Improved fuzzy hashing technique for biometric template protection

Biometrics provides a new dimension of security to modern automated applications since each user will need to prove his identity when attempting an access. However, if a stored biometric template is compromised, then the conventional biometric recognition system becomes vulnerable to privacy invasion. This invasion is a permanent one because the biometric template is not replaceable. In this paper, we introduce an improved FuzzyHashing technique for biometric template protection purpose. We demonstrate our implementation in the context of fingerprint biometrics. The experimental results and the security analysis on FVC 2004 DB1 and DB2 fingerprint datasets suggest that the technique is highly feasible in practice

???????????? ????????? ?????? ?????? ?????? ?????? ?????? ??????

Department of Electrical EngineeringBiometrics such as fingerprint, iris, face, and electrocardiogram (ECG) have been investigated as convenient and powerful security tools that can potentially replace or supplement current possession or knowledge based authentication schemes. Recently, multi-spectral skin photomatrix (MSP) has been newly found as one of the biometrics. Moreover, since the interest of usage and security for wearable devices have been increasing, multi-modal biometrics authentication which is combining more than two modalities such as (iris + face) or (iris + fingerprint) for powerful and convenience authentication is widely proposed. However, one practical drawback of biometrics is irrevocability. Unlike password, biometrics can not be canceled and re-used once compromised since they are not changed forever. There have been several works on cancelable biometrics to overcome this drawback. ECG has been investigated as a promising biometrics, but there are few research on cancelable ECG biometrics. As we aim to study a way for multi-modal biometric scheme for wearable devices that is assumed circumstance under some limitations such as relatively high performance, low computing power, and limited information (not sharing users information to the public), in this study, we proposed a multi-modal biometrics authentication by combining ECG and MSP. For investigating the performances versus level of fusions, Adaboost algorithm was studied as a score level fusion method, and Majority Voting was studied as a decision level fusion method. Due to ECG signal is 1 dimensional, it provides benefits in wearable devices for overcoming the computing memory limitation. The reasons that we select MSP combination with ECG are it can be collected by measuring on inner-wrist of human body and it also can be considered as hardly stolen modality in remote ways. For proposed multi-modal biometrics, We evaluate our methods using collected data by Brain-Computer-Interface lab with 63 subjects. Our Adaboost based pro- posed multi modal biometrics method with performance boost yielded 99.7% detection probability at 0.1% false alarm ratio (PD0.1) and 0.3% equal error rate (EER), which are far better than simply combining by Majority Voting algorithm with 21.5% PD0.1 and 1.6% EER. Note that for training the Adaboost algorithm, we used only 9 people dataset which is assumed as public data and not included for testing data set, against for knowledge limitation as the other constraint. As initial step for user template protection, We proposed a cancelable ECG based user authentication using a composite hypothesis testing in compressive sensing do- main by deriving a generalized likelihood ratio test (GLRT) detector. We also pro- posed two performance boost tricks in compressive sensing domain to compensate for performance degradation due to cancelable schemes: user template guided filtering and T-wave shift model based GLRT detector for random projection domain. To verify our proposed method, we investigated cancelable biometrics criteria for the proposed methods to confirm that the proposed algorithms are indeed cancelable. For proposed cancelable ECG authentication, We evaluated our proposed methods using ECG data with 147 subjects from three public ECG data sets (ECG-ID, MIT- BIH Normal / Arrhythmia). Our proposed cancelable ECG authentication method is practically cancelable by satisfying all cancelable biometrics criteria. Moreover, our proposed method with performance boost tricks achieved 97.1% detection probability at 1% false alarm ratio (PD1) and 1.9% equal error rate (EER), which are even better than non-cancelable baseline with 94.4% PD1 and 3.1% EER for single pulse ECG authentication.ope

A Hybrid Approach to Protect Palmprint Templates

Biometric template protection is indispensable to protect personal privacy in large-scale deployment of biometric systems. Accuracy, changeability, and security are three critical requirements for template protection algorithms. However, existing template protection algorithms cannot satisfy all these requirements well. In this paper, we propose a hybrid approach that combines random projection and fuzzy vault to improve the performances at these three points. Heterogeneous space is designed for combining random projection and fuzzy vault properly in the hybrid scheme. New chaff point generation method is also proposed to enhance the security of the heterogeneous vault. Theoretical analyses of proposed hybrid approach in terms of accuracy, changeability, and security are given in this paper. Palmprint database based experimental results well support the theoretical analyses and demonstrate the effectiveness of proposed hybrid approach

Cancelable ECG Biometrics using Compressive Sensing-Generalized Likelihood Ratio Test

Electrocardiogram (ECG) has been investigated as promising biometrics, but it cannot be canceled and re-used once compromised just like other biometrics. We propose methods to overcome the issue of irrevocability in ECG biometrics without compromising performance. Our proposed cancelable user authentication uses a generalized likelihood ratio test (GLRT) based on a composite hypothesis testing in compressive sensing (CS) domain We also propose a permutation-based revocation method for CS-based cancelable biometrics so that it becomes resilient to record multiplicity attack. In addition, to compensate for inevitable performance degradation due to cancelable schemes, we also propose two performance improvement methods without undermining cancelable schemes: a self-guided ECG filtering and a T-wave shift model in our CS-GLRT. Finally, our proposed methods were evaluated for various cancelable biometrics criteria with the public ECG-ID data (89 subjects). Our cancelable ECG biometric methods yielded up to 93.0% detection probability at 2.0% false alarm ratio (PD*) and 3.8% equal error rate (EER), which are comparable to or even better than non-cancelable baseline with 93.2% PD* and 4.8% EER for challenging single pulse ECG authentication, respectively. Our proposed methods met all cancelable biometrics criteria theoretically or empirically. Our cancelable secure user template with our novel revocation process is practically non-invertible and robust to record multiplicity attack

Performance comparison of intrusion detection systems and application of machine learning to Snort system

This study investigates the performance of two open source intrusion detection systems (IDSs) namely Snort and Suricata for accurately detecting the malicious traffic on computer networks. Snort and Suricata were installed on two different but identical computers and the performance was evaluated at 10 Gbps network speed. It was noted that Suricata could process a higher speed of network traffic than Snort with lower packet drop rate but it consumed higher computational resources. Snort had higher detection accuracy and was thus selected for further experiments. It was observed that the Snort triggered a high rate of false positive alarms. To solve this problem a Snort adaptive plug-in was developed. To select the best performing algorithm for Snort adaptive plug-in, an empirical study was carried out with different learning algorithms and Support Vector Machine (SVM) was selected. A hybrid version of SVM and Fuzzy logic produced a better detection accuracy. But the best result was achieved using an optimised SVM with firefly algorithm with FPR (false positive rate) as 8.6% and FNR (false negative rate) as 2.2%, which is a good result. The novelty of this work is the performance comparison of two IDSs at 10 Gbps and the application of hybrid and optimised machine learning algorithms to Snort

A Survey on Biometrics and Cancelable Biometrics Systems

Now-a-days, biometric systems have replaced the password or token based authentication system in many fields to improve the security level. However, biometric system is also vulnerable to security threats. Unlike password based system, biometric templates cannot be replaced if lost or compromised. To deal with the issue of the compromised biometric template, template protection schemes evolved to make it possible to replace the biometric template. Cancelable biometric is such a template protection scheme that replaces a biometric template when the stored template is stolen or lost. It is a feature domain transformation where a distorted version of a biometric template is generated and matched in the transformed domain. This paper presents a review on the state-of-the-art and analysis of different existing methods of biometric based authentication system and cancelable biometric systems along with an elaborate focus on cancelable biometrics in order to show its advantages over the standard biometric systems through some generalized standards and guidelines acquired from the literature. We also proposed a highly secure method for cancelable biometrics using a non-invertible function based on Discrete Cosine Transformation (DCT) and Huffman encoding. We tested and evaluated the proposed novel method for 50 users and achieved good results

An Enterprise Rights Management System for On-the-field Maintenance Facilities

n/

Protection of privacy in biometric data

Biometrics is commonly used in many automated veri cation systems offering several advantages over traditional veri cation methods. Since biometric features are associated with individuals, their leakage will violate individuals\u27 privacy, which can cause serious and continued problems as the biometric data from a person are irreplaceable. To protect the biometric data containing privacy information, a number of privacy-preserving biometric schemes (PPBSs) have been developed over the last decade, but they have various drawbacks. The aim of this paper is to provide a comprehensive overview of the existing PPBSs and give guidance for future privacy-preserving biometric research. In particular, we explain the functional mechanisms of popular PPBSs and present the state-of-the-art privacy-preserving biometric methods based on these mechanisms. Furthermore, we discuss the drawbacks of the existing PPBSs and point out the challenges and future research directions in PPBSs