Efficiency and Security Optimization for Fingerprint Biometric System

By: Chander Kant

Under the supervision of

Dr. Rajender Nath (Associate Professor) Department of Computer Science & Applications Kurukshetra University, Kurukshetra

Department of Computer Science & Applications Kurukshetra University, Kurukshetra 2010

Thesis Contributions
Design and development of approaches to protect the Biometric System against imposter attack and making biometric system more secure. Design and development of approaches to make the biometric system more efficient by reducing their process time.

Introduction
Biometric recognition refers to the user authentication by using his different biological features i.e. fingerprint, face, retina, hand geometry, iris (physical traits) and voice, gait, signature, keystrokes (behavioral traits). These traits are called biometric identifiers or simply biometrics. A biometric system may operate either in Verification Mode or in Identification Mode but before the system can be put into verification or identification mode, a system database consisting of biometric templates must be created through to process of enrollment.

Enrollment Process

In the enrollment process, users initial biometric samples are collected, assessed, processed, and stored for ongoing use in a biometric system

Verification and Identification Process

Verification is a 1:1 matching process, where the user claims an identity and the system verifies whether the user is genuine or not. If the users input and the template of the claimed identity have a high degree of similarity, then the claim is accepted as genuine otherwise, the claim is rejected and the user is considered as fraud. Identification is a 1: N matching process, where the users input is compared with the templates of all the persons enrolled in the database and the identity of the person whose template has the highest degree of similarity with the users input is processed by the biometric system. If the highest similarity between the input and all the templates is less than a fixed minimum threshold, the system rejects the input, which implies that the user presenting the input is not one among the enrolled users.

Identification Technologies
Methods What we Know What we have What we are Examples Problems

Password, PIN, ID Forgotten, Shared, easy to guess Key, Cards, etc Fingerprint, Face, Iris Lost or Stolen, Can be duplicated Non-Repudiable authentication

Fingerprint as Biometrics traits

Among all the biometric techniques, fingerprint-based identification is the oldest method, which has been successfully used in numerous applications. Everyone is known to have unique, immutable fingerprints. The uniqueness of a fingerprint can be determined by the pattern of ridges and furrows as well as the minutiae points. A fingerprint is believed to be unique to each person. Fingerprints of even identical twins are different.

Fingerprint Patterns
The three basic patterns of fingerprint ridges are the arch, loop, and whorl

(a) Arch

(b) Loop

(c) Whorl

Minutia Points
The major Minutia points in fingerprint are: ridge ending, bifurcation, and short ridge or dot.

Ridges Ending

Ridges Bifurcation

Dot

10

Fingerprint Feature Extraction

The fingerprint is basically the combination of ridges and valleys on the surface of the finger. The major steps involved in fingerprint recognition using minutiae matching approach after image acquisition are Image enhancement, Minutiae extraction as shown in figure. Once a high-quality image is captured, there are a several steps required to convert its distinctive features into a compact template. This process is known as feature extraction.

11

Multibiometric System
A Multibiometric system uses multiple sensors for data acquisition. It captures multiple samples of a single biometric trait (called multisample biometrics) OR Samples of multiple biometric traits (called multi-source or multimodal biometrics). Multibiometric systems promise significant improvement over single biometric systems, for example, higher accuracy and increased resistance to spoofing.

12

Source of Biometric Information

13

Soft Biometric
Soft biometric traits are those characteristics of human being that provide some information about the individual, but lack of the distinctiveness and permanence to sufficiently differentiate any two individuals. We define soft biometric traits as characteristics that provide some information about the individual, but lack the distinctiveness and permanence to sufficiently differentiate any two individuals. The soft biometric traits can either be continuous (e.g., height and weight) or discrete (e.g., gender, eye color, ethnicity, etc.)

14

Commonly used Soft biometric traits

15

Deformations in Biometric Systems

Acquiring high-quality images of distinctive fingerprint ridges and minutiae is a complicated task. People with no or few minutiae points (surgeons as they often wash their hands with strong detergents, builders, people with special skin conditions) cannot enroll or use the system. The number of minutiae points can be a limiting factor for security of the algorithm. Results can also be confused by false minutiae points (areas of obfuscation that appear due to low-quality enrollment, imaging, or fingerprint ridge detail). Cold finger Dry/oily finger High or low humidity Angle of placement Pressure of placement Cuts to fingerprint

16

Hand Geometry Deformations Jewelry Change in weight Bandages Swelling of joints Deformations in Iris biometrics Too much movement of head or eye Glasses Deformations in voice biometric systems Cold or illness that affects voice Different enrollment and verification capture devices Speaking softly Variation in background noise Deformations in signature Scan People may not always sign in a consistent manner Signing too quickly Different signing positions (e.g., sitting vs. standing)
17

Literature Survey
For the purpose of this thesis, the literature survey covers a period of 1997 to 2008. The literature work on Efficiency and Security optimization for Fingerprint Biometric System divided into these areas. Security issues in Biometric System. Performance issues in Biometric System.

18

Biometrics

Universality

Uniqueness

Permanence

Collect ability
H M H

Performance

AcceptabCircumvention lity
H M M L H M

Face Fingerprint Hand geometry Keystrokes Hand veins Iris Retinal scan Signature Voice Face Odor DNA Gait Ear Canal

H M M

L H M

M H M

L H M

L M H H L M H H H M M

L M H H L L H H H L M

L M H M L L L H H L H

M M M L H M H L L H M

L M H H L L M L H L M

M M L L H H H M L H H

M H H H L L H L L M M

19

Comparison of various biometric traits

Proposed Work
Biometrics Security Concerns

20

Threats to Biometrics

Modern Burglar
21

Different attack points in a biometric authentication system

22

Attack-1 involves presenting a fake biometric (e.g., synthetic fingerprint, face, iris etc.) to the sensor. Attack-2 can be achieved by submitting a previously intercepted biometric data. Attack-3 can happen when feature extractor module is compromised to produce feature values selected by the attacker. Genuine feature values are replaced with the ones selected by the attacker. In Attack-4 the channel between feature extractor module and matcher is hacked and override by duplicated data, thus modified the output of feature extractor module. Attack-5 is achieved by imposing an artificially high score at matching module. Attack-6 happens when there is attack on the template database (e.g., adding a new template, modifying an existing template, removing templates, etc.) Attack-7 belongs to the transmission medium between the template database and matcher is hacked, resulting in the alteration of the transmitted templates. In Attack-8 matcher result (accept or reject) can be overridden by the attacker.
23

Types of Attacks
In Denial of Service (DoS), an attacker corrupts the authentication system so that legitimate users cannot use it. In Circumvention, an attacker gains access to the system protected by the authentication application. In Repudiation, the attacker denies accessing the system In Contamination (covert acquisition), an attacker can surreptitiously obtain biometric data of legitimate users. In Collusion, a legitimate user with wide access privileges (e.g., system administrator) is the attacker who illegally modifies the system. In Coercion, attackers force the legitimate users to access the system (e.g., using a fingerprint to access ATM accounts at a gunpoint).

24

Improving Security in Biometric Systems

Biometric authentication systems can be more convenient for the users since there is no password to be forgotten or key to be lost. In spite their numerous advantages, biometric systems are also vulnerable to attacks, which can decrease their security. To raise the biometric security level three schemes have been proposed, these are: Securing Data using Biometric Cryptography Securing Biometric Data Using Steganography Securing Biometric Data Using Cancelable Biometrics

25

Hiding Data Using Biometric Cryptography

There are various methods that can be deployed to secure a key with a biometric. First one involves remote template matching and key storage. In this method biometric image is captured and compared with a corresponding template. If the user is verified, the key is released. Second method hides the cryptographic key within the enrollment template itself via a secret bit-replacement algorithm. When the user is successfully authenticated, this algorithm extracts the key bits from the appropriate locations and releases the key.

26

Problems to Generate Biometric Cryptographic Key

(i) Key Entropy (strength). Instead of developing simply longer cryptographic keys to resist brute force attacks, a more intelligent approach might be to aggregate features and parameters from an individual in such a way that their correlation generates a key that is much stronger than the individual size of the actual key. (ii) Key Uniqueness. The uniqueness of a biometric key will be determined by the uniqueness of the individual biometric characteristics used in the key. Instead of trying to find a single unique feature, biometric key needs to find only a collection of somewhat unique features or parameters that when assembled collectively create a unique profile for an individual. (iii) Key Stability. A major problem with biometric identification is that individuals enrollment template and sample template, which can vary from session to session. This variation can occur for a number of reasons including different environments (e.g. lighting, orientation, emotional state) or physical changes (e.g. facial hair, glasses, cuts). 27

Methods to Secure Biometric Key

There are various methods that can be deployed to secure a key with a biometric One method that involves remote template matching and key storage is that the biometric image is captured and the corresponding template is sent to a secure location for template comparison. If the user is verified, then the key is released from the secure location. In this scenario, the communication line must also be secured to avoid spoof attacks. Second method that involves hiding the cryptographic key within the enrollment template itself via a trusted (secret) bit-replacement algorithm [LIN, 2003]. Upon successful authentication by the user, this trusted algorithm would simply extract the key bits from the appropriate locations and release the key into the system.

28

Traditional Cryptography

29

Biometric Cryptography

30

31

Advantages of Biometric Encryption

Biometrics Encryption Technologies can enhance both privacy and security as discussed below: (i) No preservation of biometric image or template (ii) Multiple / cancelable / revocable identifiers (iii) Greater public confidence, acceptance, and use (iv) Suitable for large-scale applications

32

Hiding Biometric data using Steganography

Steganography is a technique to hide the message in digital objects such as image, video, music or any other computer file. Digital images are more attractive for steganography purpose since these contain a significant amount of data and can be modified slightly without leading to visible artifacts. The goal of steganography is to hide a secret message, which is transmitted between two or more communication partners in a way to ensure confidentiality and integrity.

33

Steganography plays an important role to enhance the integrity and security of biometric templates. Biometric cryptosystems can also contribute to template security (as discussed in section 3.2) by supporting biometric matching in secure cryptographic domains. In case of cryptography the key can be guessed sometime easily but steganography has no separate key to be hacked, the key is embedded in the template itself.

34

Steganography in Biometrics

35

LSB Insertion method of Steganography The simplest approach to hiding data within an image file is called least significant bit (LSB) insertion. In this method, one can take the binary representation of the hidden_data and overwrite the LSB of each byte within the cover_image. In 24-bit color, the amount of change will be minimal and indiscernible to the human eye. As an example, suppose that there are three adjacent pixels (nine bytes) with the following RGB encoding:
11110101 11001101 10101001 10100110 11001111 11001010 10101111 00010011 11001000

Now suppose we want to "hide" the following 9 bits of data (the hidden data is usually compressed prior to being hidden): 101101110. If we overlay these 9 bits over the LSB of the 9 bytes above, we get the following (where bits in bold have been changed) 11110101 11001100 10101001 10100111 11001110 11001011 10101111 00010011 11001000 Note that we have successfully hidden 9 bits but at a cost of only 36 changing 4 bits i.e. roughly 50%, of the 9 LSBs.

Advantages of LSB insertion If message bit is same as the pixels least significant bit then no change at all is required for that pixel value. If pixel value is different from message bit then effective change in pixel value is either +1 or 1. The +1 or 1 change in pixel value is invisible to human eye.

Limitations of LSB insertion The message can be easily removed by unauthorized person (intruder) as message is in least significant bit. As message is hidden in least significant bit so intruder can modify the least significant bits of all the image pixels.

37

How to Apply Steganography in Biometrics Algorithm for insertion of message bit b. (i) Find pseudo-random location L in an image from the secret key to insert the message bit b. (ii) Check whether at location L, pixel value is 00000000 or 11111111, called boundary values. If yes, ignore this location and go to step (i). Here we are ignoring these boundary values because the change may be +2 or -2 in pixel values, which is to be avoided. (iii) Check whether at location L a) 6th and 7th bits are b, b? If yes, then no change at L is required. Message bit is already there. Go to End. b) 6th and 7th bit are b, b or b, b? If yes, then see that whether it is possible to make 6th and 7th bits as b, b by adding or subtracting 1 to pixel value?. If yes, do it and go to End. Otherwise ignore the location l and go to step (i). c) 6th and 7th bits are b, b? If yes, then see whether it is possible to make 6th and 7th bits to b, b by adding or subtracting 1? If yes, do it and go to End. Otherwise change them to b, b or b, b by adding or subtracting 1 and go to (i). (iv) End.
38

Algorithm for retrieval of message bit b

(i) Trace out the location L from the same secret key as used in insertion algorithm. (ii) Pixel value is equal to one of the boundary values, i.e., 00000000 or 11111111? If yes, then it is invalid address. Go to step (i). (iii) Check whether at location L a) 6th and 7th bits are different, i.e., b, b or b, b? If yes, then it is invalid address go to step (i). b) 6th and 7th bits are same i.e. b, b then b is the message bit. (iv) End.

39

Decimal Value 0 1

Pixel Value before Insertion 00000000 00000001 00000010 00000011 00000100 00000101 00000110 00000111 00001000 ~ 00001111 00010000 ~ 00011111 00100000 ~ 00111111 01000000 ~ 01111111 10000000 ~ 11111111

Pixel Value after Insertion of 0 00000000 00000001 00000001 00000011 00000100 00000101 00000101 00001000 00001000 ~ 00010000 00010000 ~ 00100000 00100000 ~ 01000000 01000000 ~ 10000000 10000000 ~ 11111111

Change in Pixel Value and Comment for Insertion of 0 BV*,NC**, ignore*** NC, insert**** -1*****, insert NC, ignore NC, ignore NC, ignore -1, ignore +1******, insert NC, insert ~ +1, insert NC, insert ~ +1. insert NC, insert ~ +1, insert NC, insert ~ +1, insert NC, insert ~ BV,NC, ignore

working of the first algorithm for insertion of bits 0

2 3 4 5 6 7 8 ~ 15 16 ~ 31 32 ~ 63 64 ~ 127 128 ~ 255

40

Decimal Value

Pixel Value before Insertion

Pixel Value after Insertion of 1

working of the first algorithm for insertion of bits 1

Change in Pixel Value and Comment for Insertion of 1

0 1 2 3 4 5 6 7 8 ~ 15 16 ~ 31 32 ~ 63 64 ~ 127 128 ~ 255

00000000 00000001 00000010 00000011 00000100 00000101 00000110 00000111 00001000 ~ 00001111 00010000 ~ 00011111 00100000 ~ 00111111 01000000 ~ 01111111 10000000 ~ 11111111

00000000 00000010 00000010 00000011 00000100 00000110 00000110 00000111 00000111 ~ 00001111 00001111 ~ 00011111 00011111 ~ 00111111 00111111 ~ 01111111 01111111 ~ 11111111

BV,NC, ignore +1, ignore NC, ignore NC, ignore NC, ignore +1, insert NC, insert NC, insert -1, insert ~ NC, insert -1, insert ~ NC, insert -1, insert ~ NC, insert -1, insert ~ NC, insert -1, insert ~ BV,NC, ignore

41

By using the algorithm discussed above, one can hide the secret data in the host image and generate a secret template. Steganography plays an important role to enhance the integrity and security of biometric templates. Steganography has no separate key to be hacked, the key is embedded in the template itself. Further, when the amount of available memory increases, there is a tendency to store more information in the template. This increases the risks associated with template misuse. As a result, the issue of template security and integrity continues to cause several challenges, and it is necessary that further research be conducted in this direction.

42

Securing Biometric data using Cancelable Biometric

When the biometric data are compromised, replacement is not possible. In order to alleviate this problem, here comes the concept of cancelable biometrics is introduced. It consists of an intentional, repeatable distortion of a biometric signal based on a chosen transform. The biometric signal is distorted in the same fashion at each presentation, for enrollment and for every authentication. With this approach, every instance of enrollment can use a different transform thus rendering cross-matching impossible. Furthermore, if one variant of the transformed biometric data is compromised, then the transformfunction can simply be changed to create a new variant for reenrollment as a new person.

43

Cancelable Biometrics
This is a method of enhancing the security and privacy of biometric authentication. Instead of enrolling with a true finger (or other biometric), the fingerprint is intentionally distorted in a repeatable manner and this new print is used. If, for some reason, the old fingerprint is stolen then an essentially a new fingerprint can be issued by simply changing the parameters of the distortion process. This also results in enhanced privacy for the user; since the true fingerprint is never used anywhere and also different distortions can be used for different types of accounts. The same technique can also be used with other biometrics to achieve similar benefits.

44

Image morphing using Cancelable Biometric

45

 Let D and T be the representation of the Database Template and Synthetic Template respectively. Each minutia may be described by a number of attributes, including its location in the fingerprint image, orientation, type etc. Most common minutiae matching algorithms consider each minutiae as a triplet m={x,y,} that indicates the minutiae location coordinates and the minutiae angle . D= {m1,m2,.mn} mi = {xi,yi,i} i= 1.m T= { m1,m2,.mn } mj = {xj,yj,j} j= 1.n Where m and n denotes the number of minutiae in D and T respectively. Di : The database template corresponding to user i , i =1, 2,3,....N , where N is the total number of users registered in the system. It is assumed that the attacking system knows the format of this template, but it cannot access the template itself. Tij : The jth synthetic template generated by the attacking system for user i. This template has the same format as database templates; it can be represented as S (Di, Tij): The matching score between Di and Tij. Sthreshold : The decision threshold used by the matcher. Two templates will be considered as matched if their matching score meet this value.
46

Attack Algorithm For attacking a specific user account, the attacking system must follow the following five steps: Step 1 (Initial guessing): Generate a fixed number of synthetic templates (Ti1, Ti2, Ti3 Ti100). Step 2 (Try initial guesses): accumulate the corresponding matching scores [S(Di ,Ti1), S(Di ,Ti2 ), S(Di ,Ti3 ),..., S(Di ,Ti100)] for user i. Step 3 (Pick the best initial guess): Declare the best guess Tibest to be the template resulting in the highest matching score. Step 4: Modify Tibest by adding a new minutia, replacing an existing minutia. If for any one of these attempts, the matching score is larger than previous Sbest(Di) declare the modified template as Tibest , and update Sbest(Di) accordingly. Step 5 (Obtaining result): If the current best score is accepted by the matcher (namely, Sbest(Di) SThreshold ), stop the attack.

47

Proposed Work: Protection of Biometric Template The proposed algorithm of attack works on the basis of cancelable technique. Here we will not store the templates in database in original; rather these will be stored after applying some hashing. The above discussed algorithm of attack will be successful if we store our template Di in database without any change. But, if we apply cancelable biometrics and store our template Di in database such that all Di in database are not in original form, rather they are mutants only. Such that if D is database templates as follows: D= {m1,m2,.mn} mi = {xi,yi,i} i= 1.m Then their mutants D = H(D) will be stored in database instead of actual D. D= {m1,m2,.mn} mi = {Xi,Yi,i} i= 1.m Where X = H(x) Y= H (y) and = H ()

48

H is hashing function corresponds to any transformation applied to actual Templates as shown in figure3.7 above. It is also true that there will be no math between actual template and its mutant (those are actually stored). If we calculate Spatial Distance (Sd) and direction difference (Dd) that will not be below r0 and 0 or we can write as Sd(m1, m1)= sqrt [(Xi - xi )2 + (Yi - yi )2 ] < r0----------------(1) Similarly Dd(m1, m1) < 0 ----------------(2) Now lets apply the Algorithm-1 to find the best match between existing templates. Keeping in mind that now instead of D, D are stored in database. Suppose the algorithm declares the Di as best match due to its score level Sbest(Di).
Since Spatial Distance (Sd) and direction difference (Dd) of D and D does not match (From equation 1 & 2 above). No doubt the synthetic templates T and Database Templates D will not match and similarly from equations (1) and (2). Spatial Distance = Sd(Tm1, Dm1) = sqrt [(Xi xi )2 + (Yi yi )2 ] < r0 and Direction difference = Dd(Tm1, Dm1) < 0

49

Blocks in the original image are subsequently scrambled

50

With this approach, only mutants will be stolen and original templates are quite safe. We can further alter D to D by some another hashing function (say W) in future whenever required. In this way the cancelable biometrics helps a lot in safekeeping our templates in database. Cancellation simply requires the specification of a new distortion transform. Privacy is enhanced because different distortions can be used for different services and the true biometrics are always safe. In addition, such distorted biometrics cannot be used for searching legacy databases and will thus ease some privacy violation concerns. A single template protection approach may not be sufficient to meet all the application requirements. Hence, hybrid schemes that make use of the advantages of the different template protection approaches must be developed.

51

Biometrics System Efficiency Concerns

52

Making Biometric Systems More Efficient

Here we have proposed three different techniques to improve the efficiency of the biometric systems. The Henry finger print classification scheme, which classifies the fingerprints in the database according to their relative Primary Grouping Ratio (PGR) values has several limitations such as (i) it works only when both palm-prints of person are available; (ii) it can not work when intruder has made some trick while enrolling his palm-print to system, for instance, he can change the normal order of his fingers on the sensor; (iii) a huge amount of computer memory is required to store fingerprints of both hands.

53

Reducing Process-Time for Fingerprint Identification System

After having the fingerprint image preprocessed, the feature extraction block extracts the minutiae points from template and then the extracted minutiae point undergoes with a matching process to match with the stored database Templates and finally identify the person if it is in system database. The database of biometric system plays very important role in identification process as all the templates are stored in it. The system performance also depends on the architecture of system database that is the way templates are stored there in. The system performance decreases, if templates are stored randomly as compared with if templates are stored in a particular manner. To store the templates in a proper way, Sir Henry has given a classification scheme. The following section highlights the Henry classification scheme.

54

Existing Fingerprint Identification system

55

Henry Classification Scheme

The Henry classification scheme allows for logical categorization of fingerprint records into Primary Group Ratio (PGR) based on fingerprint pattern types. To find the PGR values, Henry classification scheme assigns each finger a number according to the order in which it is located in the hand, beginning with the right thumb as number 1 and ending with the left pinky/little as number 10 as shown in Table.
R Thumb Finger Number Value (If Whorl) 1 16 R Index 2 16 whorl 16 R Middle 3 8 arch 0 R Ring 4 8 arch 0 R Pinky 5 4 Loop 0 L Thumb 6 4 arch 0 L Index 7 2 loop 0 L Middle 8 2 whorl 2 L Ring 9 1 loop 0 L Pinky 10 1 arch 0

Pattern Type loop Finger Value 0

56

Palm prints of a single person

57

According to the Henry classification scheme, fingerprints are stored in the database with their relative PGR values. The fingerprint Primary Group Ratio is determined by calculating the ratio of one plus the sum of the values of the whorl-patterned, even-numbered fingers; divided by one plus the sum of the values of the whorl-patterned, oddnumbered fingers. Mathematically the formula can be written as:

Primary Grouping Ratio (PGR) =

1+ (Sum of EVEN, whorled, finger values) 1+ (Sum of ODD, whorled finger value)

58

To illustrate the computation of PGR values, consider an individual having a fingerprint record with a LWAALALWLA pattern series (where L stands for Loop, W stands for Whorl and A stands for Arch). The series begins with Finger 1 (i.e. right thumb) and ending with Finger 10 (i.e. left pinky finger). By referring to table 4.1 the weights of even finger having whorl pattern are 16 and 2 (which have been shown as bold in Table 4.1). Further no odd finger has whorl pattern in the given series, hence the sum of its value is nil.

PGR=
1+ (Sum of EVEN, whorled, finger values) 1+ (16+2) 19 __________________________________ = _______ = __ 1+ (Sum of ODD, whorled finger value) 1+ (0) 1

59

Therefore, this individual belongs to the 19:1 primary group. This PGR ratio is always treated as 19/1 not 19, as PGR contains both numerator and denominator. In case an individual does not have any whorlpatterned fingerprints, his classification ratio, or primary group, would be 1:1. On the other hand if an individual having all ten fingerprints containing a whorl pattern, his classification ratio would be 31:31. Henry classification scheme reduce the effort to search a large templates of database, as fingerprints are now stored with their respective PGR values. However Henry classification scheme has some limitations as given below: (i) Henry classification scheme work, only when both palm-prints of person are stored in database. The scheme could not work with single fingerprint template. (ii) The problem can also arise if the criminal as made some trick while enrolling his palm-print to system. For instance, he can change the normal order of his fingers on the sensor. (iii) Amount of computer memory increases to store both palms of person as compared to single fingerprint template.

60

Proposed Method
In a conventional system, the database contains the fingerprint templates in an ordinary manner. But in the proposed system the database contains the different set of templates according to their classification that is achieved during the enrollment process. The schematic diagram of the proposed approach is shown in Figure 4.3 and the enrollment/identification process of the approach is described below: Enrollment Process Sensor Module, senses the Fingerprint Templates Feature Extraction Module, extracts the minutiae points from Fingerprint Template. Fingerprint Classifier Module, classifies the input templates based on Left-Loop, Right-Loop, Whorl or Arch and store them into the database.

61

Proposed Classifier for Fingerprint Identification

62

Identification Process Sensor Module senses the input Fingerprint Template. Feature Extraction Module, extracts the minutiae points from Fingerprint Template. A minutiae template has been generated of a particular classification and search the database for its specific domain. The particular domain is then extracted from database and matched with the Minutiae Template as shown in Figure 4.3. In the database classification, only whorl, arch and loops are considered because loops make up nearly 65% of all fingerprints, whorls are nearly 30%, and perhaps 5% are arches [BEI, 2003]. In the proposed approach, loops are further divided into two categories viz. left-loop and right-loop as loops contribute 65% of the total fingerprints. Consequently, there become four domains i) Left-Loop ii) Right-Loop iii) Arch and iv) Whorl as shown in figure 4.4 below.

Whorl

Arch

Right-Loop

Left-Loop

63

The algorithm for the proposed classifiers is shown in Figure 4.6. If the value of ND (i.e. number of deltas) is 2 then it is either taken as whorl or twin loop. If the value of ND is 1 then it is further computed for Left-Loop or Right-Loop. If the value of ND is 0 then it is marked as Arch. To find the category of loop (right or left) the feature extraction stage estimates an axis locally symmetric to the ridge structures at the core and computes (number of ridges crossing the line segment joining core and delta). The relative position, R, of delta with respect to symmetry axis is determined as follows R = 1 if the delta is on the right side of symmetry axis and it will be left loop otherwise R = 0 and in this case it will be a right loop. In this way we find the categories of input fingerprint and build our database containing different domains of fingerprints. Now lets find the efficiency of proposed approach.

64

Working of proposed Fingerprint classifier

65

The proposed approach proves very efficient especially when the stored database is very large that is having more than 1, 00000 templates. The proposed method was evaluated at Madhuban Forensic Laboratory, Karnal, where the system database contains more than 1, 50,000 templates. The software used at Madhuban Forensic Laboratory is FACTS (Finger Analysis Criminal Tracing System) developed by CMC, New Delhi based on Henry classification scheme as discussed above. The experiment was conducted on FACTS with an input template (my own fingerprint). The system took 22.35 minutes to produce output. There were 34 templates in output. These outputs are further subjected to human verification and that took 4.55 hours to give the exact identification. Therefore it is obvious that the existing classification scheme is very time consuming and involves complication of human verification. Two templates are declared as matched if their Spatial distance and Direction are below than specified values as given by L. Hong. The algorithm is discussed below:

66

Let D and T be the representation of the Database Template and Target Template respectively. Each minutia may be described by a number of attributes, including its location in the fingerprint image, orientation, type etc. Most common minutiae matching algorithms consider each minutiae as a triplet m= {x,y,}that indicates the minutiae location coordinates and the minutiae angle . D= {m1,m2,.mn} mi = {xi,yi,i} i= 1.m T= { m1,m2,.mn } mj = {xj,yj,j} j= 1.n Where m and n denotes the number of minutiae in D and T respectively. Database Template and Target Template and stored template will be matched, If we calculate Spatial Distance (SD) and direction difference (DD) that will below than specified value r0 and 0 or we can write as [HON, 1998A]. SD (m1, m1) = sqrt [(xi - xi )2 + (yi - yi )2 ] <= r0 Similarly DD (m1, m1) <= 0 Where r0 and 0 are minimum threshold values. Now the efficiency of proposed system is computed as follows: Assume one match takes 1ms time and there are 1, 50,000 templates in the database. Calculation for the best case: The template is first match, time required = 1 X 1 = 1 ms. Calculation for the worst case: The database templates (1, 50,000 templates) are classified into the four domains (Whorl domain, Left-Loop domain, Right-Loop domain and Arch domain) as discussed previously. 67

Number of templates in Whorl-domain = 45000 templates. (That is 30% of 1, 50,000). Number of templates in Left-Loop-domain = 48000 templates. (That is 32% of 1, 50,000). Number of templates in Right-Loop-domain: 49500 templates. (That is 33% of 1, 50,000). Number of templates in Arch-domain: 7500 templates. (That is 5% of 1, 50,000). The input template may belong to either whorl domain or left-loop domain or right-loop domain or arch domain. Now the amount of time required to match the input template with the database template is computed below: If input template is found in Whorl domain, It takes = 1ms X 45000= 45 sec. If input template is found in Left-Loop domain, It takes = 1ms X 48000= 48 sec. If input template is found in Whorl domain, It takes = 1ms X 49500= 49.5 sec If input template is found in Whorl domain, It takes= 1msX 7500= 7.5 sec. Average time for worst case = (45+48+49.5+7.5)/4= 150/4= 37.4 sec. Efficiency of Existing System: Calculation for the best case: The template is First match, Time required = 1 X 1 = 1 ms Calculation for the worst case: The template is last match, Time required = 1 X 1, 50000 = 150 sec. = 25 min.
Time taken by proposed approach ___________________________ = Time taken by existing approach 37.4sec 1 ______ = ___ 25min 40.1

Speedup Factor=

68

Performance Elevation of Fingerprint Verification System

This section discusses an approach developed by the author of this thesis to improve the existing conventional fingerprint verification system. In the proposed method, dimensions of Finger/Thumb are matched in first phase and the minute points are calculated and matched in next phase only when the dimensions are matched in first phase. The author of this thesis has proved that the proposed approach improves FAR (False Accept Rate) and Total Response Time of Biometric System as compared with Conventional Fingerprint Verification Systems. The approach is useful when fingerprint verifications are made at large scale level.

69

Memory Requirements for Biometric Templates Table shows the memory requirements (in bytes) for different types of biometric traits. It is obvious that if the size of memory for template is large, it will increase the size of database templates. It increases the system complexity and thereby response time of system.
Biometrics Traits Memory Required (bytes)

Retinal Scan Iris Scan Fingerprints Hand Geometry

35 256 512 - 1000 9

Data Size for Biometric Templates

70

The Proposed Approach to Improve Response Time

Figure 4.9 shows the architecture of the proposed approach, which consists of two phases viz. Phase-I and Phase-II. Phase-I takes the input from sensor and then measures the dimensions of the input thumb. The thumb dimension measurements; a, b, c, d as shown in Figure 4.8 is computed. After extracting these parameters, it is matched with database templates for comparison. If the match is successful, only then it goes to phase-II for minutiae extraction else match is unsuccessful and no further processing is required. Phase-II extracts the minutiae points for input fingerprint template by using the algorithm given in Figure 4.7.

(a) Side-View (b) Top-View Figure Measuring Thumb Dimensions during Phase-I 71

Architecture of Proposed Approach

72

Performance Estimation for the Proposed Approach To estimate the performance of proposed approach, lets assume that there are 10,000 input templates which are to be compared against database templates. It is further assumed that out of 10,000 templates only 100 templates got verified. Let time taken by geometry verification system (i.e. Phase-I) is t and time taken by fingerprint verification system (i.e. Phase-II) is T and (Where T is five times greater than t given by [RUG, 1996]). Calculation of Response Time: Response Time (Tc) for conventional Fingerprint Verification System Tc = 10,000 X T unit time. Tc = 10,000 X 5t unit time. (Because in conventional verification system, Phase-II is involved) Response Time for Proposed System Tp = 9900*t + 100 *(T + t). (As per assumption only 100 templates are matched and rest of 9900 templates are discard at Phase-I.) Tp = 9900*t + 100(5t+t) = 9900t+600t=10500t unit time.
Tp 10,500 t 1 ___ = _______ = __ Tc 50,000 t 4.7
73

Speedup Factor =

From the above calculation; it is obvious that the proposed approach is approximately five times better than the existing biometric system. The proposed approach allows completely controlled and automated fingerprint verification with efficient response time and minimum FAR (False Accept Rate) as fingerprint is now checked at two phases. The proposed approach checks the dimensions as well as the minutiae points of input template, after that it allows the user to be Verified.

74

Performance Improvement by using Soft Biometric Traits

Unimodal biometric systems make use of a single biometric trait for user recognition. It is difficult to achieve very high recognition rates using unimodal systems due to problems like noisy sensor data and non-universality or lack of distinctiveness of the chosen biometric trait. Multimodal biometric systems address some of these problems by combining evidence obtained from multiple sources. The problem with multimodal system is that it will require a longer verification time thereby causing inconvenience to the users. A multimodal biometric system based on different biometric identifiers can be expected to be more robust to noise, improve the matching accuracy and provide reasonable protection against spoof attacks. But there are limitations as well. (i) The overall cost involved in building the multimodal system can be high due to the need for multiple high quality sensors and increased storage and computational requirements. (ii) The system will require a longer verification time thereby causing inconvenience to the users.
75

A possible solution to the problem of designing a reliable and userfriendly biometric system is to use additional information about the user like height, weight, age, gender, ethnicity, and eye color to improve the performance of the primary biometric system. Most of the biometric systems collect such additional information about the users during enrollment and store them in the database as metadata. Biometric systems used in access control applications generally have a human supervisor who oversees the operations of the system. When a genuine user is falsely rejected by the system, the human operator has to verify the identity of this user manually. This manual verification is usually done by comparing the facial appearance of the user with the facial image appearing on the users identification card and by verifying other information on the ID card like age, gender, height, and other visible identification marks. If the soft biometric characteristics can be automatically extracted and used during the decision making process, the overall performance of the system can be improved and the need of manual involvement will be reduced.

76

Existing Soft Biometric System for person recognition.

Primary Biometric System

Soft Biometric System

77

Proposed Scheme to Integrate Soft Biometrics with Primary Biometrics

The proposed scheme consists of two stages viz. Stage-I and Stage-II. The soft biometrics system is used as first stage and the primary biometric system is used as second stage. The output of first stage is fed to second stage. This type of combination will reduce the processing time system and will improve the efficiency of system as explained in coming sub-section 4.4.7. Processing at Stage-II is required only when the stage-I passes successfully else there will be rejection automatically even without computing the stage-II. Stage-I also computes the soft traits like age, gender, height automatically, without human involvement.

78

Architecture of Personal Identification using Primary Biometrics and Soft Biometric

79

Performance Estimation of Proposed Scheme

In the proposed work, the fingerprint is used as the primary biometric identifier and age, gender and height are used as soft biometric traits. The soft traits are chosen in such a way that they could be easily extracted automatically when user interact with system. For estimating the performance of proposed scheme, let us assume there are 1,00,000 input templates to be matched against database templates and out of 1,00,000 templates only 100 templates are verified by the system. Let time taken by primary biometric system to process single template is TF and time taken by soft biometric to process single template is TS. Where TF >TS as soft traits can be processed easily and TF is 10 times greater than TS

80

Calculation for the Response Time: In conventional Fingerprint verification system Total Processing Time (TR) for 1,00,000 templates. TR = 100000*TF unit time. TR = 100000*10TS =1000000TS unit time In Proposed system Total Processing Time (TP) for 1,00,000) templates. Tp = (100000-100)* TS + 100 *(TF + TS). (As per assumption only 100 templates are verified and rest of 99900 templates are discard at Stage-I.) Tp = 99900 TS + 100(10+1) TS = (99900+1100) TS =101000 TS unit time. Speedup Factor =
Tp 10,1000 TS 1 ___ = __________ = __ Tr 10,00000 TS 9.9

81

It is obvious from the above calculation that the proposed scheme is approximately 10 times better than the existing biometric system. The system proves to be more efficient when huge number templates are taken at input side.

82

Conclusion and Future Scope

As biometric technology matures, there will be an increasing interaction among the market, technology, and the applications. This interaction will be influenced by the added value of the technology, user acceptance, and the credibility of the service provider. As biometrics continues to advance scientifically and technologically, its use and acceptability as a means of security and authorization across various sectors will also grow. Biometrics would be a useful solution to the issue of security for mobile banking in rural areas as only thumb impression is quite enough for money transaction. Many biometric technology providers are already delivering biometric authentication for a variety of web-based and client/server based applications. Continued improvements in the technology will increase performance at a lower cost. Though biometric authentication is not a magical solution that solves all authentication concerns and also it does not guarantee for 100% accuracy and security yet it make easier and cheaper for us to use a variety of automated information systems. It is too early to predict where and how biometric technology would evolve and get embedded in which applications. But it is certain that biometrics based identification will have a profound influence on the way we conduct our daily business. It is also certain that, the fingerprints will remain an integral part of the preferred biometric-based identification solutions as the most mature and well understood biometric in the future generation.

83

List of Publications

84

Publications in International Journals

Improving Biometric security using Cryptography published in International Journal of Advance Research in Computer Engineering Vol-I JanDec 2007 PP 33-38. ISSN 0974-4320. "Elevating Fingerprint Verification System", published in International Journal of Physical Sciences. Vol. 19 (I) April 2007. PP 35-38 ISSN 0970-9150. Fingerprint As Biometric Traits: An Overview Published in International journal of Computer Science and knowledge Engineering Vol-I Jan-Dec 2007 PP 33-38. ISSN 0973-6735. Biometrics Security using Steganography published in CSC online Journal International Journal of Security Malashiya Vol-II Issue-I, PP 1-5 2008. www.cscjournals.com. ISSN 1985-2320. Secure online Business: Exploring the security threats to e-commerce published in International journal of Intelligent Information Processing Vol-I JanDec 2007 PP 1-8. ISSN 0973-3892. Reducing Process-Time for Fingerprint Identification System published in International Journals of Biometric and Bioinformatics Malaysia Vol-III IssueI, 2009 PP 1-9. www.cscjournals.com ISSN 1985-2347. "Soft Biometric: An Asset for Personal Recognition" published in International Journal of Computing Science & Communication Technologies [IJCSCT]. Vol-I, Issue-II, 2009 PP 160-163. ISSN - 0974-3375.
85

Publications in Book
"Biometric Sensor Based on Optical Frustrated Total Internal Reflection" in the Book titled Bioinformatics Computing published by Narosa Publication, New Delhi 2007 PP 118-123, ISBN: 978-817319-794-9.

86

Publications in International-Level Conferences

"Protection of Database Template using Cancelable Biometric" published in IEEE-International advance computing conference 6-7 March 2009, Thapar University, Patiala. "Improving Fingerprint Verification System Published in International Conference on Intelligent Systems & Networks, IISN-2007, Feb. 23-25 2007. PP 298-300. "Soft Biometric: An Asset for Personal Recognition" published in International Conference on Advanced Computing & Communication Technologies at APIIT India, Panipat, November 08-09, 2008. "Challenges in Biometrics" published in International Conference on Emerging trends in Computer Sc. & IT April 23, 2008 at AL-FALAH School of Engineering & Tech, Faridabad PP 69-77.

87

Publications in National-Level Conference/Seminar

"Off-line Optical Frustrated Total Internal Reflection" Published in the proceedings of National Seminar on Information and Communication Technology- Recent Advances & Applications ICT-2006 PP 237-240 Feb 09-11, 2006 at JMIT, Radaur Yamuna Nagar. Web security using Biometrics published in National Conference on Total Quality Management held at Vaish College of Engg, Rohtak 10th March 2007. Biometric Recognition System: An Introduction published in National level seminar on Convergence of IT and Management on 24-Nov.2007 at TIMT, Yamunanagar. Role of Biometrics in Modern Business published in National seminar on "Emerging Challenges in Commerce and Management", Govt. College for Women, KARNAL 18-19 March, 2008.

88

Bibliography

89

Thanks

90