1 / 90

Efficiency and Security Optimization for Fingerprint Biometric System

Efficiency and Security Optimization for Fingerprint Biometric System. By: Chander Kant Under the supervision of Dr. Rajender Nath (Associate Professor) Department of Computer Science & Applications Kurukshetra University, Kurukshetra Department of Computer Science & Applications

dionysus
Télécharger la présentation

Efficiency and Security Optimization for Fingerprint Biometric System

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Efficiency and Security Optimization for Fingerprint Biometric System By: Chander Kant Under the supervision of Dr. Rajender Nath (Associate Professor) Department of Computer Science & Applications Kurukshetra University, Kurukshetra Department of Computer Science & Applications Kurukshetra University, Kurukshetra 2010

  2. Thesis Contributions • Design and development of approaches to protect the Biometric System against imposter attack and making biometric system more secure. • Design and development of approaches to make the biometric system more efficient by reducing their process time.

  3. Introduction Biometric recognition refers to the user authentication by using his different biological features i.e. fingerprint, face, retina, hand geometry, iris (physical traits) and voice, gait, signature, keystrokes (behavioral traits). These traits are called biometric identifiers or simply biometrics. A biometric system may operate either in Verification Mode or in Identification Mode but before the system can be put into verification or identification mode, a system database consisting of biometric templates must be created through to process of enrollment.

  4. Enrollment Process In the enrollment process, user’s initial biometric samples are collected, assessed, processed, and stored for ongoing use in a biometric system

  5. Verification and Identification Process

  6. Verification is a 1:1 matching process, where the user claims an identity and the system verifies whether the user is genuine or not. If the user’s input and the template of the claimed identity have a high degree of similarity, then the claim is accepted as “genuine” otherwise, the claim is rejected and the user is considered as “fraud”. Identification is a 1: N matching process, where the user’s input is compared with the templates of all the persons enrolled in the database and the identity of the person whose template has the highest degree of similarity with the user’s input is processed by the biometric system. If the highest similarity between the input and all the templates is less than a fixed minimum threshold, the system rejects the input, which implies that the user presenting the input is not one among the enrolled users.

  7. Identification Technologies

  8. Fingerprint as Biometrics traits Among all the biometric techniques, fingerprint-based identification is the oldest method, which has been successfully used in numerous applications. Everyone is known to have unique, immutable fingerprints. The uniqueness of a fingerprint can be determined by the pattern of ridges and furrows as well as the minutiae points. A fingerprint is believed to be unique to each person. Fingerprints of even identical twins are different.

  9. Fingerprint Patterns The three basic patterns of fingerprint ridges are the arch, loop, and whorl (a) Arch (b) Loop (c) Whorl

  10. Minutia Points The major Minutia points in fingerprint are: ridge ending, bifurcation, and short ridge or dot. Ridges Ending Ridges Bifurcation Dot

  11. Fingerprint Feature Extraction The fingerprint is basically the combination of ridges and valleys on the surface of the finger. The major steps involved in fingerprint recognition using minutiae matching approach after image acquisition are Image enhancement, Minutiae extraction as shown in figure. Once a high-quality image is captured, there are a several steps required to convert its distinctive features into a compact template. This process is known as feature extraction.

  12. MultibiometricSystem A Multibiometric system uses multiple sensors for data acquisition. It captures multiple samples of a single biometric trait (called multi-sample biometrics) OR Samples of multiple biometric traits (called multi-source or multimodal biometrics). Multibiometric systems promise significant improvement over single biometric systems, for example, higher accuracy and increased resistance to spoofing.

  13. Source of Biometric Information

  14. Soft Biometric Soft biometric traits are those characteristics of human being that provide some information about the individual, but lack of the distinctiveness and permanence to sufficiently differentiate any two individuals. We define soft biometric traits as characteristics that provide some information about the individual, but lack the distinctiveness and permanence to sufficiently differentiate any two individuals. The soft biometric traits can either be continuous (e.g., height and weight) or discrete (e.g., gender, eye color, ethnicity, etc.)

  15. Commonly used Soft biometric traits

  16. Deformations in Biometric Systems Acquiring high-quality images of distinctive fingerprint ridges and minutiae is a complicated task. People with no or few minutiae points (surgeons as they often wash their hands with strong detergents, builders, people with special skin conditions) cannot enroll or use the system. The number of minutiae points can be a limiting factor for security of the algorithm. Results can also be confused by false minutiae points (areas of obfuscation that appear due to low-quality enrollment, imaging, or fingerprint ridge detail). • Cold finger  • Dry/oily finger  • High or low humidity  • Angle of placement  • Pressure of placement  • Cuts to fingerprint 

  17. Hand Geometry Deformations • Jewelry • Change in weight • Bandages • Swelling of joints Deformations in Iris biometrics • Too much movement of head or eye • Glasses Deformations in voice biometric systems • Cold or illness that affects voice • Different enrollment and verification capture devices • Speaking softly • Variation in background noise Deformations in signature Scan • People may not always sign in a consistent manner • Signing too quickly • Different signing positions (e.g., sitting vs. standing)

  18. Literature Survey For the purpose of this thesis, the literature survey covers a period of 1997 to 2008. The literature work on “Efficiency and Security optimization for Fingerprint Biometric System” divided into these areas. • Security issues in Biometric System. • Performance issues in Biometric System.

  19. Comparison of various biometric traits

  20. Biometrics Security Concerns Proposed Work

  21. Threats to Biometrics Modern Burglar

  22. Different attack points in a biometric authentication system

  23. Attack-1 involves presenting a fake biometric (e.g., synthetic fingerprint, face, iris etc.) to the sensor. Attack-2 can be achieved by submitting a previously intercepted biometric data. Attack-3 can happen when feature extractor module is compromised to produce feature values selected by the attacker. Genuine feature values are replaced with the ones selected by the attacker. In Attack-4 the channel between feature extractor module and matcher is hacked and override by duplicated data, thus modified the output of feature extractor module. Attack-5 is achieved by imposing an artificially high score at matching module. Attack-6 happens when there is attack on the template database (e.g., adding a new template, modifying an existing template, removing templates, etc.) Attack-7 belongs to the transmission medium between the template database and matcher is hacked, resulting in the alteration of the transmitted templates. In Attack-8 matcher result (accept or reject) can be overridden by the attacker.

  24. Types of Attacks • In Denial of Service (DoS), an attacker corrupts the authentication system so that legitimate users cannot use it. • In Circumvention, an attacker gains access to the system protected by the authentication application. • In Repudiation, the attacker denies accessing the system • In Contamination (covert acquisition), an attacker can surreptitiously obtain biometric data of legitimate users. • In Collusion, a legitimate user with wide access privileges (e.g., system administrator) is the attacker who illegally modifies the system. • In Coercion, attackers force the legitimate users to access the system (e.g., using a fingerprint to access ATM accounts at a gunpoint).

  25. Improving Security in Biometric Systems Biometric authentication systems can be more convenient for the users since there is no password to be forgotten or key to be lost. In spite their numerous advantages, biometric systems are also vulnerable to attacks, which can decrease their security. To raise the biometric security level three schemes have been proposed, these are: • Securing Data using Biometric Cryptography • Securing Biometric Data Using Steganography • Securing Biometric Data Using Cancelable Biometrics

  26. Hiding Data Using Biometric Cryptography There are various methods that can be deployed to secure a key with a biometric. First one involves remote template matching and key storage. In this method biometric image is captured and compared with a corresponding template. If the user is verified, the key is released. Second method hides the cryptographic key within the enrollment template itself via a secret bit-replacement algorithm. When the user is successfully authenticated, this algorithm extracts the key bits from the appropriate locations and releases the key.

  27. Problems to Generate Biometric Cryptographic Key (i) Key Entropy (strength).Instead of developing simply longer cryptographic keys to resist brute force attacks, a more intelligent approach might be to aggregate features and parameters from an individual in such a way that their correlation generates a key that is much stronger than the individual size of the actual key. (ii) Key Uniqueness. The uniqueness of a biometric key will be determined by the uniqueness of the individual biometric characteristics used in the key. Instead of trying to find a single unique feature, biometric key needs to find only a collection of somewhat unique features or parameters that when assembled collectively create a unique profile for an individual. (iii) Key Stability. A major problem with biometric identification is that individual’s enrollment template and sample template, which can vary from session to session. This variation can occur for a number of reasons including different environments (e.g. lighting, orientation, emotional state) or physical changes (e.g. facial hair, glasses, cuts).

  28. Methods to Secure Biometric Key There are various methods that can be deployed to secure a key with a biometric One method that involves remote template matching and key storage is that the biometric image is captured and the corresponding template is sent to a secure location for template comparison. If the user is verified, then the key is released from the secure location. In this scenario, the communication line must also be secured to avoid spoof attacks. Second method that involves hiding the cryptographic key within the enrollment template itself via a trusted (secret) bit-replacement algorithm [LIN, 2003]. Upon successful authentication by the user, this trusted algorithm would simply extract the key bits from the appropriate locations and release the key into the system.

  29. Traditional Cryptography

  30. Biometric Cryptography

  31. Advantages of Biometric Encryption • Biometrics Encryption Technologies can enhance both privacy and security as discussed below: • (i) No preservation of biometric image or template • (ii) Multiple / cancelable / revocable identifiers • (iii) Greater public confidence, acceptance, and use • (iv) Suitable for large-scale applications

  32. Hiding Biometric data using Steganography Steganography is a technique to hide the message in digital objects such as image, video, music or any other computer file. Digital images are more attractive for steganography purpose since these contain a significant amount of data and can be modified slightly without leading to visible artifacts. The goal of steganography is to hide a secret message, which is transmitted between two or more communication partners in a way to ensure confidentiality and integrity.

  33. Steganography plays an important role to enhance the integrity and security of biometric templates. Biometric cryptosystems can also contribute to template security (as discussed in section 3.2) by supporting biometric matching in secure cryptographic domains. In case of cryptography the ‘key’ can be guessed sometime easily but steganography has no separate key to be hacked, the key is embedded in the template itself.

  34. Steganography in Biometrics

  35. LSB Insertion method of Steganography The simplest approach to hiding data within an image file is called least significant bit (LSB) insertion. In this method, one can take the binary representation of the hidden_data and overwrite the LSB of each byte within the cover_image. In 24-bit color, the amount of change will be minimal and indiscernible to the human eye. As an example, suppose that there are three adjacent pixels (nine bytes) with the following RGB encoding: 11110101 11001101 10101001 10100110 11001111 11001010 10101111 00010011 11001000 Now suppose we want to "hide" the following 9 bits of data (the hidden data is usually compressed prior to being hidden): 101101110. If we overlay these 9 bits over the LSB of the 9 bytes above, we get the following (where bits in bold have been changed) 11110101 11001100 10101001 10100111 11001110 11001011 10101111 00010011 11001000 Note that we have successfully hidden 9 bits but at a cost of only changing 4 bits i.e. roughly 50%, of the 9 LSBs.

  36. Advantages of LSB insertion • If message bit is same as the pixel’s least significant bit then no change at all is required for that pixel value. • If pixel value is different from message bit then effective change in pixel value is either +1 or –1. The +1 or –1 change in pixel value is invisible to human eye. Limitations of LSB insertion • The message can be easily removed by unauthorized person (intruder) as message is in least significant bit. • As message is hidden in least significant bit so intruder can modify the least significant bits of all the image pixels.

  37. How to Apply Steganography in Biometrics Algorithm for insertion of message bit ‘b’. (i) Find pseudo-random location ‘L’ in an image from the secret key to insert the message bit b. (ii) Check whether at location ‘L’, pixel value is 00000000 or 11111111, called boundary values. If yes, ignore this location and go to step (i). Here we are ignoring these boundary values because the change may be +2 or -2 in pixel values, which is to be avoided. (iii) Check whether at location ‘L’ a) 6th and 7th bits are b, b? If yes, then no change at ‘L’ is required. Message bit is already there. Go to End. b) 6th and 7th bit are b, b or b, b? If yes, then see that whether it is possible to make 6th and 7th bits as b, b by adding or subtracting 1 to pixel value?. If yes, do it and go to End. Otherwise ignore the location ‘l’ and go to step (i). c) 6th and 7th bits are b, b? If yes, then see whether it is possible to make 6th and 7th bits to b, b by adding or subtracting 1? If yes, do it and go to End. Otherwise change them to b, b or b, b by adding or subtracting 1 and go to (i). (iv) End.

  38. Algorithm for retrieval of message bit ‘b’ (i) Trace out the location ‘L’ from the same secret key as used in insertion algorithm. (ii) Pixel value is equal to one of the boundary values, i.e., 00000000 or 11111111? If yes, then it is invalid address. Go to step (i). (iii) Check whether at location ‘L’ a) 6th and 7th bits are different, i.e., b, b or b, b? If yes, then it is invalid address go to step (i). b) 6th and 7th bits are same i.e. b, b then b is the message bit. (iv) End.

  39. working of the first algorithm for insertion of bits 0

  40. working of the first algorithm for insertion of bits 1

  41. By using the algorithm discussed above, one can hide the secret data in the host image and generate a secret template. Steganography plays an important role to enhance the integrity and security of biometric templates. Steganography has no separate key to be hacked, the key is embedded in the template itself. Further, when the amount of available memory increases, there is a tendency to store more information in the template. This increases the risks associated with template misuse. As a result, the issue of template security and integrity continues to cause several challenges, and it is necessary that further research be conducted in this direction.

  42. Securing Biometric data using Cancelable Biometric When the biometric data are compromised, replacement is not possible. In order to alleviate this problem, here comes the concept of “cancelable biometrics” is introduced. It consists of an intentional, repeatable distortion of a biometric signal based on a chosen transform. The biometric signal is distorted in the same fashion at each presentation, for enrollment and for every authentication. With this approach, every instance of enrollment can use a different transform thus rendering cross-matching impossible. Furthermore, if one variant of the transformed biometric data is compromised, then the transform-function can simply be changed to create a new variant for re-enrollment as a new person.

  43. Cancelable Biometrics This is a method of enhancing the security and privacy of biometric authentication. Instead of enrolling with a true finger (or other biometric), the fingerprint is intentionally distorted in a repeatable manner and this new print is used. If, for some reason, the old fingerprint is stolen then an essentially a new fingerprint can be issued by simply changing the parameters of the distortion process. This also results in enhanced privacy for the user; since the true fingerprint is never used anywhere and also different distortions can be used for different types of accounts. The same technique can also be used with other biometrics to achieve similar benefits.

  44. Image morphing using Cancelable Biometric

  45. Let D and T be the representation of the Database Template and Synthetic Template respectively. Each minutia may be described by a number of attributes, including its location in the fingerprint image, orientation, type etc. Most common minutiae matching algorithms consider each minutiae as a triplet m={x,y,θ} that indicates the minutiae location coordinates and the minutiae angle θ. • D= {m1,m2,…….mn} mi = {xi,yi,θi} i= 1….m • T= { m’1,m’2,…….m’n } mj = {x’j,y’j,θ’j} j= 1….n • Where m and n denotes the number of minutiae in D and T respectively. • Di : The database template corresponding to user i , i =1, 2,3,....N , where N is the total number of users registered in the system. It is assumed that the attacking system knows the format of this template, but it cannot access the template itself. • Tij : The jth synthetic template generated by the attacking system for user i. This template has the same format as database templates; it can be represented as S (Di, Tij): The matching score between Di and Tij. • Sthreshold : The decision threshold used by the matcher. Two templates will be considered as matched if their matching score meet this value.

  46. Attack Algorithm • For attacking a specific user account, the attacking system must follow the following five steps: • Step 1 (Initial guessing): Generate a fixed number of synthetic templates (Ti1, Ti2, Ti3 ……… Ti100). • Step 2 (Try initial guesses): accumulate the corresponding matching scores [S(Di ,Ti1), S(Di ,Ti2 ), S(Di ,Ti3 ),..., S(Di ,Ti100)] for user i. • Step 3 (Pick the best initial guess): Declare the best guess Tibest to be the template resulting in the highest matching score. • Step 4: Modify Tibest by adding a new minutia, replacing an existing minutia. If for any one of these attempts, the matching score is larger than previous Sbest(Di) declare the modified template as Tibest , and update Sbest(Di) accordingly. • Step 5 (Obtaining result): If the current best score is accepted by the matcher (namely, Sbest(Di) SThreshold ), stop the attack.

  47. Proposed Work: Protection of Biometric Template • The proposed algorithm of attack works on the basis of cancelable technique. Here we will not store the templates in database in original; rather these will be stored after applying some hashing. The above discussed algorithm of attack will be successful if we store our template Di in database without any change. But, if we apply cancelable biometrics and store our template Di in database such that all Di in database are not in original form, rather they are mutants only. Such that if D is database templates as follows: • D= {m1,m2,…….mn} mi = {xi,yi,θi} i= 1….m • Then their mutants D’ = H(D) will be stored in database instead of actual D. • D’= {m’1,m’2,…….m’n} mi = {Xi,Yi,φi} i= 1….m • Where X = H(x) Y= H (y) and φ = H (θ)

  48. H is hashing function corresponds to any transformation applied to actual Templates as shown in figure3.7 above. It is also true that there will be no math between actual template and its mutant (those are actually stored). If we calculate Spatial Distance (Sd) and direction difference (Dd) that will not be below r0 and θ0 or we can write as • Sd(m’1, m1)= sqrt [(Xi - xi )2 + (Yi - yi )2 ] < r0----------------(1) Similarly • Dd(m’1, m1) < θ0 ----------------(2) Now let’s apply the Algorithm-1 to find the best match between existing templates. Keeping in mind that now instead of D, D’ are stored in database. Suppose the algorithm declares the D’i as best match due to its score level Sbest(D’i). • Since Spatial Distance (Sd) and direction difference (Dd) of D and D’ does not match (From equation 1 & 2 above). No doubt the synthetic templates T and Database Templates D will not match and similarly from equations (1) and (2). • Spatial Distance = Sd(Tm’1, Dm1) = sqrt [(Xi – x’i )2 + (Yi – y’i )2 ] < r0 • and • Direction difference = Dd(Tm’1, Dm1) < θ0

  49. Blocks in the original image are subsequently scrambled

More Related