?” are routinely being posed in a variety of scenarios ranging from
issuing a driver’s license to gaining entry into a country. The need for reliable user
authentication techniques has increased in the wake of heightened concerns about
security and rapid advancements in networking, communication, and mobility.
Biometrics, described as the science of recognizing an individual based on his or his
physical or behavioral traits, is beginning to gain acceptance as a legitimate method
for determining an individual’s identity. Biometric systems have now been deployed
in various commercial, civilian, and forensic applications as a means of establishing
identity. In this paper, we provide an overview of biometrics and discuss some of the
salient research issues that need to be addressed for making biometric technology an
effective tool for providing information security. The primary contribution of this
overview includes: 1) examining applications where biometrics can solve issues
pertaining to information security; 2) enumerating the fundamental challenges
58
encountered by biometric systems in real-world applications; and 3) discussing
solutions to address the problems of scalability and security in large-scale
authentication systems.
Nalini Ratha, Jonathan Connell, Ruud M. Bolle and Sharat Chikkerur [RAT, 2006]
in “Cancelable Biometrics: A Case Study in Fingerprints” states that Biometrics
offers usability advantages over traditional token and password based authentication
schemes, but raises privacy and security concerns. When compromised, credit cards
and passwords can be revoked or replaced while biometrics are permanently
associated with a user and cannot be replaced. Cancelable biometrics attempt to
solve this by constructing revocable biometric templates. We present several
constructs for cancelable templates using feature domain transformations and
empirically examine their efficacy. We also present a method for accurate
registration which is a key step in building cancelable transforms. The overall
approach has been tested using large databases and our results demonstrate that
without losing much accuracy, we can build a large number of cancelable transforms
for fingerprints.
Raul Sanchez-Reillo , Judith Liu-Jimenez, Michael G. Lorenz, Luis Entrena [REI,
2006] in “Improvement in security evaluation of biometric systems” state that
Security is one of the major issues in IT systems. When users need to be
authenticated, Biometrics appears as an improved alternative to the traditional
systems. If
Biometrics is to be used in an IT product devoted to security, there should be some
kind of assurance that no security holes are added Even more, user biometric data is
a very sensible piece of data. Therefore security achieved shall be evaluated, and a
methodology is needed to cover such evaluation in an objective way. Based on
previous works in security evaluation, such as Common Criteria and ISO, and some
59
few initiatives in providing such concepts to the Biometrics world, authors present in
this paper an overview of such works, as well as some proposals to improve Security
Evaluation in Biometrics. This will lead not only to such proposals, but also to some
future works to be carried on in order to complete the work here shown.
Michal Chora´s [CHO, 2007] in “Emerging Methods of Biometrics Human
Identification” state that Human identification biometrics systems may originate
from real-life criminal and forensic applications. Some methods, such as
fingerprinting and face recognition, already proved to be very efficient in computer
vision based human recognition systems. In this paper we focus on emerging
methods of biometrics human identification also used in the forensic and criminal
practice. It is our motivation to design computer vision system based on innovative
computing and image processing that would be used to identify humans on the basis
of their ear, palm and lips images. Those methods have been successfully used by the
police and forensic experts, and now gain attention of computer science community.
In the article we propose innovative methods of ear, lips and palmprint biometrics to
identify humans.
[2007, Haiyong Chen, Hongwei Sun, Kwok-Yan Lam] in “Key Management Using
Biometrics” state that The security of cryptosystems lies in three main factors: the
complexity of the encryption algorithm, the length of the key, and safe storage of the
key. Safe storage of the key, which is known as key management, is the most
vulnerable area in the encryption process. Since biometrics requires the physical
presence of the user, we can use biometric data to protect the cipher key. But the
main obstacle of the integration is that biometric data are noisy while cryptography
requires keys to be exactly right. In this paper, we propose a key management
scheme using biometrics, which can generate constant and accurate keys from noisy
biometric samples every time. The proposed scheme includes key binding and key
60
retrieval, utilizing a multivariate linear equation and its solution space to generate
repeatable keys. Our experiments use fingerprint as an instance, and results show
good performance in terms of both accuracy and speed. This scheme can also be
applied to other biometric identifiers such as face ,iris, voice, etc., with most sub-
steps being the same except the generation of false feature elements and the process
of feature matching.
Stephen J. Elliott, Ph.D. Sarah A. Massie [ELL, 2007] “The Perception of Biometric
Technology: A Survey” Their paper outlines the perceptions of 391 individuals on
issues relating to biometric technology. The results from this survey are broadly in
line with other consumer perception surveys conducted in 2003 and 2005, despite the
increase in numbers of applications and deployments that affect individuals.
Noticeably, 25% of the respondents had not heard of biometrics. Those who had
heard of biometrics expressed several concerns, including cleanliness of the devices,
safety (with respect to iris and retinal identification), applications for which their
biometrics were going to be used, and who would have access to their biometric
information. Results demonstrated overwhelming support for biometrics applications
involving law enforcement and obtaining passports, while applications involving
time and attendance tracking and access to public schools ranked lowest on the list.
S.A.Shaikh1, Christos K. Dimitriadis [SHA, 2008] in “My fingers are all mine: Five
reasons why using biometrics may not be a good idea” Biometric technology has
undoubtedly become the bedrock of national and commercial identity management
infrastructures, and will become more so in the future. While the technology
promises great benefits, its use raises a variety of serious ethical, social and technical
concerns. The process-ing and storage of human biological data for this purpose is
not entirely foolproof. Moreover, when it comes to deployment in large-scale
infrastructures, the accuracy and reliability is-sues become more serious.
61
Characteristic human data such as facial images and fingerprints is very personal and
permanent to humans, the misuse or abuse of which could be disastrous for the
privacy of individuals. The purpose of this paper is to delve deeper into these issues,
and highlight some of these con-cerns.
S.Asha and C.Chellappan [ASH, 2008] in “Authentication of E-Learners Using
Multimodal Biometric Technology” state that E-learning systems represent a new
form of learning and are becoming more and more popular everyday. Hence security
in e-Learning has become a fundamental requirement. But the problem of e-learning
systems is that only little money is invested for security. Also to authenticate an e-
learner especially in case of e-exams is a major challenge in an e-learning
environment. The role of authentication techniques to prevent unauthorized access
by malicious users becomes more significant. User authentication methods can be
classified into three categories: (1) methods based on human memory such as
passwords, (2) methods based on physical devices such as magnetic or IC cards, and
(3) methods based on biometrics such as fingerprint, iris, etc., As the first two
categories cannot escape vulnerabilities caused by forgetfulness or losses, the third
category attracts much attention these days. A major problem of biometrics
authentication is that it is not free from an error in the process of extraction of human
characteristics and comparison of biometrics data. Multi - biometrics is useful to
improve reliability of biometrics authentication when a single biometrics
authentication technology cannot satisfy a required reliability level. This paper
proposes an authentication system with multi- biometrics to support various services
in e-Learning where user authentication is necessary.
62
2.1 Comparison of various biometric technologies
Performance of a biometric measure is usually referred to in terms of the false accept
rate (FAR), the false non match or reject rate (FRR), and the failure to enroll rate
(FTE or FER). The FAR measures the percent of invalid users who are incorrectly
accepted as genuine users, while the FRR measures the percent of valid users who
are rejected as impostors.
In real-world biometric systems the FAR and FRR can typically be traded off against
each other by changing some parameter. One of the most common measures of real-
world biometric systems is the rate at which both accept and reject errors are equal:
the equal error rate (EER), also known as the cross-over error rate (CER). The lower
the EER or CER, the more accurate the system is considered to be.
A number of biometric characteristics may be captured in the first phase of
processing. However, automated capturing and automated comparison with
previously stored data requires that the biometric characteristics satisfy the following
characteristics:
1. Universal: Every person must possess the characteristic/attribute. The
attribute must be one that is universal and seldom lost to accident or disease.
2. Uniqueness: Each expression of the attribute must be unique to the
individual. The characteristics should have sufficient unique properties to
distinguish one person from any other. Height, weight, hair and eye color are
all attributes that are unique assuming a particularly precise measure, but do
not offer enough points of differentiation to be useful for more than
categorizing.
63
3. Permanence: They should be constant over a long period of time. The
attribute should not be subject to significant differences based on age either
episodic or chronic disease.
4. Collectability/Measurability: The properties should be suitable for capture
without waiting time and must be easy to gather the attribute data passively.
5. Performance: it is the measurement of accuracy, speed, and robustness of
technology used.
6. Acceptability: The capturing should be possible in a way acceptable to a
large percentage of the population. Excluded are particularly invasive
technologies, i.e. technologies which require a part of the human body to be
taken or which (apparently) impair the human body. Circumvention- Ease of
use of a substitute.
There are also some other parameters which are very important during the analysis of a biometric trait, these are:
Reducibility: The captured data should be capable of being reduced to a file
which is easy to handle.
Reliability and Tamper-resistance: The attribute should be impractical to mask
or manipulate. The process should ensure high reliability and reproducibility.
Privacy: The process should not violate the privacy of the person.
Comparable: Should be able to reduce the attribute to a state that makes it
digitally comparable to others. The less probabilistic the matching involved, the
more authoritative the identification.
Inimitable: The attribute must be irreproducible by other means. The less
reproducible the attribute, the more likely it will be authoritative.
64
Among the various biometric technologies being considered, the attributes which
satisfy the above requirements are fingerprint, facial features, hand geometry, voice,
iris, retina, vein patterns, palm print, DNA, keystroke dynamics, ear shape, odor,
signature etc.
Table below shows a comparison of various biometric systems in terms of above
mentioned parameters. A. K. Jain ranks each biometric based on the categories as
being low, medium, or high. A low ranking indicates poor performance in the
evaluation criterion whereas a high ranking indicates a very good performance.
Table 2.1 Comparison of various biometric traits (H=High, M=Medium, L=Low)
Biometrics
Universality
Uniqueness
Permanence
Collect-ability
Performance
Accept-ability
Circumvention
Face H L M H L H L
Fingerprint M H H M H M H Hand geometry M M M H M M M
Keystrokes L L L M L M M
Hand veins M M M M M M H
Iris H H H M H L H
Retinal scan H H M L H L H
Signature L L L H L H L
Voice M L L M L H L
Face H H L H M H H
Odor H H H L L M L
DNA H H H L H L L
Gait M L L H L H M
Ear Canal M M H M M H M
65
The use of biometrics in authentication mechanisms is interesting because it has the
possibility to establish the real connection between the physical user and the user's
identity. We always carry our biometrics with us and the loss of keys, tokens and
forgotten passwords would not be the problem any more. Biometrics also possesses
some major problems, some of which are very hard to solve. First, like all
authentication systems, we have a need to store the digital version of the biometrics
(during enrollment). There always exists a way to break a systems security, even that
of the most robust military organization, this leaves us with an abnormal problem
concerned with the storage of biometrics information. If the system is penetrated and
the biometrics- information is stolen or copied, in that case not only the systems
security compromised even the identity of the physical user stolen forever. How can
we change the pattern of our iris, our thumbprint, OR our voice? Moreover
thumbprint the user left two months ago will not be exactly the same as the one he
leaves today. The physical alignment of the biometrics is changing over time. The
thumb will not be positioned in the same way two consecutive times in a row; at
least it is very unlikely. The biometrics might also have changed. Consider that the
user has been working on his summerhouse for the weekend and scratched his
thumb. When he tries to log in to the system the digital copy will not match the
evolved original. A lot of such scenarios can be constructed and many of them are
very likely to happen. In other words biometrics has to deal with false positives and
false negatives. A false positive is when the system authenticates a user even though
he is not “right user”. A false negative is when the system denies the access of a
rightful user. Biometrics will get better at detecting false positives and false
negatives but the technology of today is far from perfect. Another problem with
biometrics is that they can be physically copied. This is possible to do with material
readily available in hobby stores. T. Matsumoto, H. Matsumoto, K. Yamada, S.
Hoshino [MAT, 2002] describes in their paper ”Impact of Artificial Gummy Fingers
on Fingerprint Systems” how to construct a gelatine finger from a thumbprint that
66
fools fingerprint detectors about 80% of the time. They takes a fingerprint left on a
piece of glass, enhances it with a cyanoacrylate adhesive, and then photographs it
with a digital camera. Using PhotoShop, he improves the contrast and prints the
fingerprint onto a transparency sheet. Then, he takes a photosensitive printed-circuit
board (PCB) and uses the fingerprint transparency to etch the fingerprint into the
copper, making it three-dimensional. Finally, they makes a gelatine finger using the
print on the PCB. Although not all biometrics can be copied in the same simple
fashion it shows that it is quite possible with a small investment to copy biometrics.
Successful attempts at fooling iris scanners, voice recognition systems etc. have been
made as well. Finally, there exists a fatal practical problem with biometrics. If users
are not willing to use the technology in fear of privacy, getting hurt by the
mechanism, it will never successful. Biometrics can be a promising future method of
authentication for systems that don’t communicate over common infrastructure. If
biometric used remotely over a network we could use a base secret with the same
entropy and get rid of the problems connected with biometrics.
67
Chapter 3
Improving Security in Biometric Systems
3.1 Introduction
Biometrics-based personal authentication systems are becoming increasingly
popular, compared to traditional systems that are based on tokens (say key) or
knowledge (say password) [JAI, 1999]. Traditional authentication systems cannot
discriminate between an impostor who fraudulently obtains the access privileges (say
key, password) of a genuine user and the genuine user himself. Further, biometric
authentication systems can be more convenient for the users since there is no
password to be forgotten or key to be lost. In spite their numerous advantages,
biometric systems are also vulnerable to attacks, which can decrease their security.
Ratha et al. [RAT, 2001] analyzed these attacks, and categorized them into eight
different types. Figure 3.1 shows these eight types of attacks (numbered from 1 to 8)
along with the components of a typical biometric system that can be compromised.
Type-1 attack involves presenting a fake biometric (e.g., synthetic fingerprint, face,
iris etc.) to the sensor. Type-2 attack can be achieved by submitting a previously
68
intercepted biometric data. Type-3 attack can happen when feature extractor module
is compromised to produce feature values selected by the attacker. Genuine feature
values are replaced with the ones selected by the attacker. In Type-4 attack, the
channel between feature extractor module and matcher is hacked and override by
duplicated data, thus modified the output of feature extractor module. Type-5 attack
is achieved by imposing an artificially high score at matching module. The attack on
the template database (e.g., adding a new template, modifying an existing template,
removing templates, etc.) constitutes the Type-6 attack. The transmission medium
between the template database and matcher is attacked in the Type-7 attack, resulting
in the alteration of the transmitted templates. Finally, the matcher result (accept or
reject) can be overridden by the attacker that is Type-8 attack.
Schneier [SCH, 1999] compares traditional security systems with biometric systems.
Schneier said that though biometrics are known as uniquely identifiers, but they are
not secrets. We leave our fingerprints on everything we touch, and our iris patterns
can be observed anywhere we look. Biometrics can not handle failure also in a very
well way. Imagine that Mr. Sumit is using his thumbprint as a biometric, and
someone steals the digital file. This is not like a security certificate, where Mr. Sumit
can get another one. Any human being has only two thumbs. Once someone steals
any of our biometric, it remains stolen for whole life and there is no getting back to a
secure situation. Biometric keys are necessarily common across different functions.
Just as we should never use the same password on two different systems, the same
encryption key should not be used for two different applications. If my fingerprint is
used to start my car, unlock my medical records, and read my electronic mail, then
there may be chance of arising any insecure situations. Biometrics are powerful and
useful, but they are not keys. They are not useful when you need the characteristics
of a key: secrecy, randomness, the ability to update or destroy. They are useful as a
replacement for a PIN, or a replacement for a signature (which is also a biometric).
69
They can sometimes be used as passwords: a user can't choose a weak biometric in
the same way they choose a weak password.
In Denial of Service (DoS), an attacker corrupts the authentication system so that
legitimate users cannot use it. For a biometric authentication system, an online
authentication server that processes access requests (via retrieving templates from a
database and performing matching with the transferred biometric data) can be
bombarded with many bogus access requests, to a point where the server’s
computational resources cannot handle valid requests any more.
In circumvention, an attacker gains access to the system protected by the
authentication application.
Figure3.1. Eight different attack points in a biometric authentication system.
This threat can be cast as a privacy attack, where the attacker accesses the data that
he was not authorized (e.g., accessing the medical records of another user) or, as a
subversive attack, where the attacker manipulates the system (e.g., changing those
records, submitting bogus insurance claims, etc.).
70
In repudiation, the attacker denies accessing the system. For example, a corrupt bank
clerk who modifies some financial records illegally may claim that his biometric data
was “stolen”, or he can argue that the False Accept Rate (FAR) phenomenon
associated with any biometric may have been the cause of the problem.
In contamination (covert acquisition), an attacker can surreptitiously obtain
biometric data of legitimate users (e.g., lifting a latent fingerprint and constructing a
three-dimensional mold) and use it to access the system. Further, the biometric data
associated with a specific application can be used in another unintended application
(e.g., using a fingerprint for accessing medical records instead of the intended use of
office door access control). This becomes especially important for biometric systems
since we have a limited number of useful biometric traits, compared to practically
unlimited number of traditional access identities (e.g., keys and passwords). Cross-
application usage of biometric data becomes more probable with the growing
number of applications using biometrics (e.g., opening car or office doors, accessing
bank accounts, accessing medical records, locking computer screens, gaining travel
authorization, etc.).
In collusion, a legitimate user with wide access privileges (e.g., system
administrator) is the attacker who illegally modifies the system.
In coercion, attackers force the legitimate users to access the system (e.g., using a
fingerprint to access ATM accounts at a gunpoint) [MAL, 2003].
The problems that may arise from the above mentioned attacks on biometric systems
are raising concerns as more and more biometric systems are being deployed both
commercially and in government applications. This, along with the increase in the
71
size of the population using these systems and the expanding application areas (visa,
border control, health care, welfare distribution, e-commerce, etc.) may lead to
possible finance, privacy, and security related breaches.
These days, biometric technologies are typically used to analyze human
characteristics for security purposes. There is explosion of information exchange and
sensitive data across the network or internet and as a result cryptography is becoming
an increasingly important feature of computer security. Cryptography, concerns itself
with the projection of trust i.e. with taking trust from where it exists to where it is
needed. A strong combination of biometrics and cryptography might, for example,
have the potential to make the existing system more secure. Many cryptographic
algorithms are available for securing information. However, the security is
dependent on the secrecy of the secret key because larger the size of key, stronger
will be security. But it would increasingly be difficult to remember the user so big
key.
Here an approach is presented where the user is not bothered to remember any key
because his biometrics traits will work as secret key. The biometrics traits e.g.
fingerprint, hand, eye, face, and voice encrypt with original message to generate the
encrypted data and further the same will be used to decrypt it. In traditional
cryptosystems, user authentication is based on possession of secret keys. The method
fails if the keys are not kept secret (i.e., shared with non-legitimate users). Further,
keys can be forgotten, lost, or stolen and, thus, cannot provide non-repudiation.
Current authentication systems based on physiological and behavioral characteristics
of persons (known as biometrics), such as fingerprints, inherently provide solutions
to many of these problems and may replace the authentication component of
traditional cryptosystems. Various methods have been achieved that bind a
cryptographic key with the biometric template of a user stored in the database in
72
such a way that the key cannot be revealed without a successful biometric
authentication. We assess the performance of one of these biometric key
binding/generation algorithms using the fingerprint biometric. We illustrate the
challenges involved in biometric key generation primarily due to sweeping
acquisition variations in the representation of a biometric identifier and the imperfect
nature of biometric feature extraction and matching algorithms.
3.1.1 Threat Categorization in Biometric Security Systems
There are various types of attacks to a biometric security system as discussed below:
(i) Insider or software/physical/electrical attacks: As with any IT security system,
biometric-based security policy must deal with the threats from the workers of the
organization who can damage any software or hardware component of the system.
Attackers may also change the statistical recognition parameters of the components
and decrease the recognition rates.
(ii) Attacks on the biometric sensor: Examples of such attacks are spoofing biometric
features by presented artificial biometric to the device, which get accepted by the
sensor.
(iii) Attacking on reference data: This only leads to loss of privacy for the respective
person or to further attacks, if the intercepted data is subsequently actively re-
introduced to the subsystem.
(iv) Channel attacks: These kinds of attacks are called man-in-the-middle attacks. If
the channel between the sensor and the feature extraction unit or the one between the
73
reference database and the matching unit is attacked, the attacker will gain
information about the biometric data.
The rest of the chapter has been divided into the following three sections and
presents the approaches, developed by the author of this thesis to improving the
security of biometrics system by addressing the problems of attack on biometric
device.
Section 3.2 deals with the concept of cryptography. Biometrics are widely used in
person identification and verification. But using biometrics by means of
cryptography is a new research area and there is less work reported in this area. Here
we are giving a brief explanation of biometric cryptography approaches and
algorithms which use various biometric data. Biometric Encryption technique [SOU,
1998] is a two stage process to authenticate the user. During the enrollment phase,
the process combines the biometric image with a digital key to create a secure block
of data known as BioScrypt and then the key is retrieved using the biometric during
the verification phase. Note that the key is completely independent of the biometric
data so that the use of the biometric is not forfeited if the key is ever compromised
and hence can be easily modified or updated.
Section 3.3 gives solution to make the database templates more secure using
steganography. Steganography today, is significantly more sophisticated method for
security purpose. It allows a user to hide large amounts of information within images
and audio files. These forms of steganography often are used in conjunction with
cryptography so that the information is doubly protected. First it is encrypted and
then hidden so that an adversary has to first find the information and then decrypt it.
Steganography can also be used to allow communication within an underground
community. There are several reports, for example, of persecuted religious minorities
74
using steganography to embed messages for the group within images that are posted
to known web-sites.
Section 3.4 describes the problem, when the biometric of a user has been
compromised. No doubt biometrics offers various advantages over traditional token
and password based authentication schemes, but raises privacy and security
concerns. The credit cards, passwords, token can be revoked or replaced, when
compromised, while biometrics are permanently associated with a user and cannot be
replaced. Cancelable biometrics solves this problem by constructing revocable
biometric templates. We present several constructs for cancelable templates using
feature domain transformations by applying some hashing functions. We have also
presented a method for in building mutants of actual templates by cancelable
transforms. We can build a large number of cancelable transforms for fingerprints
and other biometric traits also.
3.2 Hiding Data Using Biometric Cryptography
Biometric characteristics of an individual could be used for different purposes.
Biometrics are widely used in identification and verification. The fusions of the
results of various biometric technologies are used to improve recognition
performance. These kinds of systems are called multimodal biometric person
identification systems. An example which has a wide variety of applications is the
speaker identification problem where basically two sources of information exist:
audio signal (voice) and video signal. Speaker identification, when performed over
audio streams, is probably one of the most natural ways to perform person
identification. However, video stream is also an important source of biometric
information, in which we have still images of biometric features such as face and
also the temporal motion information such as lip movement, which is correlated with
75
the audio stream. The reliability and robustness of such a system could be increased
by applying fusion techniques. The most important issue in a multimodal scheme is
how to fuse different biometric signals. To do this, two possible strategies are
possible (i) early integration (ii) late integration. In early integration, modalities are
fused at data or feature level and in late integration they are fused at decisions or
score level. When more than two modalities are available, a better alternative that
has been addressed in this thesis is to make use of both strategies, i.e. to employ
early integration and/or late integration where appropriate for bimodal fusion of
different modality couples.
There are various methods that can be deployed to secure a key with a biometric.
First one involves remote template matching and key storage. In this method
biometric image is captured and compared with a corresponding template. If the user
is verified, the key is released. The main problem here is using an insecure storage
media. Second method hides the cryptographic key within the enrollment template
itself via a secret bit-replacement algorithm. When the user is successfully
authenticated, this algorithm extracts the key bits from the appropriate locations and
releases the key. The drawback of this scheme is that the key will be retrieved from
the same location in a template each time a different user is authenticated. Using data
that is derived directly from a biometric image can be another method. In this
manner biometric templates are used as a cryptographic key. But sensitivities due to
environmental and physiological factors and compromising of the cryptographic
keys stand as a big obstacle.
3.2.1 Problems to Generate Biometric Cryptographic Key
There are several problems which must be addressed in order to generate a useful
biometric cryptographic key [ULU, 2004]. Ensuing paragraphs are discussing those
76
problems which are associated with (i) the entropy (strength) of the biometric key,
(ii) uniqueness of biometric key, and the (iii) stability of the biometric key.
(i) Key Entropy (strength). Instead of developing simply longer cryptographic keys
to resist brute force attacks, a more intelligent approach might be to aggregate
features and parameters from an individual in such a way that their correlation
generates a key that is much stronger than the individual size of the actual key.
(ii) Key Uniqueness. The uniqueness of a biometric key will be determined by the
uniqueness of the individual biometric characteristics used in the key. Instead of
trying to find a single unique feature, biometric key needs to find only a collection of
somewhat unique features or parameters that when assembled collectively create a
unique profile for an individual.
(iii) Key Stability. A major problem with biometric identification is that individual’s
enrollment template and sample template, which can vary from session to session.
This variation can occur for a number of reasons including different environments
(e.g. lighting, orientation, emotional state) or physical changes (e.g. facial hair,
glasses, cuts). If a set of relatively stable features can be determined and the amount
of variation can be reduced to an acceptable number of bits, then it might be possible
for a valid user to search a limited key space to recover an encrypted transmission
while making a brute force search by an attacker remain difficult if not impossible.
3.2.2 Methods to Secure Biometric Key
There are various methods that can be deployed to secure a key with a biometric
[CLA, 2003]. Out of those two methods are discussed here, which are more
concerned to this work.
One method that involves remote template matching and key storage is discussed
below. The biometric image is captured and the corresponding template is sent to a
77
secure location for template comparison. If the user is verified, then the key is
released from the secure location. In this scenario, the communication line must also
be secured to avoid spoof attacks.
Second method that involves hiding the cryptographic key within the enrollment
template itself via a trusted (secret) bit-replacement algorithm [LIN, 2003]. Upon
successful authentication by the user, this trusted algorithm would simply extract the
key bits from the appropriate locations and release the key into the system.
3.2.3 Existing System: Traditional Cryptography
Figure3.2 below shows the functionality of an existing cryptographic system, where
Encryption and Decryption depends on secret key. In First phase, the cipher text is
generated through encryption and in second phase, the cipher text got decrypted to
get original plain text. With the traditional cryptographic system, the following
problems may arise.
(i) Key Entropy (strength)
(ii) Key Uniqueness
(iii)Key Stability
To address these problems, the author of this thesis has proposed a method [KAN,
2007], which is discussed in the next paragraphs.
Figure3.2. Traditional cryptography system
78
3.2.4 Proposed System: Biometric Cryptography
Encryption and decryption process proposed by the author of this thesis [KAN,
2007] are shown in figure 3.3 and 3.4 respectively. The encryption process (as
shown in Figure 3.4) takes the input as biometric template and random generated
key. The decryption process (as shown in Figure 3.5) is similar to the encryption
process except that now the template is used to retrieve to secret key using algorithm.
The following sub-sections 3.2.6 and 3.2.7 explain the process of enrollment and
verification.
3.2.5 Enrollment / Verification Process The steps involved in encryption process are described below:
First an overview of the processes of enrollment and verification in reference to
figures 3.3 and figure 3.4 is prescribed below.
Figure 3.3 Enrollment process for Biometric Encryption
79
Role of Cryptography during Enrollment Process:
Step1. Capture Biometric Image.
Step2. Generate template for corresponding Biometric Image.
Step3. Generate a random key for binding purpose.
Step4. Bind the Biometric template with random generated key.
Step5. Generate a new key Template using binding algorithm.
Figure 3.4 Decryption process for Biometric at verification end
Figure 3.4 shows the decryption process for biometric at verification end. The steps
involved in verification process are described below:
Role of Cryptography during Verification Process:
Step1. Produce fresh Biometric Image.
Step2. Generate template for corresponding Biometric Image.
Step3. Use previous generated random key for binding purpose.
80
Step4. Bind the Biometric template with random generated key using same
algorithm.
Step5. The Key Template has been generated for verification purpose.
3.2.6 Biometric Encryption using other Biometric Templates
Although the Biometric Encryption algorithm was developed primarily for use with
image-based biometric templates, the process can also be applied to other biometric
templates [BIO, 2001]. This can be achieved simply by representing the non image-
based biometric template as an image array. For example, a minutiae-based
fingerprint template can be represented as an image array by embedding a code
referring to each minutiae type at the appropriate location in a two-dimensional
array, thereby, creating a map of the minutiae points. This array can then be input to
the Biometric Encryption algorithm, as described above for fingerprint images [JAI,
2003].
Using a minutiae-based rather than an image-based template may have the added
advantage of producing a rotation invariant system, assuming the original minutiae
template contained information about the relative orientation of the minutiae. For
some other biometric types, different considerations may modify the algorithm. For
example, images of the iris or retina can easily be aligned using the center of the
eye’s pupil as a reference point. Thus, for these types of images, the Biometric
Encryption process is not required to be translation invariant. Therefore, transforms
other than the Fourier transform may be appropriate, such as the Gabor transform,
which was originally used in the algorithm for iris identification developed by
Daugman [ROS, 2005]. Also, the distortion tolerance requirements of the filter
function may be relaxed for biometrics other than fingerprints. The majority of the
distortions present in fingerprint images is due to the skin deforming on contact with
a glass or metal surface. For other biometrics, such as the iris or retina, there
81
typically is no direct contact between the biometric and the system. Therefore, less
distortion will be present in these biometric images.
3.2.7 Advantages of Biometric Encryption Biometrics Encryption Technologies can enhance both privacy and security as
discussed below:
(i) No preservation of biometric image or template: there is no need to carry or
remember the biometric templates. These are by defaults exists in our body and
always remains with us.
(ii) Multiple / cancelable / revocable identifiers: In case of hacking a template, one
can issue another template of same biometric to the user by use of cancelable
biometric technique. The author of this thesis has presented an approach [KAN,
2009] based on cancelable biometric and discussed in section 3.4. (iii) Improved security of personal data and communications: No doubt the security
has increased by the use of biometric encryption, as biometric can not be stolen or
guessed.
(iv) Greater public confidence, acceptance, and use; greater compliance with privacy
& data protection laws.
(v) Suitable for large-scale applications: Biometrics applications are very much
useful in large scale industries or institutions, where enrollment, identification and
verification should be automated.
(vi) Improved authentication security:
• No need for user memorization.
• Less susceptible to security attacks.
• No substitution attack: nobody knows the key and cannot create a fake
template.
• No tampering: biometric features aren’t stored.
• No Trojan horse attacks: no score is used.
82
• No overriding Yes/No response.
• More resilient to a masquerade attack.
The next approach to improve the security in a biometric system, developed by the
author of this thesis is based on steganography (hiding secret information in picture)
and is discussed in section below.
3.3 Hiding Biometric data using Steganography
Steganography is a technique to hide the message in digital objects such as image,
video, music or any other computer file. The idea was first described by Simmons in
1983 [SIM, 1983]. More comprehensive theory of steganography is given in [AND,
1996]. Steganography is different from cryptography, which is about concealing the
contents of message. Steganography is about concealing the existence of message
itself [AND, 1996].
Digital images are more attractive for steganography purpose since these contain a
significant amount of data and can be modified slightly without leading to visible
artifacts [EGG, 2002]. Digital images can be expressed as collection of pixel values
at each pixel position. In gray scale images each pixel is represented by one byte
from range 00000000(Decimal value 0) to 11111111(Decimal value 255). Here pixel
value 0 means black and pixel value 255 means white. In 24 bit color images each
pixel is represented by 3 bytes, one byte each for primary color red, green and blue.
So a combination of red, green and blue color values, which are 0 to 255 for each
color, makes a color at that pixel.
83
One of the popular and oldest techniques to hide the message in digital image is to
hide it in least significant bit (LSB) of pixel value. More detail regarding image files
and least significant bit insertion is given in [JOH, 1998].
Traditionally in steganography, the goal is to hide a secret message, which is
transmitted between two or more communication partners in a way to ensure
confidentiality and integrity. The more significant goals in the context of documents
are integrity and authenticity and here techniques derived from steganography are
digital watermarks, and is outlined in the following subsection. There are a large
number of steganographic methods that have been reported in the literature [KHO,
2008], ranging from invisible ink and microdots to secreting a hidden message in the
second letter of each word of a large body of text and spread spectrum radio
communication. With the advent of computers and networks, many other ways of
hiding information, have been developed:
• Covert channels (e.g., Loki and some distributed denial-of-service tools use
the Internet Control Message Protocol (ICMP) as the communications
channel between the "bad guy" and a compromised system).
• Hidden text within Web pages: Text can be hide in the form of pixel
information in a simple web-page.
• Null ciphers (e.g., using the first letter of each word to form a hidden
message in an otherwise innocuous text).
3.3.1 Steganographic Methods
The following formula provides a very generic description of the pieces of the
steganographic process:
stego_medium = cover_medium + hidden_data + stego_key
84
In this context, the cover_medium is the file in which we will hide the hidden_data,
which may also be encrypted using the stego_key. The resultant file is the
stego_medium (which will, of course. be the same type of file as the cover_medium).
The cover_medium (and, thus, the stego_medium) are typically image or audio files.
The authors of the thesis have used image files, and hence cover_medium and
stego_medium here after will be referred as cover_image and stego_image.
Before discussing how information is hidden in an image file, it is useful to review,
how images are stored in the first place. An image file is merely a binary file
containing a binary representation of the color or light intensity of each picture
element (pixel) comprising the image.
Images typically use either 8-bit or 24-bit color. When using 8-bit color, there is a
definition of up to 256 colors forming a palette for this image, each color denoted by
an 8-bit value. A 24-bit color scheme, as the term suggests, uses 24 bits per pixel and
provides a very large set of colors. In this case, each pixel is represented by three
bytes, each byte representing the intensity of the three primary colors Red, Green,
and Blue (RGB), respectively. The Hypertext Markup Language (HTML) format for
indicating colors in a web page often uses a 24-bit format employing six
hexadecimal digits, each pair representing the amount of red, blue, and green,
respectively. The color orange, for example, would be displayed with red set to
100% (decimal 255, hex FF), green set to 50% (decimal 127, hex 7F), and no blue
(0), so the number "#FF7F00" would indicate Orange color in the HTML code.
The size of an image file, then, is directly related to the number of pixels and the
granularity of the color definition. A typical 640 X 480 pixel image using a palette of
256 colors would require a file about 307 KB in size (640 X 480 bytes), whereas a
1024 X 768 pixel high-resolution 24-bit color image would result in a 2.36 MB file
(1024 X 768 X 3 bytes).
85
To avoid sending files of this enormous size, a number of compression schemes have
been developed over time such as Bitmap Image (BMP), Graphic Interchange
Format (GIF) and Joint Photographic Experts Group (JPEG) file types. From
steganography point of view, all the compression schemes mentioned above are not
equally suited.
GIF and 8-bit BMP files employ lossless compression, is the scheme allows the
software to exactly reconstruct the original image. JPEG, on the other hand, uses
lossy compression, which means that the expanded image is very nearly the same as
the original but not an exact duplicate. While both methods allow computers to save
storage space, lossless compression is much better suited to applications where the
integrity of the original information must be maintained, such as steganography.
3.3.2 LSB Insertion method of Steganography
The simplest approach to hiding data within an image file is called least significant
bit (LSB) insertion. In this method, one can take the binary representation of the
hidden_data and overwrite the LSB of each byte within the cover_image. In 24-bit
color, the amount of change will be minimal and indiscernible to the human eye. As
an example, suppose that there are three adjacent pixels (nine bytes) with the
following RGB encoding:
11110101 11001101 10101001
10100110 11001111 11001010
10101111 00010011 11001000
Now suppose we want to "hide" the following 9 bits of data (the hidden data is
usually compressed prior to being hidden): 101101101. If we overlay these 9 bits
86
over the LSB of the 9 bytes above, we get the following (where bits in bold have
been changed):
11110101 11001100 10101001
10100111 11001110 11001011
10101111 00010011 11001000
Note that we have successfully hidden 9 bits but at a cost of only changing 4 bits i.e.
roughly 50%, of the 9 LSBs.
Similar methods can be applied to 8-bit color but the changes are more dramatic.
Gray-scale images, too, are very useful for steganographic purposes. One potential
problem with any of these methods is that they can be found by an adversary who is
looking. In addition, there are other methods besides LSB insertion with which to
insert hidden information.
The reverse process of steganography is called steganalysis, i.e. art of detecting and
breaking steganography. One technique of this analysis is to examine the color
palette of a graphical image. In most images, there will be a unique binary encoding
of each individual color. If the image contains hidden data, many colors in the palette
will have duplicate binary encodings since, for all practical purposes, one can't count
the LSB, if the analysis of the color palette of a given file yields many duplicates;
one can safely conclude that the file has hidden information.
But now question is, what files would one analyze? Suppose one decides to post a
hidden message by hiding it in an image file that is posted at an auction site on the
Internet. The item being auctioned is real so a lot of people may access the site and
download the file. Only a few people know that the image has special information
that only they can read it. Indeed, the quantity of potential cover files makes
steganalysis a Herculean task.
87
3.3.3 Limitations of LSB insertion
In spite of the two advantages of LSB insertion method viz:
(i) if message bit is same as the pixel’s least significant bit then no change at all is
required for that pixel value.
(ii) if pixel value is different from message bit then effective change in pixel value is
either +1 or –1. The +1 or –1 change in pixel value is invisible to human eye.
Many limitations of this method have been found and are discussed below:
First, the message can be easily removed by unauthorized person (intruder) as
message is in least significant bit.
Second disadvantage is more hazardous as message is hidden in least significant bit
so intruder can modify the least significant bits of all the image pixels.
In this way the hidden message can be destroyed, but the change in image quality is
in the range of +1 to –1 at each pixel position, which is negligible to human eye.
Third disadvantage is due to imaging system as the least significant bit is corrupted
by hardware imperfections or quantization noise [SCH, 1994], so the message can be
distorted in this way also.
The first disadvantage is overcome by encrypting the message and distributing it at
random locations. The author of this thesis has developed a method [KAN, 2008] to
address the second limitation. So far in literature no research seems to be reported
which overcomes the second disadvantage of least significant bit insertion by
maintaining both of the advantages of least significant bit. The third disadvantage
has no significance in our technique as we are not using least significant bit for
insertion or retrieval.
Considering MSB as 7th bit and LSB as 0th bit ,our proposed technique make use of
1st and 2nd bit of a randomly chosen pixel value of image to insert the message bit in
such a manner that effective change in pixel value is in the range of +1 to –1. Hence
88
image quality is same as in the case of least significant bit insertion, but it is more
robust as second and third disadvantages are overcome too much extent. To avoid
the pattern recognition and get more robustness each message bit is inserted four
times i.e. as 00, 01, 10, and 11 at 1st and 2nd bit position. For this four algorithms are
developed. First algorithm for insertion of 0 and 1 as 00 and 11 respectively. Here
message bit ‘b’ becomes ‘bb’. Second algorithm for insertion of 0 and 1 as 01 and 10
respectively. Here message bit ‘b’ becomes ‘b b’. Third algorithm for insertion of 0
and 1 as 10 and 01 respectively. Forth algorithm for insertion of 0 and 1 as 11 and 00
respectively. All the algorithms use separate secret key to find the random location
for insertion. In our scheme distinct (not repeated) locations are used with in the
same algorithm as well as in different algorithms for insertion.
3.3.4 Steganography in Biometrics This sub-section describes a method developed by the author of this thesis [KAN,
2008], to hide the biometric template using steganography.
Figure 3.5 Use of Steganography for creating secret Templates
89
In many cases, the appropriate use of cryptography can reduce these threats. The
Security administrator configures the biometric system to encrypt and digitally sign
all biometric data before it is transmitted from one physical device to another.
Steganography can greatly reduce these attacks because attackers must have to
obtain the system’s private data in addition to breaching the security of the captured
device or biometric storage. This makes these attacks considerably more difficult to
achieve. But steganography is more secure than cryptography because there is no
separate key in steganography rather key is inbuilt in the template [ULU, 2004]. In
Figure 3.5, a scheme has been shown to generate the secret templates with the use of
steganography. Here instead of remembering key (Like in cryptography), the secret
key is mixed in the original templates. The secret key affects the corresponding pixel
color or intensity in the original biometric template and generates a secret template
as shown in Figure 3.5. This secret template is quite more secure as compared to the
original templates in database, because the secret key is also embedding in it with the
help of binding algorithm. The hacker will not be able to break the system even he
know both the secret templates and secret key because he don’t know, how the key
and templates are mixed with binding algorithm? During identification/verification
the authenticate user supplies his biometric data as well as the secret key to gain the
access to the system. The section 3.3.5 describes the method of hiding information in
an image [SIN, 2004].
3.3.5 How to Apply Steganography in Biometrics
Algorithm for insertion of message bit ‘b’.
(i) Find pseudo-random location ‘l’ in an image from the secret key to insert the
message bit b.
(ii) Check whether at location ‘l’, pixel value is 00000000 or 11111111, called
boundary values. If yes, ignore this location and go to step (i). Here we are
90
ignoring these boundary values because the change may be +2 or -2 in pixel
values, which is to be avoided.
(iii) Check whether at location ‘l’
a) 6th and 7th bits are b, b? If yes, then no change at ‘l’ is required. Message bit is
already there. Go to End.
b) 6th and 7th bit are b, b or b, b? If yes, then see that whether it is possible to
make 6th and 7th bits as b, b by adding or subtracting 1 to pixel value?. If yes,
do it and go to End. Otherwise ignore the location ‘l’ and go to step (i).
c) 6th and 7th bits are b, b? If yes, then see whether it is possible to make 6th and
7th bits to b, b by adding or subtracting 1? If yes, do it and go to End.
Otherwise change them to b, b or b, b by adding or subtracting 1 and go to (i).
(iv) End.
Algorithm for retrieval of message bit ‘b’
(i) Trace out the location ‘l’ from the same secret key as used in insertion algorithm.
(ii) Pixel value is equal to one of the boundary values, i.e., 00000000 or 11111111?
If yes, then it is invalid address. Go to step (i).
(iii) Check whether at location ‘l’
a) 6th and 7th bits are different, i.e., b, b or b, b? If yes, then it is invalid address
go to step (i).
b) 6th and 7th bits are same i.e. b, b then b is the message bit.
(iv) End.
3.3.6 What happens to pixel value during insertion?
The Table 1 and Table 2 illustrate the working of the first algorithm for insertion of bits 0
and 1 respectively in image pixel value.
91
Table 3.1
Decimal Value
Pixel Value before Insertion
Pixel Value after Insertion of 0
Change in Pixel Value and Comment for Insertion of 0
0 00000000 00000000 BV*,NC**, ignore***
1 00000001 00000001 NC, insert**** 2 00000010 00000001 -1*****, insert 3 00000011 00000011 NC, ignore 4 00000100 00000100 NC, ignore 5 00000101 00000101 NC, ignore 6 00000110 00000101 -1, ignore 7 00000111 00001000 +1******, insert 8 00001000 00001000 NC, insert ~ ~ ~ ~ 15 00001111 00010000 +1, insert 16 00010000 00010000 NC, insert ~ ~ ~ ~ 31 00011111 00100000 +1. insert 32 00100000 00100000 NC, insert ~ ~ ~ ~ 63 00111111 01000000 +1, insert 64 01000000 01000000 NC, insert ~ ~ ~ ~ 127 01111111 10000000 +1, insert 128 10000000 10000000 NC, insert ~ ~ ~ ~ 255 11111111 11111111 BV,NC, ignore
*BV– Boundary Value (0 or 255) **NC- No Change in Pixel Value
***ignore– Location is ignored at this Pixel Value
****insert- Message bit is inserted at this Pixel Value
***** -1– Pixel Value is decreased by 1 ******+1– Pixel Value is increased by 1
92
Table 3.2
Decimal Value
Pixel Value before Insertion
Pixel Value after Insertion of 1
Change in Pixel Value and Comment for Insertion of 1
0 00000000 00000000 BV,NC, ignore 1 00000001 00000010 +1, ignore 2 00000010 00000010 NC, ignore 3 00000011 00000011 NC, ignore 4 00000100 00000100 NC, ignore 5 00000101 00000110 +1, insert 6 00000110 00000110 NC, insert 7 00000111 00000111 NC, insert 8 00001000 00000111 -1, insert ~ ~ ~ ~ 15 00001111 00001111 NC, insert 16 00010000 00001111 -1, insert ~ ~ ~ ~ 31 00011111 00011111 NC, insert 32 00100000 00011111 -1, insert ~ ~ ~ ~ 63 00111111 00111111 NC, insert 64 01000000 00111111 -1, insert ~ ~ ~ ~ 127 01111111 01111111 NC, insert 128 10000000 01111111 -1, insert ~ ~ ~ ~ 255 11111111 11111111 BV,NC, ignore
The main results that have been obtained from the insertion algorithm are
summarized below:
• 49% chances, that message bit will be inserted at pseudorandom location at first chance.
• 50% chance, that when message bit is inserted, no change in pixel value is required.
• 12.5% chances, that change in pixel value is required, when we are ignoring the location.
93
By using the algorithm discussed above, one can hide the secret data in the host
image and generate a secret template. Steganography plays an important role to
enhance the integrity and security of biometric templates. Biometric cryptosystems
can also contribute to template security (as discussed in section 3.2) by supporting
biometric matching in secure cryptographic domains. In case of cryptography the
‘key’ can be guessed sometime easily but steganography has no separate key to be
hacked, the key is embedded in the template itself. Further, when the amount of
available memory increases, there is a tendency to store more information in the
template. This increases the risks associated with template misuse. As a result, the
issue of template security and integrity continues to cause several challenges, and it
is necessary that further research be conducted in this direction.
3.4 Securing Biometric data using Cancelable
Biometric
With the widespread deployment of biometric systems in various applications, there
are increasing concerns about the security and privacy of biometric technology.
Although many of biometric techniques can be applied to enhance security, even
more protection tools are required to keep safe a given biometric system at various
attack points, for example an attacker may steal templates from a database and
constructs artificial biometrics that breach authentication. It indicates that the
biometrics templates are not secure. A solution should be devised for template-
protection, which can make it impossible to recover the actual biometric data from
the templates.
94
Some of the possible solutions have already been discussed in Sections 3.2 and
Section 3.3. One of the properties that make biometrics so attractive for
authentication purposes is their invariance over time, which is also one of its
liabilities. When a credit card number is compromised, the issuing bank can just
assign the customer a new credit card number. When the biometric data are
compromised, replacement is not possible.
In order to alleviate this problem, here comes the concept of “cancelable biometrics”
is introduced. It consists of an intentional, repeatable distortion of a biometric signal
based on a chosen transform. The biometric signal is distorted in the same fashion at
each presentation, for enrollment and for every authentication. With this approach,
every instance of enrollment can use a different transform thus rendering cross-
matching impossible. Furthermore, if one variant of the transformed biometric data is
compromised, then the transform-function can simply be changed to create a new
variant (transformed representation) for re-enrollment as a new person. In general,
the distortion transforms are selected to be noninvertible. So even if the transform
function is known and the resulting transformed biometric data are known, the
original (undistorted) biometrics cannot be recovered.
A biometric ID is a distinguishing feature of the human body that can be used for
authentication e.g. fingerprints eyes, face, hand, voice, and signature. One can say a
biometric links the authenticator to the owner, unlike a password, which can be lent
or stolen. Biometrics are classified further into two subtypes: physical and
behavioral. Physical biometrics are based on body features like fingerprints, hand-
geometry, iris, retina etc. Behavioral biometrics are based on learned gestures such
as signatures, voice, gait, keystroke etc. Biometric authentication is vulnerable to
machine error. For instance, verification error can occur when a one-to-one match is
attempted and identification error can occur when a one-to-many match is attempted.
When error is there consequently false non-match rates (FRR) and false match rates
95
(FAR) will be raised. User authentication is part of the larger security system, which
can be strong or weak.
3.4.1 Cancelable Biometrics This is a method of enhancing the security and privacy of biometric authentication.
Instead of enrolling with a true finger (or other biometric), the fingerprint is
intentionally distorted in a repeatable manner and this new print is used. If, for some
reason, the old fingerprint is stolen then an essentially a new fingerprint can be
issued by simply changing the parameters of the distortion process. This also results
in enhanced privacy for the user, since the true fingerprint is never used anywhere
and also different distortions can be used for different types of accounts. The same
technique can also be used with other biometrics to achieve similar benefits. Figure
3.6 shows the result of cancelable process on the face. The above faces are original
and below are the face, after applying cancelable process.
Figure 3.6 Image morphing using Cancelable Biometric
96
Putte and Keuning [PUT, 2000] tested several fingerprint sensors to check whether
they accept an artificially created finger instead of a real finger. They describe
methods to create dummy fingers with and without the cooperation of the real owner
of the biometric. When the owner cooperates, obviously the quality of the produced
dummy fingers can be higher than those produced without cooperation. In this
process the plaster cast of the finger, liquid silicon rubber is filled inside the cast to
create a wafer-thin dummy that can be attached to a finger, without being noticed at
all.
Synthetic images are input to the matching algorithm, which in turn handles
conversion of the images into any suitable representation before matching. But, for a
fingerprint-based biometric system, such an approach presents challenges that are not
found in a face-based system. The discriminating information in fingerprints is not
tied to specific geometrical relationships, as it is in face-based systems (e.g., between
eyes, nose, mouth, etc.) and methods that are inherently linked to the correct
registration of image pixels seem unsuitable. A study that is related to the template
database security (type 6 attack described in section 3.1) is given in [HIL, 2001].
Using a commercial fingerprint matcher, the minutiae template data is reverse
engineered by the author and the corresponding synthetic fingerprint images are
generated. Although the generated images are not very realistic and few
experimental results are provided, the possibility of this masquerading may imply
that raw biometric templates need to be secured by using techniques say encryption.
Another method to protect templates from fraudulent usage involves using a
distorted (but noninvertible) version of the biometric signal or the feature vector. If a
specific representation of template is compromised, the distortion transform can be
replaced with another one from a transform database. Every application can use a
different transform (e.g., health care, visa, e-commerce) so that the privacy concerns
of subjects related to database sharing between institutions can be addressed.
97
An attack system was designed for a minutiae-based fingerprint authentication
system [ULU, 2004A]. Based on this system, the author of thesis has proposed a new
scheme for [KAN, 2009B] cancelable biometrics. In the paragraph below, an
overview of the attack system designed by [ULU, 2004A] is given.
Let D and T be the representation of the Database Template and Synthetic Template
respectively. Each minutia may be described by a number of attributes, including its
location in the fingerprint image, orientation, type etc. Most common minutiae
matching algorithms consider each minutiae as a triplet m={x,y,�} that indicates the
minutiae location coordinates and the minutiae angle �.
D= {m1,m2,…….mn} mi = {xi,yi,�i} i= 1….m
T= { m’1,m’2,…….m’n } mj = {x’j,y’j,�’j} j= 1….n
Where m and n denotes the number of minutiae in D and T respectively.
• Di : The database template corresponding to user i , i =1, 2,3,....N , where N is
the total number of users registered in the system. It is assumed that the attacking
system knows the format of this template, but it cannot access the template itself.
• Tij : The jth synthetic template generated by the attacking system for user i. This
template has the same format as database templates; it can be represented as S
(Di, Tij): The matching score between Di and Tij�.
• Sthreshold : The decision threshold used by the matcher. Two templates will be
considered as matched if their matching score meet this value.
Algorithm 1.
For attacking a specific user account, the attacking system must follow the following
five steps: [ULU, 2004] also shown in Figure 3.7.
� Step 1 (Initial guessing): Generate a fixed number of synthetic templates (Ti1,
Ti2, Ti3 ……… Ti100).
98
Figure 3.7 Overview of Attack System.
� Step 2 (Try initial guesses): accumulate the corresponding matching scores
[S(Di ,Ti1), S(Di ,Ti2 ), S(Di ,Ti3 ),..., S(Di ,Ti100)] for user i.
� Step 3 (Pick the best initial guess): Declare the best guess Tibest to be the template
resulting in the highest matching score.
� Step 4: Modify Tibest by adding a new minutia, replacing an existing minutia. If
for any one of these attempts, the matching score is larger than previous Sbest(Di)
declare the modified template as Tibest , and update Sbest(Di) accordingly.
� Step 5 (Obtaining result): If the current best score is accepted by the matcher
(namely, Sbest(Di) ��SThreshold ), stop the attack.
3.4.3 Proposed Work: Protection of Biometric Template The proposed algorithm of attack works on the basis of cancelable technique. Here
we will not store the templates in database in original; rather these will be stored
after applying some hashing. The above discussed algorithm of attack will be
99
successful if we store our template Di in database without any change. But, if we
apply cancelable biometrics and store our template Di in database such that all Di in
database are not in original form, rather they are mutants only. Such that if D is
database templates as follows:
D= {m1,m2,…….mn} mi = {xi,yi,�i} i= 1….m
Then their mutants D’ = H(D) will be stored in database instead of actual D.
D’= {m’1,m’2,…….m’n} mi = {Xi,Yi,�i} i= 1….m
Where X = H(x) Y= H (y) and � = H (�)
Figure3.8 Blocks in the original image are subsequently scrambled randomly.
H is hashing function corresponds to any transformation applied to actual Templates
as shown in figure3.7 above. It is also true that there will be no math between actual
template and its mutant (those are actually stored). If we calculate Spatial Distance
(Sd) and direction difference (Dd) that will not be below r0 and �0 or we can write as
Sd(m’1, m1)= sqrt [(Xi - xi )2 + (Yi - yi )2 ] < r0 ----------------(1)
Similarly
Dd(m’1, m1) < �0 ----------------(2)
100
Now let’s apply the Algorithm-1 to find the best match between existing templates.
Keeping in mind that now instead of D, D’ are stored in database. Suppose the
algorithm declares the D’i as best match due to its score level Sbest(D’i).
Since Spatial Distance (Sd) and direction difference (Dd) of D and D’ does not
match (From equation 1 & 2 above). No doubt the synthetic templates T and
Database Templates D will not match and similarly from equations (1) and (2).
Spatial Distance = Sd(Tm’1, Dm1) = sqrt [(Xi – x’i )2 + (Yi – y’i )2 ] < r0
and
Direction difference = Dd(Tm’1, Dm1) < �0
With this approach, only mutants will be stolen and original templates are quite safe.
We can further alter D to D” by some another hashing function (say W) in future
whenever required. In this way the cancelable biometrics helps a lot in safekeeping
our templates in database. Cancellation simply requires the specification of a new
distortion transform. Privacy is enhanced because different distortions can be used
for different services and the true biometrics are always safe. In addition, such
distorted biometrics cannot be used for searching legacy databases and will thus ease
some privacy violation concerns. A single template protection approach may not be
sufficient to meet all the application requirements. Hence, hybrid schemes that make
use of the advantages of the different template protection approaches must be
developed.
101
3.5 Summary
In this chapter the author has proposed three different techniques to improve the
security of the biometric systems based on cryptography, steganography and
cancellable biometrics. In the traditional cryptography the secret key is used to
generate cipher text and at the receiving end the same secret key is used to decode
the message. The main problems associated with the traditional cryptographic
systems are that of key entropy, key uniqueness and key stability. In the proposed
approach, the biometric (secret) template replaces the secret key to generate the
cipher text and the same biometric template is used to decode the message at the
receiving end. It has eliminated the need to remember complicated key sequences
that could be forgotten, stolen or even guessed and thereby making the system more
secure.
Steganography can be thought of as higher version of the cryptography and hence its
usage can further increase the integrity and security of the biometric systems. The
secret key in the proposed approach has been embedded in the biometric template by
changing the bit pattern information of individual pixel. An algorithm is proposed for
this purpose that makes the biometric system secure against spoofing as the secret
key is almost impossible to be judged by any impostor because it is hidden in the
template.
The third proposed approach to secure biometric system is based on the concept of
cancelable biometrics. One of the most critical problems associated with the
biometric template is that if somehow biometric data is compromised then it is
compromised forever. In other words, unlike to the passwords or tokens based
security systems, another set of security (in case secret template is hacked or stolen)
cannot be issued to a person in the biometric-based systems. The proposed approach
102
has addressed this problem by using the cancelable biometric. Original biometric
template is distorted by using some hash function to produce new biometric template
that is used for authentication purpose. In case the secret biometric template is
hacked or stolen then a new biometric template can be generated by using some
another hash function. The original biometric template is always safe as it is never
stored anywhere and thereby increases the security of the system. Further, the
proposed approach can enhance the template security by generating a number of
templates from the single template and using them for different services.
103
Chapter 4
Making Biometric Systems More Efficient
4.1 Introduction
Fingerprints are the most widely used biometric feature for person identification and
verification in the field of biometric identification. Fingerprints possess two main
types of features that are used for automatic fingerprint identification and
verification: (i) Ridge and Furrow structure that forms a special pattern in the central
region of the fingerprint and (ii) Minutiae details associated with the local ridge and
furrow structure. Fingerprints are, therefore, used in forensic divisions worldwide for
criminal investigations. More recently, an increasing number of civilian and
commercial applications are either using or actively considering using fingerprint
based identification because of a better understanding of fingerprints as well as
demonstrated matching performance than any other existing biometric technology.
Henry Fauld [HEN, 2003] first scientifically suggested the individuality and
uniqueness of fingerprints. This discovery established the foundation of modern
fingerprint identification. Francis Galton conducted an extensive study of
fingerprints [LEE, 1991] and introduced the minutiae features for single fingerprint
104
classification. The discovery of uniqueness of fingerprints caused an immediate
decline in the prevalent use of anthropometric methods of identification and led to
the adoption of fingerprints as a more efficient method of identification. In a
traditional biometric recognition system, the biometric template is usually stored on
a central server during enrollment. The candidate biometric template captured by the
biometric device is sent to the server where the processing and matching steps are
performed.
The rest of the chapter has been divided into the following three sections and
presents the approaches, developed by the author of this thesis to enhance the
efficiencies of existing biometric system.
Section 4.2 presents an approach to reduce the processing time during fingerprint
matching process in a Biometric System. The proposed work is based upon four
major classifications of fingerprint, whorl, arch, left-loop and right-loop and is more
efficient as compared with the existing system.
Section 4.3 presents a simple and effective method to speed up the process of
fingerprint verification scheme based on thumb geometry system. The proposed
scheme works in two phases and allows the complete controlled and automated
fingerprint verification with efficient response time which is found approximately 5
times better as compared with existing system. The proposed system also reduces the
FAR (False Accept Rate).
Section 4.4 deals with the effective use of soft biometrics and demonstrates that the
utilization of ancillary user information like gender, height, and ethnicity can
improve the performance of the traditional biometric systems. Though the soft
biometric characteristics are not as permanent and reliable as the traditional
biometric identifiers like fingerprint, face, iris etc yet they provides useful
information about the identity of the user that leads to higher accuracy in establishing
105
the user identity. The proposed work also shows that soft biometric characteristics
help when these are used with primary biometric traits.
4.2 Reducing Process-Time for Fingerprint Identification
System Fingerprint Identification is the method of user-identification by making use of the
fingerprint impressions. The method usually works on the basis of minutiae points
found on the fingerprint. No two persons have exactly the same arrangement of ridge
patterns, and the patterns of any one individual remain unchanged throughout life.
Fingerprints offer foolproof means of personal identification.
Fingerprint identification process can be carried out in two ways: minutiae-based and
correlation based. The commonly used approach with minimum FAR (false accept
rate) and minimum FRR (false reject rate) is minutiae based technique. In this
process, first minutiae points are calculated and then are mapped their relative
placement on the finger.
Fingerprint Identification System determines the matched template of input
fingerprint with a stored fingerprint template in Database. The Database of templates
is obtained by fingerprint enrollment process. The Identification process starts by
putting the user’s fingerprint at sensor level. The input fingerprint then processed in
various step like; acquisition, pre-processing, feature extraction and matching as
shown in Figure 4.1. In acquisition stage the biometric system get the input template
using sensor, preprocessing includes image enhancement, gray level adjustment,
ridge thinning, etc.
106
Figure 4.1 Block diagram of Fingerprint Identification system.
After having the fingerprint image preprocessed, the feature extraction block extracts
the minutiae points from template and then the extracted minutiae point undergoes
with a matching process to match with the stored database Templates and finally
identify the person if it is in system database. The database of biometric system plays
very important role in identification process as all the templates are stored in it. The
system performance also depends on the architecture of system database that is the
way templates are stored there in. The system performance decreases, if templates
are stored randomly as compared with if templates are stored in a particular manner.
To store the templates in a proper way, Sir Henry has given a classification scheme.
The following section highlights the Henry classification scheme.
107
4.2.1 Henry Classification Scheme The Henry classification scheme allows for logical categorization of fingerprint
records into Primary Group Ratio (PGR) based on fingerprint pattern types. To find
the PGR values, Henry classification scheme assigns each finger a number according
to the order in which it is located in the hand, beginning with the right thumb as
number 1 and ending with the left pinky/little as number 10 as shown in Table 4.1.
Table 4.1 Henry Classification Table
Henry also assigns a numerical value to fingers that contain a whorl pattern; fingers
1 and 2 each have a value of 16, fingers 3 and 4 have a value of 8, and so on, with
the last two fingers having a value of 1.
Figure 4.2 Palmprints of a single person.
R
Thumb
R
Index
R
Middle
R
Ring
R
Pinky
L
Thumb
L
Index
L
Middle
L
Ring
L
Pinky
Finger Number
1 2 3 4 5 6 7 8 9 10
Value (If Whorl)
16 16 8 8 4 4 2 2 1 1
Pattern Type
loop whorl arch arch Loop arch loop whorl loop arch
Finger Value
0 16 0 0 0 0 0 2 0 0
108
Fingers with a non-whorl pattern, such as an arch or loop pattern, have a value of
zero. Both palm prints of a person (as shown in Figure 4.2) are required to apply the
Henry classification scheme.
According to the Henry classification scheme, fingerprints are stored in the database
with their relative PGR values. The fingerprint Primary Group Ratio is determined
by calculating the ratio of one plus the sum of the values of the whorl-patterned,
even-numbered fingers; divided by one plus the sum of the values of the whorl-
patterned, odd-numbered fingers (Harling 1996). Mathematically the formula can be
written as:
Primary Grouping Ratio (PGR) =
To illustrate the computation of PGR values, consider an individual having a
fingerprint record with a LWAALALWLA pattern series (where L stands for Loop,
W stands for Whorl and A stands for Arch). The series begins with Finger 1 (i.e.
right thumb) and ending with Finger 10 (i.e. left pinky finger). By referring to table
4.1 the weights of even finger having whorl pattern are 16 and 2 (which have been
shown as bold in Table 4.1). Further no odd finger has whorl pattern in the given
series, hence the sum of its value is nil.
PGR =
Therefore, this individual belongs to the 19:1 primary group. This PGR ratio is
always treated as 19/1 not 19, as PGR contains both numerator and denominator. In
1+ (Sum of EVEN, whorled, finger values)
1+ (Sum of ODD, whorled finger value)
1+ (Sum of EVEN, whorled, finger values)
1+ (Sum of ODD, whorled finger value)
1+ (16+2)
1+ (0) = =
19
1
109
case an individual does not have any whorl-patterned fingerprints, his classification
ratio, or primary group, would be 1:1. On the other hand if an individual having all
ten fingerprints containing a whorl pattern, his classification ratio would be 31:31.
Henry classification scheme reduce the effort to search a large templates of database,
as fingerprints are now stored with their respective PGR values. However Henry
classification scheme has some limitations as given below:
(i) Henry classification scheme work, only when both palm-prints of person are
stored in database. The scheme could not work with single fingerprint template.
(ii) The problem can also arise if the criminal as made some trick while enrolling his
palm-print to system. For instance, he can change the normal order of his fingers on
the sensor.
(ii) Amount of computer memory increases to store both palms of person as
compared to single fingerprint template.
4.2.2 The Proposed Method to Speed-up Fingerprint Matching
Process The author of this thesis presents a method [KAN, 2009] based on the theory of
fingerprint classification to address the problem stated above. Unlike to the Henry
classification, the proposed approach can work with a single fingerprint. This single
print can be a thumb print or print of an index finger.
In a conventional system, the database contains the fingerprint templates in an
ordinary manner. But in the proposed system the database contains the different set
of templates according to their classification that is achieved during the enrollment
process. The schematic diagram of the proposed approach is shown in Figure 4.3 and
the enrollment/identification process of the approach is described below:
Enrollment Process
(i) Sensor Module, senses the Fingerprint Templates
110
(ii) Feature Extraction Module, extracts the minutiae points from Fingerprint
Template.
(iii) Fingerprint Classifier Module, classifies the input templates based on
Left-Loop, Right-Loop, Whorl or Arch and store them into the database.
Figure 4.3 Proposed Classifier for Fingerprint Identification.
Identification Process
(i) Sensor Module senses the input Fingerprint Template.
(ii) Feature Extraction Module, extracts the minutiae points from Fingerprint
Template.
(iii) A minutiae template has been generated of a particular classification and
search the database for its specific domain. The particular domain is then
111
extracted from database and matched with the Minutiae Template as
shown in Figure 4.3.
In the database classification, only whorl, arch and loops are considered because
loops make up nearly 65% of all fingerprints, whorls are nearly 30%, and perhaps
5% are arches [BEI, 2003]. In the proposed approach, loops are further divided into
two categories viz. left-loop and right-loop as loops contribute 65% of the total
fingerprints. Consequently, there become four domains i) Left-Loop ii) Right-Loop
iii) Arch and iv) Whorl as shown in figure 4.4 below.
Whorl Arch Right-Loop Left-Loop
Figures 4.4 Position of Deltas in different Fingerprints.
The proposed classifier classifies the input templates into four categories (mentioned
above) on the basis of singular points. Various singular points in any fingerprint are
as given in Figure 4.5. Many types of minutiae’s exist, including dots (very small
ridges), islands (ridges slightly longer than dots, ponds or lakes (empty spaces
between two temporarily divergent ridges), spurs (a notch protruding from a ridge),
bridges (small ridges joining two longer adjacent ridges), and crossovers (two ridges
which cross each other).
112
Figure 4.5 Minutiae- points on a fingerprint.
The algorithm for the proposed classifiers is shown in Figure 4.6. If the value of ND
(i.e. number of deltas) is 2 then it is either taken as whorl or twin loop. If the value of
ND is 1 then it is further computed for Left-Loop or Right-Loop. If the value of ND is
0 then it is marked as Arch. To find the category of loop (right or left) the feature
extraction stage estimates an axis locally symmetric to the ridge structures at the core
and computes � (number of ridges crossing the line segment joining core and delta).
The relative position, R, of delta with respect to symmetry axis is determined as
follows R = 1 if the delta is on the right side of symmetry axis and it will be left loop
otherwise R = 0 and in this case it will be a right loop. In this way we find the
categories of input fingerprint and build our database containing different domains of
fingerprints. Now let’s find the efficiency of proposed approach.
113
Figure 4.6 Working of proposed Fingerprint classifier
The proposed approach proves very efficient especially when the stored database is
very large that is having more than 1, 00000 templates.
The proposed method was evaluated at Madhuban Forensic Laboratory, Karnal,
where the system database contains more than 1, 50,000 templates. The software
used at Madhuban Forensic Laboratory is FACTS (Finger Analysis Criminal Tracing
System) developed by CMC, New Delhi based on Henry classification scheme as
discussed above.
The experiment was conducted on FACTS with an input template (my own
fingerprint). The system took 22.35 minutes to produce output. There were 34
templates in output. These outputs are further subjected to human verification and
114
that took 4.55 hours to give the exact identification. Therefore it is obvious that the
existing classification scheme is very time consuming and involves complication of
human verification. Two templates are declared as matched if their Spatial distance
and Direction are below than specified values as given by L. Hong. The algorithm is
discussed below:
Let D and T be the representation of the Database Template and Target Template
respectively. Each minutia may be described by a number of attributes, including its
location in the fingerprint image, orientation, type etc. Most common minutiae
matching algorithms consider each minutiae as a triplet m= {x,y,�}that indicates the
minutiae location coordinates and the minutiae angle �.
D= {m1,m2,…….mn} mi = {xi,yi,�i} i= 1….m
T= { m’1,m’2,…….m’n } mj = {x’j,y’j,�’j} j= 1….n
Where m and n denotes the number of minutiae in D and T respectively.
Database Template and Target Template and stored template will be matched, If we
calculate Spatial Distance (SD) and direction difference (DD) that will below than
specified value r0 and �0 or we can write as [HON, 1998A].
SD (m’1, m1) = sqrt [(x’i - xi )2 + (y’i - yi )2 ] <= r0
Similarly
DD (m’1, m1) <= �0
Where r0 and �0 are minimum threshold values.
Now the efficiency of proposed system is computed as follows:
Assume one match takes 1ms time and there are 1, 50,000 templates in the database.
Calculation for the best case:
The template is first match, time required = 1 X 1 = 1 ms.
Calculation for the worst case:
The database templates (1, 50,000 templates) are classified into the four domains
(Whorl domain, Left-Loop domain, Right-Loop domain and Arch domain) as
discussed in section 4.2.5 are computed below:
115
Number of templates in Whorl-domain = 45000 templates.
(That is 30% of 1, 50,000).
Number of templates in Left-Loop-domain = 48000 templates.
(That is 32% of 1, 50,000).
Number of templates in Right-Loop-domain: 49500 templates.
(That is 33% of 1, 50,000).
Number of templates in Arch-domain: 7500 templates.
(That is 5% of 1, 50,000).
The input template may belong to either whorl domain or left-loop domain or right-
loop domain or arch domain. Now the amount of time required to match the input
template with the database template is computed below:
If input template is found in Whorl domain, It takes = 1ms X 45000= 45 sec.
If input template is found in Left-Loop domain, It takes = 1ms X 48000= 48 sec.
If input template is found in Whorl domain, It takes = 1ms X 49500= 49.5 sec
If input template is found in Whorl domain, It takes= 1msX 7500= 7.5 sec.
Average time for worst case = (45+48+49.5+7.5)/4= 150/4= 37.4 sec.
Efficiency of Existing System:
Calculation for the best case:
The template is First match, Time required = 1 X 1 = 1 ms
Calculation for the worst case:
The template is last match, Time required = 1 X 1, 50000 = 150 sec. = 25 min.
Time taken by proposed approach
Time taken by existing approach
37.4 sec.
25 min = =
1
40.1 Speedup Factor = =
116
This proves that the proposed approach is 40 times better than the existing Henry
classification scheme. The other obvious advantages of proposed approach are (i) it
considerably reduces the amount of memory required to store the fingerprint
template as only one print is stored instead of 10 prints of palms for an individual (ii)
The criminal can not fool the system as there is no order of fingerprints now. Still
there are some problems in existing system. In proposed system database contain
only single fingerprint instead of all the fingerprints of both palm, due to which the
system may not work if we try to match with input finger as middle finger or little
finger as they are not stored in database.
4.3 Performance Elevation of Fingerprint Verification System
Biometric systems have now been deployed in various commercial, civilian and
forensic applications as a means of establishing identity. These systems are based on
the evidence of fingerprints, hand geometry, iris, retina, face, vein-pattern, facial
thermo-gram, signature, voice, etc. to either validate or determine an identity [PRA,
2003]. The template feature set is typically generated during enrollment when a user
first interacts with the system and is refreshed or updated over a period of time in
order to account for intra-class variations [MAL, 2003]. Ideally, the feature set
extracted from the raw data is expected to be an invariant representation of a
person’s biometric. A generic biometric system has four important modules (a)
sensor module - it acquires the raw biometric data of an individual (b) feature
extraction module - it processes the acquired data to extract a feature set that
represents the biometric trait (c) matching module - it compares the extracted feature
set against the templates residing in the database through the generation of matching
117
scores (d) decision-making module - in which the matching scores are used to either
validate the user’s claimed identity (verification) or determine his identity
(identification).
This section discusses an approach developed by the author of this thesis to improve
the existing conventional fingerprint verification system. In the proposed method,
dimensions of Finger/Thumb are matched in first phase and the minute points are
calculated and matched in next phase only when the dimensions are matched in first
phase. The author of this thesis has proved that the proposed approach improves
FAR (False Accept Rate) and Total Response Time of Biometric System as
compared with Conventional Fingerprint Verification Systems. The approach is
useful when fingerprint verifications are made at large scale level.
4.3.1 Critical Factors Identified Affecting the Performance of
Biometric System In conventional fingerprint verification system, minute points are extracted and
compare with the existing template in the database. The Feature extractor module
finds the ridge endings and ridge bifurcations from the input fingerprint images. If
ridges can be perfectly located in an input fingerprint image, then minutiae extraction
is just a trivial task of extracting singular points in a thinned ridge map [ROS, 2004].
However, in practice, it is not always possible to obtain a perfect ridge map. The
performance of currently available minutiae extraction algorithms depends heavily
on the quality of the input fingerprint images [PRA, 2002]. Due to a number of
factors (aberrant formations of epidermal ridges of fingerprints, postnatal marks,
occupational marks, problems with acquisition devices, etc.); fingerprint images may
not always have well-defined ridge structures. A reliable minutiae extraction
algorithm is critical to the performance of an automatic identity authentication
system using fingerprints. The flowchart of a typical feature extraction algorithm is
depicted in Figure 4.7 below. It mainly consists of five components [MAI, 2002] viz.
118
(i) Input fingerprint image (ii) Finding Orientation field (iii) Extract effective ridges
(iv) Thinned the Extracted ridges (v) Extract minutiae points. The algorithm shown
in Figure 4.7 is inefficient as it involves five stages that leads to increase in
complexity and response time.
To address the above said problem, the author of this thesis [KAN, 2007A] presents
an approach by combining the hand geometry verification system with fingerprint
verification system. Hand geometry system has faster response time compared to any
other system due to its minimum requirement of memory for template data storage as
discussed in the next section.
Figure 4.7 Steps for Extraction of minutiae points from input fingerprint
119
4.3.2 Memory Requirements for Biometric Templates Table 4.2 shows the memory requirements (in bytes) for different types of biometric
traits. It is obvious that if the size of memory for template is large, it will increase the
size of database templates. It increases the system complexity and thereby response
time of system.
Table 4.2 Data Size for Biometric Templates Biometrics Traits Memory Required
(bytes) Retinal Scan 35
Iris Scan 256
Fingerprints 512 - 1000
Hand Geometry 9
Table 4.2 is adopted from [RUG, 1996] shows that the memory requirement for hand
geometry template is 9 bytes whereas for other templates it varies between 35 to
1000 bytes.
4.3.3 The Proposed Approach to Improve Response Time of
Biometric System
Figure 4.9 shows the architecture of the proposed approach, which consists of two
phase’s viz. Phase-I and Phase-II. Phase-I takes the input from sensor and then
measures the dimensions of the input thumb. The thumb dimension measurements; a,
b, c, d as shown in Figure 4.8 is computed. After extracting these parameters, it is
matched with database templates for comparison. If the match is successful, only
then it goes to phase-II for minutiae extraction else match is unsuccessful and no
120
further processing is required. Phase-II extracts the minutiae points for input
fingerprint template by using the algorithm given in Figure 4.7.
(a) Side-View (b) Top-View
Figure 4.8 Measuring Thumb Dimensions during Phase-I
After having extracted these minutiae, it performs the required amount of translation
or rotation to fit the extracted minutiae points with database minutiae points. Then it
compares the minutiae points for both templates with the help of matching module in
phase-II. If match is successful, it is declared as ‘Verified’ and then ‘Stop’ otherwise
it is declared as ‘Not-Verified’ and then ‘Stop’.
The proposed approach is more efficient than other existing approaches on two
accounts; (i) if input thumb geometry is not matched during Phase-I then the
proposed algorithm discards the further processing of Phase-II and saves time. (ii) in
multimodal approach [HON, 1998], two or more biometric traits are employed,
which further increases size, cost and complexity of the system. While the proposed
approach is applied on single biometric trait.
122
4.3.4 Performance Estimation for the Proposed Approach To estimate the performance of proposed approach, let’s assume that there are
10,000 input templates which are to be compared against database templates. It is
further assumed that out of 10,000 templates only 100 templates got verified. Let
time taken by geometry verification system (i.e. Phase-I) is t and time taken by
fingerprint verification system (i.e. Phase-II) is T and (Where T is five times greater
than t given by [RUG, 1996]).
Calculation of Response Time:
Response Time (Tc) for conventional Fingerprint Verification System
Tc = 10,000 X T unit time.
Tc = 10,000 X 5t unit time.
(Because in conventional verification system, Phase-II is involved)
Response Time for Proposed System
Tp = 9900*t + 100 *(T + t).
(As per assumption only 100 templates are matched and rest of 9900 templates
are discard at Phase-I.)
Tp = 9900*t + 100(5t+t) = 9900t+600t=10500t unit time.
Hence from the above calculation; it is obvious that the proposed approach is
approximately five times better than the existing biometric system. The proposed
approach allows completely controlled and automated fingerprint verification with
efficient response time and minimum FAR (False Accept Rate) as fingerprint is now
Tp
Tc
10,500t
50,000t =
1
4.7 Speedup Factor = =
123
checked at two phases. The proposed approach checks the dimensions as well as the
minutiae points of input template, after that it allows the user to be ‘Verified’.
4.4 Performance Improvement by using Soft
Biometric Traits
The fundamental requirement of any biometric recognition system is a human trait
having several desirable properties like universality, distinctiveness, permanence,
acceptability. However, the human trait that possesses all these properties in an ideal
way has not yet been identified. As a result, none of the existing biometric systems
provide perfect recognition and there is a scope for improving the performance of
these systems.
The human characteristic like gender, height, weight and age can also be used for
identification purpose. Although these characteristic are not unique and reliable, yet
they provide useful information about the user. These characteristics known as soft-
biometric traits and can be integrated with the primary biometric identifiers like
fingerprint, face, iris, signature for identification purposes.
The author of this thesis propose the utilization of “soft” biometric traits like gender,
height, weight, age, and ethnicity as an asset in the identification mechanism
provided by the Primary Biometric identifiers. Although soft biometric lacks the
distinctiveness and permanence to identify an individual uniquely and reliably yet
they provide some evidence about the user identity that could be beneficial.
124
Unimodal biometric systems make use of a single biometric trait for user
recognition. It is difficult to achieve very high recognition rates using unimodal
systems due to problems like noisy sensor data and non-universality or lack of
distinctiveness of the chosen biometric trait. Multimodal biometric systems address
some of these problems by combining evidence obtained from multiple sources
[HON, 1999]. A multimodal biometric system that utilizes a number of different
biometric identifiers like face, fingerprint, hand-geometry, and iris can be more
robust to noise and minimize the problem of non-universality and lack of
distinctiveness.
However, the problem with multimodal system is that it will require a longer
verification time thereby causing inconvenience to the users. A multimodal biometric
system based on different biometric identifiers can be expected to be more robust to
noise, improve the matching accuracy and provide reasonable protection against
spoof attacks. But there are limitations as well.
(i) The overall cost involved in building the multimodal system can be high due to
the need for multiple high quality sensors and increased storage and computational
requirements.
(ii) The system will require a longer verification time thereby causing inconvenience
to the users.
A possible solution to the problem of designing a reliable and user-friendly biometric
system is to use additional information about the user like height, weight, age,
gender, ethnicity, and eye color to improve the performance of the primary biometric
system. Most of the biometric systems collect such additional information about the
users during enrollment and store them in the database as metadata. Biometric
systems used in access control applications generally have a human supervisor who
oversees the operations of the system. When a genuine user is falsely rejected by the
system, the human operator has to verify the identity of this user manually. This
125
manual verification is usually done by comparing the facial appearance of the user
with the facial image appearing on the user’s identification card and by verifying
other information on the ID card like age, gender, height, and other visible
identification marks. If the soft biometric characteristics can be automatically
extracted and used during the decision making process, the overall performance of
the system can be improved and the need of manual involvement will be reduced.
In order to utilize soft biometrics, there must be a mechanism to automatically
extract these features from the user during the recognition phase. As the user
interacts with the primary biometric system, the system should be able to
automatically measure the soft biometric characteristics like height, age and gender
without any interaction with the user. This can be achieved using a special system of
sensors. For example, a bundle of infra-red beams could be used to measure the
height. A camera could be used for obtaining the facial image of the user, by which
information like age, gender, and ethnicity could be derived [JAI, 1997]. These
observed soft biometrics information could then be used to supplement the identity
information provided by the user’s primary biometric identifier. Extensive studies
have been made to identify the gender, ethnicity, and pose of the users from their
facial images. Gutta et al. [GUT, 2000] proposed a mixture of experts consisting of
ensembles of radial basis functions for the classification of gender, ethnic origin, and
pose of human faces. Their gender classifier classified users as either male or female
with an average accuracy rate of 96%. Age determination is a more difficult problem
due to the very limited physiological or behavioral changes in the human body as the
person grows from one age group to another. There are currently no reliable
biometric indicators for age determination.
Heckathorn et al. [HEC, 1997] have shown that a combination of personal attributes
like age, gender, eye color, height, and other visible identification marks can be used
to identify an individual only with a limited accuracy. Hence, a system that is
126
completely based on soft biometric traits cannot meet the accuracy requirements of
real world applications. However, soft biometric traits can be used to improve the
performance of traditional biometric systems.
Primary Biometric System Soft Biometric System
Figure 4.10 Existing Soft Biometric System for person recognition.
Wayman [WAY, 1997] makes use of soft biometric traits like gender and age, for
filtering a large biometric database (as shown in Figure 4.10). Filtering refers to
limiting the number of entries in a database to be searched, based on characteristics
of the interacting user. For example, if the user can somehow be identified as a
middle-aged male, the search can be restricted only to the subjects with this profile
enrolled in the database. This greatly improves the speed or the search efficiency of
the biometric system. Filtering and system parameters tuning require an accurate
classification of a user into a particular class (e.g., male or female, blue or brown
eyes, Caucasian or Asian or African). This requires a pre-identification module that
can accurately perform this classification. The probability of user �i, given by
primary biometric feature vector x and the soft biometric feature vector y i.e., P(�i|
x; y) can be calculated using the Bayes’ rule.
127
P(�i|x; y) = P(y|�i) P(�i|x) ----------------- (i) P(y|�i)
Where P(�i| x) is the probability that the test user is �i given the feature vector x and
P(�i| y) is the probability that the test user is �i given the feature vector y.
The logarithm of P(�i|x; y) in equation (1) can be expressed as
log P(�i|x, y) = log P(y1|�i) + ……. + log P(yk|�i) + log P(yk+1|�i) + …… +log
P(ym|�i) + log P(�i|x) – log P(y)
Where m is the number of soft traits used in the system. This formulation has two
main drawbacks. The first problem is that all the m soft biometric variables have
been weighed equally. But in practice the gender of a person may give more
information about a person than height. Therefore, we must introduce a weighting
scheme for the soft biometric traits. Another problem is that any impostor can easily
spoof the system because the soft characteristics have an equal say in the decision as
the primary biometric trait. It is relatively easy to modify/hide one’s soft biometric
attributes by applying cosmetics and wearing other accessories (like mask, shoes
with high heels, etc.).
4.4.1 The Proposed Scheme to Integrate Soft Biometrics with
Primary Biometrics The author of this thesis has proposed a scheme [KAN, 2008A] to address to
problems stated in previous sub-section. In the proposed work the Biometric system
is divided into two subsystems. One subsystem is called the primary biometric
system and it is based on traditional biometric identifiers like fingerprint, face, hand-
geometry etc. The second subsystem, referred to as the secondary biometric system,
128
is based on soft biometric traits like age, gender, height etc. Architecture of personal
identification using primary biometrics and soft biometric is shown in Figure 4.11.
The proposed scheme consists of two stages viz. Stage-I and Stage-II. The soft
biometrics system is used as first stage and the primary biometric system is used as
second stage. The output of first stage is fed to second stage. This type of
combination will reduce the processing time system and will improve the efficiency
of system as explained in coming sub-section 4.4.7.
Processing at Stage-II is required only when the stage-I passes successfully else there
will be rejection automatically even without computing the stage-II. Stage-I also
computes the soft traits like age, gender, height automatically, without human
involvement.
Figure 4.11 Architecture of Personal Identification using Primary Biometrics and
Soft Biometric.
129
4.4.2 Performance Estimation of Proposed Scheme In the proposed work, the fingerprint is used as the primary biometric identifier and
age, gender and height are used as soft biometric traits. The soft traits are chosen in
such a way that they could be easily extracted automatically when user interact with
system. For estimating the performance of proposed scheme, let us assume there are
1,00,000 input templates to be matched against database templates and out of
1,00,000 templates only 100 templates are verified by the system. Let time taken by
primary biometric system to process single template is TF and time taken by soft
biometric to process single template is TS. Where TF >TS as soft traits can be
processed easily and TF is 10 times greater than TS [JAI, 2004A].
Calculation for the Response Time:
In conventional Fingerprint verification system Total Processing Time (TR) for
1,00,000 templates.
TR = 100000*TF unit time.
TR = 100000*10TS =1000000TS unit time
In Proposed system Total Processing Time (TP) for 1,00,000) templates.
Tp = (100000-100)* TS + 100 *(TF + TS).
(As per assumption only 100 templates are verified and rest of 99900 templates are
discard at Stage-I.)
Tp = 99900 TS + 100(10+1) TS = (99900+1100) TS =101000 TS unit time.
TP
TR
10,1000 TS
10,00000 TS =
1
9.9 Speedup Factor = =
130
It is obvious from the above calculation that the proposed scheme is approximately
ten times better than the existing biometric system. The system proves to be more
efficient when huge number templates are taken at input side.
4.4.3 Summary In this chapter the author has proposed three different techniques to improve the
efficiency of the biometric systems. The Henry finger print classification scheme,
which classifies the fingerprints in the database according to their relative Primary
Grouping Ratio (PGR) values has several limitations such as (i) it works only when
both palm-prints of person are available; (ii) it can not work when intruder has made
some trick while enrolling his palm-print to system, for instance, he can change the
normal order of his fingers on the sensor; (iii) a huge amount of computer memory is
required to store fingerprints of both hands. A new technique has been proposed to
address these problems.
Loops contribute 65% of the total fingerprint and they are further classified into left
loop and right loop. The remaining 35% of the total fingerprint is contributed by
whorl and arch. The proposed classifier as discussed in section 4.2.2, classifies the
input template into the four domains on the basis of left-loop, right-loop, whorl or
arch during the enrolment process in order to create the template database, which is
vertically classified into these four domains. During identification process, a
minutiae template is generated of a particular classification domain and that template
is searched in the corresponding domain of the template database thereby reducing
the response time of the biometric system. Theoretically, it has been shown that the
proposed approach is approximately forty times more efficient as compared with the
existing approaches.
131
The second approach based on hand geometry improves the performance of the
fingerprint verification system. The proposed algorithm works in two phases viz.
Phase-I and Phase-II as discussed in section 4.3.3. The algorithm proceeds to Phase-
II only when Phase-I is successful thereby reducing the processing time for rejecting
the input template. The proposed approach has been found more efficient than other
existing approaches on two accounts (i) on theoretical basis it has been shown that
the proposed approach has reduced the response time five times approximately as
compared to the existing approach; (ii) intuitively the proposed approach requires
lesser storage space as compared to multimodal based approaches.
The third approach is based on soft biometrics such as gender, height, ethnicity etc.
Though the soft biometric characteristics are not as permanent and reliable as the
traditional biometric identifiers like fingerprint, yet they can provide some
information about the identity of the user that leads to higher accuracy in establishing
the user identity. The proposed algorithm integrates soft biometrics with the primary
biometrics and works in two stages as discussed. Processing of stage II is required
only when stage I is passed successfully thereby reducing the processing time. On
theoretical basis, it has been shown that the proposed algorithm is ten times
approximately more efficient than the existing algorithm.
132
Chapter 5
Conclusion and Future Scope From system perspective, both security and privacy are open problems with no
satisfactory solutions on the horizon. In this thesis work, fundamental roadblocks for
widespread adoption of biometrics as effective and efficient means for ensuring
system integrity and system security have been explored and some solutions to these
roadblocks have been suggested. An extensive survey of the existing work in the
domain of fingerprint based biometric systems has been carried out and the
algorithms for fingerprint feature extraction, enhancement, matching, and
classification are critically analyzed. It was found that the loop holes still existed in
the biometric systems and an intelligent imposter could easily spoof these systems.
In this thesis work, three techniques to improve security and three techniques to
increase efficiency of the biometric systems have been proposed.
In the traditional cryptography the secret key is used to generate cipher text and at
the receiving end the same secret key is used to decode the message. The main
problems found in the traditional cryptographic systems are that of key entropy, key
uniqueness and key stability as discussed in section 3.2.1. In the proposed
cryptographic based approach, the biometric (secret) template replaces the secret key
to generate the cipher text and the same biometric template is used to decode the
133
message at the receiving end. Thus the proposed approach has eliminated the need to
remember complicated key sequences that could be forgotten, stolen or even guessed
thereby making the biometric system more secure.
Another proposed approach to secure the biometric system is based on
steganography. Steganography can be thought of as higher version of the
cryptography and hence its usage can further increase the integrity and security of
the biometric systems. The secret key in the proposed approach has been embedded
in the biometric template by changing the bit pattern information of individual pixel
as discussed in section 3.3.5. The algorithm has been developed for this purpose and
any security system based on this algorithm cannot be spoofed easily. The hacker
can not be able to break the system even he know both the secret templates and
secret key because he don’t know, how the key and templates are mixed with binding
algorithm.
The third proposed approach to secure biometric system is based on the concept of
cancelable biometrics. One of the most critical problems associated with the
biometric template is that if somehow biometric data is compromised then it is
compromised forever. In other words, unlike to the passwords or tokens based
security systems, another set of security (in case secret template is hacked or stolen)
cannot be issued to a person in the biometric-based systems. The proposed approach
has addressed this problem by using the cancelable biometric. Original biometric
template is distorted by using some hash function to produce new biometric template
that is used for authentication purpose. In case the secret biometric template is
hacked or stolen then a new biometric template can be generated by using some
another hash function. The original biometric template is always safe as it is never
stored anywhere and thereby increases the security of the system. Further, the
proposed approach can enhance the template security by generating a number of
templates from the single template and using them for different services.
134
The Henry finger print classification scheme [HEN, 2003], which classifies the
fingerprints in the database according to their relative Primary Grouping Ratio
(PGR) values as discussed in section 4.2.1. It has several limitations such as i) it
works only when both palm-prints of person are available ii) it can not work when
intruder has made some trick while enrolling his palm-print to system, for instance,
he can change the normal order of his fingers on the sensor; c) a huge amount of
computer memory is required to store fingerprints of both hands. A new technique
has been proposed to address these problems.
Loops contribute 65% of the total fingerprint and they are further classified into left
loop and right loop. The remaining 35% of the total fingerprint is contributed by
whorl and arch. The proposed classifier as discussed in section 4.2.2, classifies the
input template into the four domains on the basis of left-loop, right-loop, whorl or
arch during the enrolment process in order to create the template database, which is
vertically classified into these four domains. During identification process, a
minutiae template is generated of a particular classification domain and that template
is searched in the corresponding domain of the template database thereby reducing
the response time of the biometric system. Theoretically, it has been shown that the
proposed approach is approximately forty times more efficient as compared with the
existing approaches.
The author of the thesis has proposed another approach based on hand geometry to
improve the performance of the fingerprint verification system. The proposed
algorithm works in two phases viz. Phase I and Phase II as discussed in section 4.3.3.
The algorithm proceeds to Phase-II only when Phase-I is successful thereby reducing
the processing time for rejecting the input template. The proposed approach has been
135
found more efficient than other existing approaches on two accounts (i) on
theoretical basis it has been shown that the proposed approach has reduced the
response time five times approximately as compared to the existing approach; (ii)
intuitively the proposed approach requires lesser storage space as compared to
multimodel based approaches.
The third approach, which has been proposed to reduce the response time, is based
on soft biometrics. The proposed algorithm integrates soft biometrics with the
primary biometrics and works in two stages as discussed in section 4.4.1. Processing
of stage-II is required only when stage-I is passed successfully thereby reducing the
processing time. On theoretical basis, it has been shown that the proposed algorithm
is ten times approximately more efficient than the existing algorithm.
As biometric technology matures, there will be an increasing interaction among the
market, technology, and the applications. This interaction will be influenced by the
added value of the technology, user acceptance, and the credibility of the service
provider. As biometrics continues to advance scientifically and technologically, its
use and acceptability as a means of security and authorization across various sectors
will also grow. Biometrics would be a useful solution to the issue of security for
mobile banking in rural areas as only thumb impression is quite enough for money
transaction. Many biometric technology providers are already delivering biometric
authentication for a variety of web-based and client/server based applications.
Continued improvements in the technology will increase performance at a lower
cost.
Though biometric authentication is not a magical solution that solves all
authentication concerns and also it does not guarantee for 100% accuracy and
security yet it make easier and cheaper for us to use a variety of automated
136
information systems. It is too early to predict where and how biometric technology
would evolve and get embedded in which applications. But it is certain that
biometrics based identification will have a profound influence on the way we
conduct our daily business. It is also certain that, the fingerprints will remain an
integral part of the preferred biometric-based identification solutions as the most
mature and well understood biometric in the future generation.
Further a single template protection approach may not be sufficient to meet all the
application requirements. Hence, hybrid schemes that make use of the advantages of
the different template protection approaches must be developed.
137
Bibliography
[ADL 2003, 1] Adler. A, “Can images be regenerated from biometric templates?” in Biometrics Consortium Conference, (Arlington, VA), September 2003. [ADL 2003, 2] A. Adler, “Sample images can be independently restored from face recognition templates”, http://www.site.uottawa.ca/~adler/publications /2003/adler-2003-fr-templates.pdf [AIL, 2004] H. Aillisto, M. Lindholm, S. M. Makela, and E. Vildjiounaite. Unobtrusive User Identification with Light Biometrics. In Proceedings of the Third Nordic Conference on Human-Computer Interaction, pages 327–330, Tampere, Finland, October 2004.
[AND, 1996] RJ Anderson, “Stretching the Limits of Steganography”, In
Information Hiding, Springer Lecture Notes in Computer Science, vol 1174, pp 39-
48,1996.
[AND, 1996] RJ Anderson, FAP Petitcolas, “On the Limits of Steganography”, IEEE
Journal on Selected Areas in Communications, vol 16 no 4 pp 474-481, May 1998.
[ANG, 2005] R. Ang, R. Safavi-Naini and L. McAven. Cancelable key-based fingerprint templates. In ACISP, volume 3574 of LNCS, pages 242-252, 2005.
[ARA, 2007] A. Arakala, Jason Jeffers and Kathy J. Horadam. Fuzzy Extractors for Minutiae-Based Fingerprint Authentication. In International Conference on Biometrics, 2007.
[ARM, 2003] I. Armstrong. Passwords exposed: users are the weakest link available at http://www.safestone.com/downloads/news/news passwords exposed sc magazine may03.pdf, 2003. [ARU, 2002] Arun Ross,Anil Jain,James Reisman "A hybrid fingerprint matcher"in the Proceedings of the 16 th International Conference on Pattern Recognition (ICPR'02) Volume 3 - Volume 3 2002.
138
[ASH, 2008] Asha, S.; Chellappan, C. “Authentication of e-learners using multimodal biometric technology” Biometrics and Security Technologies, 2008. ISBAST 2008. International Symposium on Volume , Issue , 23-24 April 2008 Page(s):1 - 6 [BEI, 2003] American university of beirut faculty of engineering and architecture
department of electrical and computer engineering eece695c – adaptive filtering and
neural networks fingerprint identification–project 2.
[BEI, 1992] T. Beier and S. Neely, “Feature-Based Image Metamorphosis,” Proceedings of SIGGRAPH, ACM, New York (1992), pp. 35–42. [BEL, 1999] BelCn Ruiz-Mezcua, D.G. Plaza, C.Fernandez, P.D.Garcia and F. Fernandez, “Biometrics verification in a real environment” Security Technology, 1999. Proceedings. IEEE 33rd Annual 1999 International Carnahan Conference. [BEN, 1999] S. Ben-Yacoub, Y. Abdeljaoued, and E. Mayoraz, “Fusion of Face and Speech Data for Person Identity Verification,” IDIAP, Martigny, Switzerland, Res. Paper IDIAP-RR 99–03, 1999. [BER, 1896] A. Bertillon, Signaletic Instructions including the theory and practice of Anthropometrical Identification, R.W McClaughry Translation, The Werner Company, 1896. [BES, 1992] P.J. Besl and N.D. McKay. A method for registration of 3-d shapes. IEEE Transactions on Pattern Analysis and Machine Intelligence, 14(2):239-256, February 1992. [BIG, 1997] E. S. Bigun, J. Bigun, B. Duc, and S. Fischer. Expert Conciliation for Multimodal Person Authentication Systems using Bayesian Statistics. In Proceedings of First International Conference on Audio- and Video-Based Biometric Person Authentication (AVBPA), pages 291–300, Crans-Montana, Switzerland, March 1997. [BIO,2001] IBG (2001). Biometrics Explained, International Biometric Group. [BIO,2003] I. Biometric Group, “The Henry Classification System.” Available at http://www.biometricgroup.com/Henry%20Fingerprint%20Classification.pdf, 2003. [BOD, 1994] A. Bodo, “Method for producing a digital signature with aid of a biometric feature”,German patent DE 42 43 90 A1, 1994.
139
[BOL, 1999] R.M. Bolle, N.K. Ratha, A. Senior, and S. Pankanti, “Minutiae template exchange format”, Proc. AutoID 1999, IEEE Workshop on Automatic Identification Advanced Technologies, pp. 74-77, 1999.
[BOU, 2006] T. Boult. Robust distance measures for face-recognition supporting revocable biometric tokens. In IEEE, 7th Intl. Conf. on Automatic Face and Gesture Recognition, pages 560-566, 2006.
[BOY, 2004] Xavier Boyen. Reusable cryptographic fuzzy extractors. In Proceedings of the 11th ACM conference on Computer and Communications Security, pages 82-91, 2004. ACM Press.
[BOY, 2005] X. Boyen, Y. Dodis, J. Katz, R. Ostrovsky and A. Smith. Secure Remote Authentication Using Biometric Data. In Eurocrypt, 2005.
[BRU, 1995] R. Brunelli and D. Falavigna, “Person identification using multiple cues,” IEEE Transactions on PAMI, vol. 12, no. 10, pp. 955–966, Oct 1995.
[BUH, 2007] Ileana Buhan, Jeroen Doumen, Pieter Hartel and Raymond Veldhuis. Feeling is Believing: a secure template exchange protocol. In International Conference on Biometrics, volume 4642 of LNCS, pages 897-906, 2007.
[BUH, 2007A] Ileana Buhan, Jeroen Doumen, Pieter Hartel and Raymond Veldhuis. Fuzzy extractors for continuous distributions. In ASIACCS, 2007.
[CAP, 2000] Cappelli. R, Erol R, Maio D, and Maltoni D, “Synthetic fingerprint-image generation,” in Proc. Int’l. Conf. Pattern Recognition (ICPR), vol. 3, pp. 475–478, (Barcelona, Spain), September 2000.
[CAM, 2008] P. Campisi, E. Maiorana and A. Neri. On-line signature based authentication: template security issues and countermeasures. In Biometrics: Theory, Methods, and Applications, N. V. Boulgouris and K.N. Plataniotis and E.Micheli-Tzanakou, editors, 2008. Wiley/IEEE
140
[CHA, 1999] V. Chatzis, A. G. Bors, and I. Pitas. Multimodal Decision-level Fusion for Person Authentication. IEEE Transactions on Systems, Man, and Cybernetics, Part A: Systems and Humans, 29(6):674–681, November 1999. [CHE, 1997] K. Chen, L. Wang, and H. Chi. Methods of Combining Multiple Classifiers with Different Features and Their Applications to Text-Independent Speaker Identification. International Journal of Pattern Recognition and Artificial Intelligence, 11(3):417–445, 1997. [CHE, 2005] Y. Chen, S. C. Dass, and A. K. Jain. Fingerprint Quality Indices for Predicting Authentication Performance. In Proceedings of Fifth International Conference on Audio and Video-Based Biometric Person Authentication (AVBPA) (To appear), New York, U.S.A., July 2005. [CHE, 2005A] Y. Chen and A. Jain. Fingerprint deformation for spoof detection. Biometric Consortium Conference, 2005, available at http://www.biometrics.org/ bc2005/program.htm.
[CHE, 2006] K.H. Cheung, A. Kong, D. Zhang, M. Kamel and J. You. Revealing the secret of FaceHashing. In Intl. Conf. on Biometrics, volume 3832 of LNCS, pages 106-112, 2006.
[CHE, 2007] H.Chen, Hongwei Sun,Kwok-Yan Lam "Key Management Using Biometrics" Proceedings of the The First International Symposium on Data, Privacy, and E-Commerce, 2007.
[CHI, 2006] Ee-Chien Chang, Vadym Fedyukovych and Qiming Li. Secure Sketch for Multi-Set Difference. Cryptology ePrint Archive, Report 2006/090. 2006. http://eprint.iacr.org/.
[CHI, 2007] Ee-Chien Chang and Sujoy Roy. Robust Extraction of Secrets Bits from Minutiae. In International Conference on Biometrics, 2007.
[CHO, 2007] Michał Chora´s "Emerging Methods of Biometrics Human Identification" in the Proceedings of the Second International Conference on Innovative Computing, Information and Control 2007.
141
[CLA,2003] Clancy, T. C., N. Kiyavash and D.J. Lin (2003). "Secure smartcard-based fingerprint authentication." Proceedings ACM SIGMM 2003 Multimedia, Biometrics Methods and Workshop: 45-52. [CON, 2002] Congress of the United States of America. Enhanced Border Security and Visa Entry Reform Act of 2002. Available at http://unitedstatesvisas.gov/pdfs/Enhanced Border SecurityandVisa Entry.pdf, 2002.
[CON, 2005] T. Connie, A. Teoh, M. Goh and D. Ngo. Palmhashing: a novel approach for cancelable biometrics. Information Processing Letters, 93:614-634, 2005.
[DAN, 2002] Daniel L. Hartl and Elizabeth W. Jones. Essential Genetics. Jones and Bartlett Publishers, 2002. [DAS, 2004] S. Dass and A. K. Jain. Fingerprint classification using orientation field curves. In Proc. Indian Conference on Computer Vision, Graphics and Image Processing, pages 650-655, 2004. [DAS, 2004A] S. C. Dass. Markov random field models for directional field and singularity extraction infingerprint images. IEEE Transactions on Image Processing, 13(10):1358-1367, October 2004. [DAS, 2005] S. C. Dass, K. Nandakumar, and A. K. Jain. A Principled Approach to Score Level Fusion in Multimodal Biometric Systems. In Proceedings of Fifth International Conferenceon Audio- and Video-based Biometric Person Authentication (AVBPA) (To appear), New York, U.S.A., July 2005. [DAU, 1993] J. G. Daugman. High confidence visual recognition of persons by a test of statistical independence. IEEE Transactions on Pattern Analysis and Machine Intelligence, 15(11):1148-1161, November 1993.
[DAU, 2004] John Daugman. How iris recognition works. IEEE Tran. Circuits and Systems for Video Technology, 14(1):21-30, 2004.
[DAV, 1998] G. I. Davida, Y. Frankel, and B. J. Matt. On enabling secure applications through online biometric identification. In Proc. 1998 IEEE Symposium on Privacy and Security, pages 148-157, 1998.
142
[DAV, 1999] G. I. Davida, Y. Frankel, B. J. Matt, and R. Peralta. On the relation of error correction and cryptography to an o²ine biometric based identification scheme. In Proc. Workshop on Coding and Cryptography (WCC), pages 129-138, 1999. [DER, 2003] R. Derakhshani, S. A. C. Schuckers, L. A. Hornak, and L. O. Gorman. Determination of vitality from a non-invasive biomedical measurement for use in fingerprint scanners. Pattern Recognition, 36(2):383-396, February 2003. [DOD, 2004] Y. Dodis, L. Reyzin, and A. Smith. Fuzzy extractors: how to generate strong keys from biometrics and other noisy data. In Proc. International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT), pages 523-540, 2004.
[DOD, 2005] Y. Dodis and A. Smith. Correcting Errors without Leaking Partial Information. In STOC, 2005.
[DOD, 2008] Yevgeniy Dodis, Rafail Ostrovsky, Leonid Reyzin and Adam Smith. Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data. SIAM Journal of Computing, 38(1):97-139, 2008.
[DRA, 2007] Stark C. Draper, Ashish Khistiy, Emin Martinianz, Anthony Vetro and Jonathan S. Yedidia. Secure Storage of Fingerprint Biometrics Using Slepian-Wolf Codes. In Information Theory and Applications Workshop, January 2007.
[DUD, 2001] R. O. Duda, P. E. Hart, and D. G. Stork. Pattern Classification. Wiley, New York, Second edition, 2001. [DUD, 2001A] R. Duda, P. Hart, and D. Stork. Pattern Classification. John Wiley & Sons, 2001. [EGG, 2002] Eggers . J.J, Bauml. R, Grid .B , “A Communication Approach to Image Steganography”, Proceedings of SPIE vol 4675, Jan 2002, Security and Watermarking of Multimedia Contents IV, San Jose, Callifornia. [ELL, 2007] Elliott, S.J.; Massie, S.A.; Sutton, M.J. “The Perception of Biometric Technology: A Survey” Automatic Identification Advanced Technologies, 2007 IEEE Workshop on Volume , Issue , 7-8 June 2007 Page(s):259 - 264
143
[FEN, 2003] Hao Feng and Chan Choong Wah. Online signature verification using a new extreme points warping technique. Pattern Recognition Letters, 24:2943–2951, 2003. [FER, 2002] L. C. Ferri, A. Mayerhofer, M. Frank, C. Vielhauer, and R. Steinmetz, “Biometric authentication for ID cards with hologram watermarks,” in Proc. SPIE, Security and Watermarking of Multimedia Contents IV, vol. 4675, pp. 629–640, (Bellingham, WA), January 2002. [FIE,2005] J. Fierrez-Aguilar, L. Nanni, J. Lopez-Penalba, J. Ortega-Garcia, and D. Maltoni. An on-line signature verification system based of fusion of local and global information. to appear in AVBPA, 2005. [FRA, 1996] E Franz, A Jerichow, S Moller, A Pfitzmann, I Stierand, “Computer
Based Steganography”, Information Hiding, Springer Lecture Notes in Computer
Science vol 1174 ,pp 7-21,1996.
[GIV, 2003] G. Givens, J. R. Beveridge, B. A. Draper, and D. Bolme. A Statistical Assessment of Subject Factors in the PCA Recognition of Human Subjects. In Proceedings of CVPR Workshop: Statistical Analysis in Computer Vision, June 2003. [GOL, 1997] M. Golfarelli, D. Maio, and D. Maltoni. On the Error-Reject Tradeoff in Biometric Verification Systems. IEEE Transactions on Pattern Analysis and Machine Intelligence, 19(7):786–796, July 1997. [GOR, 2003] O. Gorman “Comparing Passwords, Tokens, and Biometrics for User Authentication states” PROCEEDINGS OF THE IEEE, VOL. 91, NO. 12, DECEMBER 2003. [GRI, 2000] F. Griess. On-line signature verification. Master’s thesis, Michigan State University, 2000. [GUN, 2002] B. Gunsel, U. Uludag, and A. M. Tekalp. Robust watermarking fingerprint images. Pattern Recognition, 35(12):2739-2747, December 2002. [GUN, 2003] B. Gunsel, S. Sener, and Y. Yaslan. An adaptive encoder for audio watermarking. WSEAS Transactions on Computers, 2(4):1044-1048, October 2003.
144
[GUT, 2000] S. Gutta, J. R. J. Huang, P. Jonathon, and H. Wechsler, “Mixture of
Experts for Classification of Gender, Ethnic Origin, and Pose of Human Faces,”
IEEE Transactions on Neural Networks 11, pp. 948–960, July 2000.
[GUV, 2003] A. Güven, �. So�ukpınar, “Undestanding users’ keystroke patterns for computer access security”, Journal of Computers & Security, Vol 22, No 8, pp 695-706, 2003. [HAM, 1986] F. R. Hampel, P. J. Rousseeuw, E. M. Ronchetti, and W. A. Stahel. Robust Statistics: The Approach Based on Influence Functions. John Wiley & Sons, 1986. [HAN, 2000] S. Hangai, S. Yamanaka, and T. Hamamoto. Writer verification using altitude and direction of pen movement. Proceedings of the International Conference on Pattern Recognition, 3:483–486, 2000.
[HAO, 2002] F. Hao and C.W. Chan. Private key generation from on-line handwritten signatures. Information Management and Computer Security, 10(2):2002.
[HAO, 2005] Feng Hao, Ross Anderson and John Daugman. Combining cryptography with biometrics effectively. University of Cambridge Technical Report UCAM-CL-TR-640. 2005.
[HAO, 2006] Feng Hao, Ross Anderson and John Daugman. Combining crypto with biometrics effectively. IEEE Transactions on Computers, 55(9):1081-1088, 2006.
[HAR, 1999] F. Hartung and M. Kutter. Multimedia watermarking techniques. Proceedings of the IEEE, 87(7):1079-1107, July 1999. [HAY, 2002] J. Hayashi, M. Yasumoto, H. Ito, and H. Koshimizu. Age and Gender Estimation based on Wrinkle Texture and Color of Facial Images. In Proceedings of the Sixteenth International Conference on Pattern Recognition, pages 405–408, Quebec City, Canada, August 2002. [HEC, 1997] D. D. Heckathorn, R. S. Broadhead, and B. Sergeyev. A Methodology for Reducing Respondent Duplication and Impersonation in Samples of Hidden
145
Populations. In Annual Meeting of the American Sociological Association, Toronto, Canada, August 1997. [HEN, 2003] The Henry Classification System Copyright © 2003 International
Biometric Group.
[HIS, 1977] N. M. Herbst and C. N. Liu. Automatic signature verification based on accelerometry. IBM Journal Of Research And Development, 21:245–253, 1977. [HIL, 2001] C. J. Hill. Risk of masquerade arising from the storage of biometrics. Available at http://chris.fornax.net/biometrics.html, 2001. [HOL, 1994] T. K. Hol, J. J. Hull, and S. N. Srihari. Decision Combination in Multiple Classifier Systems. IEEE Transactions on Pattern Analysis and Machine Intelligence, 16(1):66–75, January 1994. [HON, 1998] L. Hong and A. K. Jain, “Integrating faces and fingerprints for
personal identification,” IEEE Trans. Pattern Anal. Machine Intell, vol. 20, pp.
1295–1307, Dec. 1998.
[HON, 1998A] L. Hong, Automatic Personal Identification Using Fingerprints, PhD
Thesis, Michigan State University, 1998
[HON, 1999] L. Hong, A. K. Jain, and S. Pankanti. Can Multibiometrics Improve Performance? In Proceedings of IEEE Workshop on Automatic Identification Advanced Technologies, pages 59–64, New Jersey, U.S.A., October 1999. [HRE, 1990] A. K. Hrechak and J. A. McHugh, Automated Fingerprint Recognition
using Structural Matching, Pattern Recognition, Vol. 23, No. 8, 1990.
[IND, 2003] M. Indovina, U. Uludag, R. Snelick, A. Mink, and A. K. Jain. Multimodal Biometric Authentication Methods: A COTS Approach. In Proceedings of Workshop on Multimodal User Authentication, pages 99–106, Santa Barbara, USA, December 2003. [IYE, 1995] S. S. Iyengar, L. Prasad, and H. Min. Advances in Distributed Sensor Technology. Prentice Hall, 1995.
146
[JAI, 1997] A. K. Jain, L. Hong, S. Pankanti, and R. Bolle. An identity authentication system using fingerprints. Proceedings of the IEEE, 85(9):1365-1388, September 1997. [JAI, 1998] A. K. Jain, R. Bolle, S. Pankanti (eds), Biometrics: Personal Identification in Networked Society, Kluwer Academic, December 1998. [JAI, 1999] A. K. Jain, A. Ross, and S. Pankanti, “A prototype hand geometry-based verification system,” in Proceedings AVBPA’99, Washington, D.C., USA, March 1999, pp. 166–171. [JAI, 1999A] Jain A.K, Bolle. R, and Pankanti .S, eds., Biometrics: Personal Identification in Networked Society. Kluwer Academic Publishers, 1999. [JAI, 1999B] Jain, L.C. et al. (Eds.). 1999. ‘’Intelligent Biometric Techniques in Fingerprint and Face Recognition.’’ Boca Raton, FL: CRC Press. [JAI, 2001] A. K. Jain, A. Ross, and S. Prabhakar, “Fingerprint Matching Using Minutiae and Texture Features”, to appear in the International Conference on Image Processing (ICIP), Greece, October 7-10, 2001. [JAI, 2002] A. Jain and A. Ross. Learning user-specific parameters in a multibiometric system. Proceedings of the International Conference on Image Processing, pages 57–60, 2002. [JAI, 2002A] A. K. Jain, Friederike D. Griess, and Scott D. Connell. On-line Signature Verification. Pattern Recognition, 35(12):2963–2972, December 2002. [JAI, 2003] A. K. Jain and U. Uludag. Hiding biometric data. IEEE Transactions on Pattern Analysis and Machine Intelligence, 25(11):1494-1498, November 2003. [JAI, 2004] Jain, A. K.; Ross, Arun; Prabhakar, Salil (January 2004), "An
introduction to biometric recognition", IEEE Transactions on Circuits and Systems
for Video Technology 14th (1): 4 – 20.
[JAI, 2004A] Jain, A.K., Dass, S.C., Nandakumar, K.: Can soft biometric traits assist
user recognition? In: Proceedings of SPIE International Symposium on Defense and
Security: Biometric Technology for Human Identification (2004).
147
[JAI, 2004B] Jain, A.K., Dass, S.C., Nandakumar, K.: Integrating Faces,
Fingerprints, and Soft Biometric Traits for User Recognition. Proceedings of
Biometric Authentication Workshop, LNCS 3087, pp. 259-269, Prague, May 2004
[JAI, 2004C] Anil Jain Sharath Pankanti, Fingerprint Classification and Matching 2004. [JAI, 2004D] Anil K. Jain, Sharath Pankanti, Salil Prabhakar, Lin Hong, and Arun Ross “Biometrics: A Grand Challenge” 0-7695-2128-2/04 $20.00 (C) 2004 IEEE [JAI, 2003] A. K. Jain and A. Ross. Information fusion in biometrics. Pattern Recognition Letters, 24(13):2115–2125, September 2003. [JAI, 2004] A. K. Jain and A. Ross. Multibiometric systems. Communications of the ACM, 47(1):34–40, January 2004. Special Issue on Multimodal Interfaces. [JAI, 2004A] Jain, A.K., Dass, S.C., Nandakumar, K.: Can soft biometric traits assist user recognition? In: Proceedings of SPIE International Symposium on Defense and Security: Biometric Technology for Human Identification (To appear). (2004) [JAI, 2005] A. K. Jain, K. Nandakumar, and A. Ross. Score normalization in multimodal biometric systems. to appear in Pattern Recognition, 2005. [JAI, 2005A] Jain A.K, Ross Arun and Uludag.U. “Biometrics Template security: Challenges and solutions” in Proc. of European Signal Processing Conference September 2005. [JAI 2006] Jain A.K, Ross A, and Pankanti S.. Biometrics: A Tool for Information Security. IEEE transactions on information forensics and security, vol. 1, No. 2, June 2006, pp. 125–143. [JEL, 1997] F. Jelinek. Statistical Methods for Speech Recognition. MIT Press, Cambridge MA, 1997. [JOH, 1998] Johnson N.F, Jajodia Sushil, “Steganalysis of Images Created Using Current Steganography Software”, Lecture Notes in Computer Science, vol 1525, 1998, Springer-Verlag.
148
[JUE, 2002] A. Juels and M. Sudan. A fuzzy vault scheme. In A. Lapidoth and E. Teletar, editors, Proc. IEEE International Symposium on Information Theory, page 408, 2002.
[JUE, 2003] Ari Juels and Madhu Sudan. A Fuzzy Vault Scheme. In IEEE Intl. Symp. on Information Theory, 2002.
[JUE, 2005] Ari Juels, David Molnar, and David Wagner. Security and Privacy Issues in E-passports. In Security and Privacy for Emerging Areas in Communications Networks, pages 74-88, September 2005.
[KAM, 2001] M. Kam, K. Gummadidala, G. Fielding, and R. Conn. Signature authentication by forensic document examiners. Journal of Forensic Sciences, 46:884–888, 2001. [KAN, 2003] A. Kanak, E. Erzin, Y. Yemez, A. M. Tekalp, “Joint Audio-Video
processing for biometric speaker identification”, Proc. Of the Int. Conf. On
Acoustics, Speech and signal Processing 2003, ICASSP 2003, vol II, pp. 377-380,
2003.
[KAN, 2006] Chander Kant, Rajender Nath "Off-line Optical Frustrated Total
Internal Reflection" Published in the proceedings of National Seminar on
“Information and Communication Technology- Recent Advances & Applications
ICT-2006 PP 237-240 Feb 09-11, 2006 at JMIT, Radaur Yamuna Nagar.
[KAN, 2007] Chander Kant, Rajender Nath “Improving Biometric security using
Cryptography” published in International Journal of Advance Research in Computer
Engineering Vol-I Jan-Dec 2007 PP 33-38. ISSN 0974-4320.
[KAN, 2007A] Chander Kant, Rajender Nath "Elevating Fingerprint Verification
System", published in International Journal of Physical Sciences. Vol. 19 (I) April
2007. PP 35-38 ISSN 0970-9150.
149
[KAN, 2007B] Chander Kant, Rajender Nath “Fingerprint As Biometric Traits: An
Overview” Published in International journal of Computer Science and knowledge
Engineering Vol-I Jan-Dec 2007 PP 33-38. ISSN 0973-6735.
[KAN, 2007C] Chander Kant, Satinder Bal Gupta, Vinod Prakash “Secure online
Business: Exploring the security threats to e-commerce” published in International
journal of Intelligent Information Processing Vol-I Jan-Dec 2007 PP 1-8. ISSN
0973-3892.
[KAN, 2007D] Chander Kant, Rajender Nath "Biometric Sensor Based on Optical
Frustrated Total Internal Reflection" in the Book titled “Bioinformatics Computing”
published by Narosa Publication, New Delhi, 2007 PP 118-123, ISBN: 978-817319-
794-9
[KAN, 2007E] Chander Kant, Rajender Nath "Improving Fingerprint Verification
System” Published in International Conference on Intelligent Systems & Networks,
IISN-2007, Feb. 23-25 2007. PP 298-300.
[KAN, 2007F] Chander Kant, Sheetal Verma “Web security using Biometrics”
published in National Conference on Total Quality Management held at Vaish
College of Engg, Rohtak 10th March 2007.
[KAN, 2007G] Chander Kant, Sheetal Verma “Biometric Recognition System: An
Introduction” published in National level seminar on Convergence of IT and
Management on 24-Nov.2007 at TIMT, Yamunanagar.
[KAN, 2008] Chander Kant, Rajender Nath, Sheetal Chaudhary “Biometrics
Security using Steganography” published in CSC online Journal “International
150
Journal of Security” Malashiya Vol-II Issue-I, PP 1-5 2008. www.cscjournals.com.
ISSN 1985-2320.
[KAN, 2008A] Chander Kant, Rajender Nath "Soft Biometric: An Asset for
Personal Recognition" published in International Conference on Advanced
Computing & Communication Technologies at APIIT India, Panipat, November 08-
09, 2008.
[KAN, 2008B] Chander Kant, Rajender Nath, Sheetal Chaudhary Chander Kant,
Rajender Nath "Challenges in Biometrics" published in International Conference on
Emerging trends in Computer Sc. & IT April 23, 2008 at AL-FALAH School of
Engineering & Tech, Faridabad PP 69-77.
[KAN, 2008C] Chander Kant, Sukhdev Singh “Role of Biometrics in Modern
Business” published in National seminar on "Emerging Challenges in Commerce and
Management", Govt. College for Women, KARNAL 18-19 March, 2008.
[KAN, 2009] Chander Kant, Rajender Nath “Reducing Process-Time for Fingerprint
Identification System” published in “International Journals of Biometric and
Bioinformatics” Malaysia Vol-III Issue–I, 2009 PP 1-9. www.cscjournals.com ISSN
1985-2347.
[KAN, 2009A] Chander Kant, Rajender Nath "Soft Biometric: An Asset for
Personal Recognition" published in International Journal of Computing Science &
Communication Technologies [IJCSCT]. Vol-I, Issue-II, 2009 PP 160-163. ISSN -
0974-3375.
151
[KAN, 2009B] Chander Kant, Rajender Nath "Protection of Database Template
using Cancelable Biometric" published in IEEE-International advance computing
conference 6-7 March 2009, Thapar University, Patiala.
[KEL, 2007] E.J.C Kelkboom, B. G\"okberk, T.A.M. Kevenaar, A.H.M. Akkermans and M. van der Veen. "3D Face": Biometric Template Protection for 3D Face Recognition. In International Conference on Biometrics, volume 4642 of LNCS, pages 566-573, 2007.
[KEV, 2005] T.A.M. Kevenaar, G.J. Schrijen, M. Van der Veen, A.H.M. Akkermans and F. Zuo. Face recognition with renewable and privacy preserving binary templates. Fourth IEEE Workshop on Automatic Identification Advanced Technologies, 21-26, 2005.
[KHO, 2004] A. Kholmatov and B. Yanikoglu. Biometric authentication using online signatures. ISCIS, 3280:373–380, 2004. [KHO, 2003] Alisher Kholmatov. Biometric identity verification using on-line & off-line signature verification. Master’s thesis, Sabanci University, 2003.
[KHO, 2008] Alisher Kholmatov and Berrin Yanikoglu. Realization of correlation attack against fuzzy vault scheme. In Security, Forensics, Steganography, and Watermarking of Multimedia Contents X, volume 6819 of Proceedings of SPIE, 2008.
[KIT, 1998] J. Kittler, M. Hatef, R. P. Duin, and J. G. Matas. On Combining Classifiers. IEEE Transactions on Pattern Analysis and Machine Intelligence, 20(3):226–239, March 1998.
[KON, 2006] A. Kong, K-H. Cheung, D. Zhang, M. Kamel and J. You. An analysis of BioHashing and its variants. Pattern Recognition, 39(7):1359-1368, 2006.
[KUM, 2003] A. Kumar, D. C. M. Wong, H. C. Shen, and A. K. Jain. Personal Verification Using palm-print and Hand Geometry Biometric. In Proceedings of Fourth International Conference on Audio- and Video-Based Biometric Person Authentication (AVBPA), pages 668–678, Guildford, U.K., June 2003.
152
[KUN, 2001] L. I. Kuncheva, C. J. Whitaker, C. A. Shipp, and R. P. W. Duin, “Is independence good for combining classifiers?,” in Proceedings ICPR, Barcelona, Spain, 2001, vol. 2, pp. 168–171. [KUT, 1997] M. Kutter, F. Jordan, and F. Bossen. Digital signature of color images using amplitude modulation. In Proc. SPIE, Storage and Retrieval for Image and Video Databases V, vol. 3022, pages 518-526, 1997. [KWO, 1994] Y. H. Kwon and N. V. Lobo. Age Classification from Facial Images. In Proceedings of IEEE Conference on Computer Vision and Pattern Recognition, pages 762–767, April 1994. [LAM, 1989] Chan F. Lam and David Kamins. Signature recognition through spectral analysis. Pattern Recognition, 22:39–44, 1989. [LAM, 1995] L. Lam and C. Y. Suen. Optimal Combination of Pattern Classifiers. Pattern Recognition Letters, 16:945–954, 1995. L. Xu, A. Krzyzak, and C. Y. Suen. Methods for Combining Multiple Classifiers and their Applications to Handwriting Recognition. IEEE Transactions on Systems, Man, and Cybernetics, 22(3):418–435, 1992. [LAM, 1997] L. Lam and C. Y. Suen. Application of Majority Voting to Pattern Recognition: An Analysis of Its Behavior and Performance. IEEE Transactions on Systems, Man, and Cybernetics, Part A: Systems and Humans, 27(5):553–568, 1997. [LAN, 2004] A. Lanitis, C. Draganova, and C. Christodoulou. Comparing Different Classifiers for Automatic Age Estimation. IEEE Transactions on Systems, Man, and Cybernetics, Part B: Cybernetics, 34(1):621–628, February 2004. [LEE, 1991] H. C. Lee and R. E. Gaensslen, Advances in Fingerprint Technology, Elsevier, New York, 1991. [LEE, 1996] Luan Ling Lee. Neural approaches for human signature verification. Proceedings of the Third International Conference on Signal Processing, pages 1346–1349, 1996. [LEE, 1999] Yeuan-Kuen Lee, Ling-Hwei Chen, “An Adaptive Image
Steganographic Model Based on Minimum-Error LSB Replacement”, Proceedings of
9th National Conference on Information Security, Taichung, Taiwan, pp 8-15 ,May
1999.
153
[LEE, 2000] Yeuan-Kuen Lee, Ling-Hwei Chen, “A Secure Robust Image
Steganographic Model”,10th National Conference on Information Security, Hualien,
Taiwan, pp 275-284, May 2000.
[LIE, 2008] Qiming Lie, Muchuan Guo and Ee-Chien Chang. Fuzzy Extractors for Asymmetric Biometric Representations. In IEEE Computer Society Workshop on Biometrics, June 2008. [LIN, 1999] E. T. Lin and E. J. Delp. A review of fragile image watermarks. In Proc. ACM Multimedia and Security Workshop, pages 25-29, 1999. [LIN, 2003] Linnartz, J. a. P. T. (2003). "New shielding functions to enhance privacy and prevent misuse of biometric templates." Proceedings of the 4th International Conference on Audio and Video Based Person Authentication: 393-402. [LIN, 2004] S. Lin and D. J. Costello. Error Control Coding. Pearson Prentice Hall, New Jersey, Second edition, 2004. [LIU, 1979] C. N. Liu, N. M. Herbst, and N. J. Anthony. Automatic signature verification: System description and field test results. IEEE Transactions on Systems, Man, and Cybernetics, 9:35–38, 1979.
[LUM, 2007] A. Lumini and L. Nanni. An improved BioHashing for human authentication. Pattern Recognition, 40(3):1057-1065, March 2007.
[LUX, 2004] X. Luxer and A. K. Jain. Ethnicity Identification from Face Images. In Proceedings of SPIE Conference on Biometric Technology for Human Identification, volume 5404, pages 114–123, April 2004. [MAD, 2008] Madhuban Manuals, Forensic Science Laboratory, Karnal, 2008.
[MAI, 2002] D. Maio, D. Maltoni, R. Cappelli, J. L. Wayman, and A. K. Jain,
“FVC2002: Fingerprint verification competition,” in Proc. Int. Conf. Pattern
Recognition (ICPR), Quebec City, QC, Canada, Aug. 2002, pp. 744–747.
154
[MAI, 2002A] D. Maio, D. Maltoni, R. Cappelli, J. L. Wayman, and A. K. Jain. FVC2002: Second Fingerprint Verification Competition. In Proc. International Conference on Pattern Recognition, pages 811-814, 2002. [MAI, 2004] D. Maio, D. Maltoni, R. Cappelli, J. L. Wayman, and A. K. Jain. FVC2004: Third Fingerprint Verification Competition. In Proc. International Conference on Biometric Authentication (ICBA), pages 1-7, 2004.
[MAI, 2007] E. Maiorana, P. Campisi and A. Neri. Biometric Signature Authentication Using Radon Transform-Based Watermarking Techniques. In Biometric Symposium, 2007.
[MAI, 2008] E. Maiorana, P. Campisi and A. Neri. User Adaptive Fuzzy Commitment for Signature Templates Protection and Renewability. In SPIE Journal of Electronic Imaging, Special Section on Biometrics: Advances in Security, Usability and Interoperability, 2008.
[MAL, 2003] Maltoni D, Maio. D., Jain A.K, and Prabhakar. S, Handbook of Fingerprint Recognition. Springer- Verlag, 2003. [MAN, 2001] R. Manmatha, T. Rath, and F. Feng. Modeling Score Distributions for Combining the Outputs of Search Engines. In Proceedings of Twenty-Fourth International ACM SIGIR Conference on Research and Development in Information Retrieval, pages 267–275, New Orleans, USA, 2001.
[MAR, 2005] Emin Martinian, Sergey Yekhanin and Jonathan S. Yedidia. Secure Biometrics Via Syndromes. In 43rd Annual Allerton Conference on Communications, Control, and Computing, Monticello, IL, October 2005.
[MAT, 2002] T. Matsumoto, H. Matsumoto, K. Yamada, and S. Hoshino. Impact of artificial gummy fingers onfingerprint systems. In Proc. of SPIE, Optical Security and Counterfeit Deterrence Techniques IV, vol. 4677, pages 275-289, 2002. [MEM, 1998] N. Memon and P. W. Wong. Protecting digital media content. Communications of the ACM, 41(7):34-43, July 1998. [MES, 1999] K. Messer, J. Matas, J. Kittler, J. Luettin, and G. Maitre. XM2VTSDB: The Extended M2VTS Database. In Proceedings of Second International Conference on Audio- and Video-Based Biometric Person Authentication (AVBPA), pages 72–77, Washington D.C., U.S.A., March 1999.
155
[MIL,2002] Paul Miller. Analyzing genetic discrimination in the workplace. Human Genome News, 12(1-2), February 2002. [MOG, 2002] B. Moghaddam and M. H. Yang. Learning Gender with Support Faces. IEEE Transactions on Pattern Analysis and Machine Intelligence, 24(5):707–711, May 2002. [MON, 1977] F. Mosteller and J. W. Tukey. Data Analysis and Regression: A Second Course in Statistics. Addison-Wesley, 1977. [MON, 2001] M. Montague and J. A. Aslam. Relevance Score Normalization for Metasearch. In Proceedings of Tenth International Conference on Information and Knowledge Management, pages 427–433, Atlanta, USA, November 2001. [MON, 2001A] F. Monrose, M. K. Reiter, Q. Li, S. Wetzel, “Using voice to generate cryptographic keys: A position paper”, Proc. Of Odyssey 2001, The Speaer Verification Worshop, June 2001. [MON, 2001B] F. Monrose, M. K. Reiter, Q. Li, and S. Wetzel. Cryptographic key generation from voice. In Proc. IEEE Symposium on Security and Privacy, pages 202-213, 2001. [MON, 2002] F. Monrose, M. K. Reiter, Q. Li, D. P. Lopresti, and C. Shih. Towards speech generated cryptographic keys on resource constrained devices. In Proc. 11th USENIX Security Symposium, pages 283-296, 2002. [MOO, 2004] Y. S. Moon, H.W. Yeung, K. C. Chan, and S. O. Chan. Template Synthesis and Image Mosaicking for Fingerprint Registration:An Experimental Study. In Proceedings of International Conference on Acoustic Speech and Signal Processing (ICASSP), volume 5, pages 409–412, Quebec, Canada, May 2004. [NAG 2006] Nagar A, Chaudhury S. Biometrics based Asymmetric Cryptosystem Design Using Modified Fuzzy Vault Scheme. 18th International Conference on Pattern Recognition (ICPR‘06), 2006. ICPR (4) 2006: pp. 537-540.
[NAN, 2007] Karthik Nandakumar, Anil K. Jain and Sharath C. Pankanti. Fingerprint-Based Fuzzy Vault: Implementation and Performance. IEEE Transactions on Information Forensics and Security, 2(4):744-757, 2007.
[NAN, 2008] Karthik Nandakumar, Yi Chen, Sarat C. Dass and Anil K. Jain. Likelihood Ratio Based Biometric Score Fusion. IEEE Transactions on Pattern Analysis and Machine Intelligence, 30(2):2008.
156
[NEI, 1998] Neil F. Johnson, Sushil Jajodia, “Steganalysis of Images Created Using Current Steganography Software”, Lecture Notes in Computer Science, vol 1525, 1998, Springer-Verlag. [PAN, 1999] S. Pankanti and M.M. Yeung, “Verification watermarks on fingerprint recognition and retrieval”, Proc. SPIE EI, vol. 3657, pp. 66-78, 1999. [PEY, 1999] M. Peyravian, S. M. Matyas, A. Roginsky, N. Zunic, “Generating user-based Cryptographic keys and random numbers”, Journal of Computers & Security, Vol 18, No 7, pp 619-626, 1999. [PHI, 2002] P. J. Philips, P. Grother, R. J. Micheals, D. M. Blackburn, E. Tabassi, and J. M. Bone. FRVT2002: Overview and Summary. Available at http://www.frvt.org/FRVT2002/documents.htm. [PLA, 1989] Rejean Plamondon and Guy Lorette. Automatic signature verification and writer identification the state of the art. Pattern Recognition, 22:107–131, 1989. [PRA, 2002] S. Prabhakar and A. K. Jain. Decision-level Fusion in Fingerprint Verification. Pattern Recognition, 35(4):861–874, 2002. [PRA, 2003] S. Prabhakar, S. Pankanti, and A.K. Jain. Biometric recognition: Security & privacy concerns. IEEE Security & Privacy Magazine, 1(2):33–42, March-April 2003. [PUT, 2000] T. Putte and J. Keuning, “Biometrical fingerprint recognition: don’t get your fingers burned”, Proc. IFIP TC8/WG8.8, Fourth Working Conf. Smart Card Research and Adv. App., pp. 289-303, 2000. [RAT, 2000] N. K. Ratha, J. H. Connell, and R. M. Bolle. Secure data hiding in wavelet compressed fingerprint images. In Proc. ACM Multimedia, pages 127-130, 2000. [RAT, 2001] Ratha N, Connell J.H, and Bolle R.M, “An analysis of minutiae matching strength,” in Proc. Audio and Video-based Biometric Person Authentication (AVBPA), pp. 223–228, (Halmstad, Sweden), June 2001. [RAT, 2001A] N. Ratha, J. Connell, and R. bolle, “Enhancing security and privacy in biometrics-based authentication systems,” IBM Systems Journal, vol. 40, no. 3, pp. 614– 634, 2001.
157
[RAT, 2006] N. K. Ratha, J. Connell, R. M. Bolle, and S. Chikkerur: Cancelable
Biometrics: A Case Study in Fingerprints. Proceedings of the 18th International
Conference on Pattern Recognition (ICPR 2006), 20-24 August 2006, Hong Kong,
China. ICPR (4) 2006: 370-373.
[RAT, 2007] Nalini K. Ratha, Sharat Chikkerur, Jonathan H. Connell and Ruud M. Bolle. Generating Cancelable Fingerprint Templates. IEEE Transactions on Pattern Analysis and Machine Intelligence, 29(4):561-572, 2007.
[REI, 2006] R.S. Reillo Judith Liu-Jimenez Michael G. Lorenz Luis Entrena “Improvement in Security Evaluation of Biometric Systems” appears in: Carnahan Conferences Security Technology, Proceedings 2006 40th Annual IEEE International Publication Date: Oct. 2006. [REY, 2005] D. A. Reynolds, W. Campbell, T. Gleason, C. Quillen, D. Sturim, P. Torres- Carrasquillo, and A. Adami. The 2004 MIT Lincoln Laboratory Speaker Recognition System. In Proceedings of IEEE International Conference on Acoustics, Speech, and Signal Processing, Philadelphia, PA, March 2005. [REY, 1996] D. Reynolds. The effect of handset variability on speaker recognition performance: Experiments on the switchboard corpus. Proceedings of the IEEE International Conference on Acoustics, Speech, and Signal Processing, 1:113–116, 1996. [ROG, 2004] Roginsky, A. (2004). A New Method for Generating RSA Keys, International Business Machines Consulting Group. [ROS, 2002] A. Ross and A. K. Jain. Fingerprint Mosaicking. In Proceedings of International Conference on Acoustic Speech and Signal Processing (ICASSP), pages 4064–4067, Florida, U.S.A., May 2002. [ROS, 2003] A. Ross and A. K. Jain. Information Fusion in Biometrics. Pattern Recognition Letters, Special Issue on Multimodal Biometrics, 24(13):2115–2125, 2003.
158
[ROS, 2004] A. Ross and Anil Jain “Biometric Sensor Interoperability: A Case
Study In Fingerprints”, Appeared in Proc. of International ECCV Workshop on
Biometric Authentication (BioAW), May 2004
[ROS, 2004A] A. Ross and A. Jain. Multimodal biometrics: An overview. Proceedings of the 12th European Signal Processing Conference, pages 1221–1224, 2004. [ROS, 2005] Ross. A, Shah J, and Jain A.K, “Towards reconstructing fingerprints from minutiae points,” in Proc. SPIE, Biometric Technology for Human Identification II, vol. 5779, pp. 68–80, (Orlando, FL), March 2005. [ROS, 2005A] A. Ross and R. Govin darajan. Feature Level Fusion Using Hand and Face Biometrics. In Proceedings of of SPIE Conference on Biometric Technology for Human Identification,volume 5779, pages 196–204, Florida, U.S.A., March 2005. [ROS, 2006] A. Ross, J. Shah, and A. K. Jain. Generating fingerprints from minutiae using streamlines. In IEEE Computer Society Conference on Computer Vision and Pattern Recognition (submitted), 2006. [RUG, 1996] Comparison Of Biometric Techniques Prepared By Thomas Ruggles.
[SAV, 2004] M. Savvides, B. Vijaya Kumar and P.K. Khosla. Cancelable biometric filters for face recognition. In Proceedings of the 17th International Conference on Pattern Recognition, ICPR 2004, volume 3. pages 922-925, 2004.
[SAN, 2002] C. Sanderson and K. K. Paliwal. Information Fusion and Person Verification using speech and face information. Research Paper IDIAP-RR 02-33, IDIAP, September 2002. [SCH, 1994] RG van Schyndel, AZ Tirkel, CF Osborne, “A Digital Watermark”,
IEEE International Conference on Image Processing, vol 2 , pp 86-90, Nov 1994.
[SCH, 1999] B. Schneier. The uses and abuses of biometrics. Communications of the ACM, 42(8):136, August 1999.
159
[SCH, 2007] Walter J. Scheirer and Terrance E. Boult. Cracking Fuzzy Vaults and Biometric Encryption. In Biometrics Symposium, 2007.
[SHA, 2002] G.C. Sharp, S.W. Lee, and D.K. Wehe. ICP registration using invariant features. IEEE Transactions on Pattern Analysis and Machine Intelligence, 24(1):90-102, January 2002. [SHA, 2002A] G. Shakhnarovich, P. Viola, and B Moghaddam. A Unified Learning Framework for Real Time Face Detection and Classification. In Proceedings of International Conference on Automatic Face and Gesture Recognition, Washington D.C., USA, May 2002.
[SHA, 2002B] Ronen Shaltiel. Recent Developments in Explicit Constructions of Extractors. Bulletin of the {EATCS}, 77:67-95, 2002.
[SHA, 2008] Shaikh, S.A.; Dimitriadis, C.K. “My fingers are all mine: Five reasons why using biometrics may not be a good idea” Biometrics and Security Technologies, 2008. ISBAST 2008. International Symposium on Volume, Issue, 23-24 April 2008 Page(s):1-5
[SHE, 2005] Shenglin Yang and Ingrid Verbauwhede. Automatic Secure Fingerprint Verification System Based on Fuzzy Vault Scheme. In IEEE Intl. Conf. on Acoustics, Speech, and Signal Processing (ICASSP), pages 609-612, 2005.
[SIM, 1983] GJ Simmons, “The Prisoners’ Problem and the Subliminal Channel”,
Proceedings of Crypto’83, Plenum Press, pp 51-67,1983.
[SIN, 2004] Parvinder Singh, Sudhir Batra, H R Sharma, "Message Hidden in 6th and 7th Bit", Proceedings of International Conference on Controls, Automation and Communication System, Dec. 22-24, 2004, Allied Publishers, ISBN- 81-7764-726-1, pp-281-284 [SIN, 2005] Singh P., Batra Sudhir, Sharma H.R., “Evaluating the Performance of Message Hidden in 1st and 2nd Bit Plane”, WSEAS Transactions on Information Science and Applications”, issue 8, vol 2, Aug 2005, pp 1220-1227. [SNE, 2003] R. Snelick, M. Indovina, J. Yen, and A. Mink. Multimodal Biometrics: Issues in Design and Testing. In Proceedings of Fifth International Conference on Multimodal Interfaces, pages 68–72, Vancouver, Canada, November 2003
160
[SNE, 2005] R. Snelick, U. Uludag, A. Mink, M. Indovina, and A. K. Jain. Large Scale Evaluation of Multimodal Biometric Authentication Using State-of-the-Art Systems. IEEE Transactions on Pattern Analysis and Machine Intelligence, 27(3):450–455, March 2005. [SNE, 2005] R. Snelick, U. Uludag, A. Mink, M. Indovina, and A. K. Jain. Large-scale evaluation of multimodal biometric authentication using state-of-the-art systems. IEEE Transactions on Pattern Analysis and Machine Intelligence, 27(3):450-455, March 2005. [SOU, 1998] C. Soutar, D. Roberge, S. A. Stojanov, R. Gilroy, and B. V. K. Vijaya Kumar. Biometric encryption - enrollment and verification procedures. In Proc. SPIE, Optical Pattern Recognition IX, vol. 3386, pages 24-35, 1998. [SOU, 1998 A] C. Soutar, D. Roberge, A. Stoianov, R. Gilroy and B.V.K. V. Kumar, “BiometricEncryption� using image processing”, Proc. SPIE 3314, 178-188, 1998. [STA, 20043] W. Stallings. Cryptography and Network Security: Principles and Practices. Prentice Hall, New York, Third edition, 2003.
[SUT, 2007] Yagiz Sutcu, Qiming Li and Nasir Memon. Protecting Biometric Templates with Sketch: Theory and Practice. IEEE Transactions on Information Forensics and Security, 2(3):503-512, 2007.
[SUT, 2007A] Yagiz Sutcu, Husrev Taha Sencar and Nasir Memon. A Geometric Transformation to Protect Minutiae-Based Fingerprint Templates. In SPIE International Defense and Security Symposium, 2007.
[SWA, 2005] Danuwat Swangpol and Thanarat ChalidabhongseAutomatic Person Identification using Multiple Cues, June 2-5, KINTEX, Gyeonggi-Do, Korea 2005.
[TAN, 2006] Tanya Ignatenko and Frans Willems. On the security of the xor-method in biometric authentication systems. In International Symposium on Information Theory, pages 197-204, 2006.
[TEO, 2004] A.B.J. Teoh, D.C.L. Ngo and A. Goh. Personalised Cryptographic key generation based on FaceHashing. Computers and Security, 23:606-614, 2004.
161
[TEO, 2005] Andrew B.J. Teoh and David C.L. Ngo. Cancellable biometerics featuring with tokenised random number. Pattern Recognition Letters, 26:1454-1460, 2005.
[TEO, 2006] A.B.J. Teoh, T. Connie and D. Ngo. Remarks on BioHash and Its Mathematical Foundation. Information Processing Letters, 100:145-150, 2006.
[TRI, 2007] V. Viet Triem Tong, H. Sibert, J. Lecoeur and M. Girault. Biometric fuzzy extractors made practical: a proposal based on fingercodes. In International Conference on Biometrics, 2007.
[TUL, 2005] S. Tulyakov, F. Farooq and V. Govindaraju. Symmetric hash functions for fingerprint minutiae. In Lecture Notes in Computer Science, LNCS, 2005.
[TUR, 1991] M. Turk and A. Pentland, “Eigenfaces for recognition,” Journal of Cognitive Neuroscience, vol. 3, no. 1, pp. 71–86, 1991.
[TUY, 2004] P. Tuyls and J. Goseling. Capacity and Examples of Template-Protecting Biometric Authentication Systems. In ECCV Workshop BioAW, pages 158-170, 2004.
[TUY, 2005] P. Tuyls, A.H.M. Akkermans, T.A.M. Kevenaar, G.J. Schrijen, A.M. Bazen and R.N.J. Veldhuis. Practical Biometric Authentication with Template Protection. In AVBPA, pages 436-446, 2005.
[TRU, 1979] G. V. Trunk. A problem of dimensionality: A simple example. IEEE Transactions on Pattern Analysis and Machine Intelligence, PAMI-1(3), July 1979. [UKB, 2003] U.K. Biometric Working Group, “Biometric security concerns,” Technical Report, CESG, September 2003, http://www.cesg.gov.uk/site/ast/biometrics/media/ BiometricSecurityConcerns.pdf. [ULU, 2004] Umut Uludag, Anil K. Jain, Attacks on Biometric Systems: A Case Study in Fingerprints, http://biometrics.cse.msu.edu [ULU, 2003] U. Uludag and A. K. Jain. Multimedia content protection via biometrics-based encryption. In Proc. IEEE Conference on Multimedia & Expo (ICME), pages 237-240, 2003.
162
[ULU, 2004] Uludag U, Pankanti S. , Prabhakar S, and Jain A.K, “Biometric cryptosystems: issues and challenges,” Proceedings of the IEEE, vol. 92, no. 6, pp. 948–960, 2004. [ULU, 2004A] U. Uludag and A. K. Jain, “Attacks on biometric systems: a case study in fingerprints,” in Proc. SPIE, Security, Seganography and Watermarking of Multimedia Contents VI, vol. 5306, pp. 622–633, (San Jose, CA), January 2004. [ULU, 2005] Uludag U, Pankanti S, and Jain A.K, “Fuzzy vault for fingerprints,” AVBPA 2005 : audio and video-based biometric person authentication (Hilton Rye Town NY, 20-22 July 2005). Springer, 20051973, vol. 3546, p.p. 310-319. [VER, 1999] P. Verlinde and G. Cholet. Comparing Decision Fusion Paradigms using k-NN based Classifiers, Decision Trees and Logistic Regression in a Multi-modal Identity Verification Application. In Proceedings of Second International Conference on Audio- and Video-Based Biometric Person Authentication (AVBPA), pages 188–193, Washington D.C., U.S.A., March 1999. [VER 2003] Verbitskiy E, Tuyls P, Denteneer D, and Linnartz J.P. Reliable biometric authentication with privacy protection. In Proc. of the 24th Symp. on Inf. Theory in the Benelux, pp.125–132, Veldhoven, The Netherlands, 2003.
[VIE, 2002] C. Vielhauer, R. Steinmetz and A. Mayerhoefer. Biometric Hash based on Statistical Features of Online Signatures. IEEE International Conference on Pattern Recognition (ICPR), 123-126, 2002.
[VOD 2006] Voderhobli K, Pattinson C, and Donelan.H. A schema for cryptographic keys generation using hybrid biometrics. In: 7th annual postgraduate symposium: The convergence of telecommunications, networking and broadcasting, 26-27 June 2006, Liverpool, UK. [WAN, 2003] Y. Wang, T. Tan, and A. K. Jain. Combining Face and Iris Biometrics for Identity Verification. In Proceedings of Fourth International Conference on Audio- and Video-Based Biometric Person Authentication (AVBPA), pages 805–813, Guildford, U.K., June 2003. [WAY, 1997] J. L. Wayman. Large-scale Civilian Biometric Systems-Issues and Feasibility. In Proceedings of Card Tech / Secur Tech ID, 1997.
163
[WES, 2001] F.Wessel, R. Schluter, K. Macherey, and H. Ney. Confidence Measures for Large Vocabulary Continuous Speech Recognition. IEEE Transactions on Speech and Audio Processing, 9(3):288–298, March 2001. [WIL, 2004] C. Wilson, A. R. Hicklin, H. Korves, B. Ulery, M. Zoepfl, M. Bone, P. Grother, R. J. Micheals, S. Otto, and C. Watson. Fingerprint Vendor Technology Evaluation 2003: Summary of Results and Analysis Report. NIST Internal Report 7123; available at http://fpvte.nist.gov/report/ir_7123_summary.pdf, June 2004. [WOL, 1998] G. Wolberg, “Image Morphing: A Survey,” The Visual Computer 360–372 (1998). [WOO, 1997] J. D. Woodward, Biometrics: Privacy’s foe or privacy’s friend? Proceedings of the IEEE (Special Issue on Automated Biometrics), vol. 85, pp. 1480–1492, September 1997. [WOO, 1997A] K. Woods, K. Bowyer, and W. P. Kegelmeyer. Combination of Multiple Classifiers using Local Accuracy Estimates. IEEE Transactions on Pattern Analysis and Machine Intelligence, 19(4):405–410, April 1997. [WUO, 2001] C. P. Wuo and C. C. J. Kuo. Efficient multimedia encryption via entropy codec design. In Proc. SPIE, vol. 4314, pages 128-138, 2001. [YAN, 2000] Jianxin Yan, Alan Blackwell, Ross Anderson, and Alasdair Grant. The memorability and security of passwords - some empirical results. Technical report, University of Cambridge, 2000. [YAN 2004] Yang S. and Verbauwhede I., “Secure fuzzy vault based fingerprint verification system.” In Thirty-Eighth Asilomar Conference on Signals, Systems, and Computers (2004), v. 1, pp. 577–581, 2004.
[YAN, 2004A] B. Yanikoglu and A. Kholmatov. Combining Multiple Biometrics to Protect Privacy. In ICPR-BCTP Workshop, Cambridge, England, August 2004.
[YAN, 2005] S. Yang and I. Verbauwhede. Automatic securefingerprint verification system based on fuzzy vault scheme. In Proc. IEEE International Conference on Acoustics, Speech, and Signal Processing (ICASSP), pages 609-612, 2005. [YEU, 1999] M. Yeung and S. Pankanti, “Verification watermarks on fingerprint recognition and retrieval,” in Proc. SPIE, Security and Watermarking of Multimedia Contents, vol. 3657, pp. 66–78, (San Jose, USA), January 1999.
164
[YEU, 2004] D. Yeung, H. Chang, Y. Xiong, S. George, R. Kashi, T. Matsumoto, and G. Rigoll. Svc2004: First international signature verification competition. Proceedings of the International Conference on Biometric Authentication, 2004.
[ZHA, 2004] W. Zhang, Y.-J. Chang and T. Chen. Optimal thresholding for key generation based on biometrics. In Intl. Conf. on Image Processing, 2004.