biometrics authentication & security systemjoics.org/gallery/ics-1635.pdf · communication in...

Biometrics Authentication & Security System

Niraj Kumar Tiwari1, Assistant Professor

Abhishek Kumar Pandey2, Assistant Professor

Department of Computer Science & Engineering, SIET, Prayagraj, U.P., India

[email protected]

[email protected]

Abstract:

Due to increasing the user of internet and dependence on computers to store and process

sensitive information has made it necessary to secure them from intruders. Automatic

identification/verification of an individuals’ identity based on the analysis of that person

biological traits is broadly known as biometrics technology. A biometric system is generally a

pattern recognition system that recognizes a person by determining the authentication by using

his different biological features i.e. Hand Geometry Recognition, Signature Recognition Vein

Recognition, Face recognition, Fingerprint, retina-scan, iris scan, Voice recognition hand

geometry, and are leading physiological biometrics and behavioral characteristic are Voice

recognition, keystroke-scan, and signature-scan. Existing single modal biometric system has

more error rate and provides less security than the combined one. To reduce the error rate and

overcome the security flaw, multimodal biometric systems are used. Now days, the most used

applications for prevention or detection of attacks are intrusion detection systems. Basically

Biometrics is the measurement and use of the atomic(unique) attribute of living humans to

distinguish them from one another and it is better than compare to passwords and tokens as they

can be lost or stolen so we have choose the technique biometric authentication. Authentication is

a fundamental issue to any trust oriented computing system and also a critical part in many

security protocols. In this paper, we have given a brief introduction about biometrics. This paper

discusses why authentication using biometric data is not a common standard up to now. It also

analyses if the use of biometric data makes systems more secure and if it is worth spending more

money on such systems. In this paper different biometrics techniques such as Iris scan, retina

scan and face recognition techniques are discussed.

Keywords: Authentication, biometrics, cyber-security, identification methods, Intrusion

detection, keystroke, Automatic verification of identities,

1. Introduction:

Biometrics is a field of technology which has been and is being used in the identification of

individuals based on some physical attribute. The purpose of this paper will be to look at the use

of biometrics technology to determine how secure it might be in authenticating users, and how

Journal of Information and Computational Science

Volume 9 Issue 11 - 2019

ISSN: 1548-7741

www.joics.org397

mailto:[email protected]

mailto:[email protected]

the users job fun. Performing authentication is notoriously difficult. Biometrics has been widely

used and adopted as a promising authentication method due to its advantages over some existing

methods, particularly, its resistance to losses incurred by theft of passwords and smart cards.

However, biometrics introduces its own challenges, such as being irreplaceable once

compromised. With the advancement of technology privacy threats arise while establishing

communication in social networking sites. A biometric system can be either an 'identification'

system or a 'verification' (authentication) system, which are defined below.

Identification (1: n) – One-to-Many: Biometrics can be used to determine a person's identity

even without his awareness or approval. Such as scanning a crowd with the help of a camera and

using face recognition technology, one can verify matches that are already store in database.

Verification (1:1) One-to-One: Biometrics can also be used to verify a person's identity. Such as

one can allow physical access to a secure area in a building by using finger scans or can grant

access to a bank account at an ATM by using retina scan.

Figure 1: General Biometric System

2. BIOMETRIC PROPERTIES:

"Biometrics" means "life measurement" but the term is generally coupled with the use of unique

physiological characteristics to identify a person, some other characteristics of biometrics are:

Universal: Every person must possess the characteristic. The trait must be one that is universal

and seldom lost to accident or disease.



ISSN: 1548-7741

www.joics.org398

Invariance of properties: They should be constant over a long time. The trait should not be

focus to considerable differences based on age either episodic or chronic disease.

Measurability: This should be suitable for capture without waiting time and must be easy to

gather the attribute data passively.

Singularity: Each expression of the element must be distinctive to the person. The

characteristics should have adequate distinctive properties to distinguish one person from other.

Height, weight, hair and eye color are all elements that are unique assuming a mostly accurate

measure, but do not offer enough points of separation to be useful for more than categorizing.

Acceptance: The capturing should be possible in a manner acceptable to a large fraction of the

residents. Excluded are particularly persistent technologies, such technologies which is require a

part of the human body to be taken or which (apparently) impair the human body.

Reducibility: The captured data should be able of being reduced to a file which is easy to

handle.

Reliability and tamper-resistance: The attribute should be impractical to mask or modify.

Process should make sure high reliability and reproducibility.

Privacy: This process should not break the privacy of the individual.

Comparable: They should be able to reduce the trait to a state that makes it is digitally

comparable from others. It has less probabilistic for similarity and more dependable on the

identification.

Inimitable: The trait must be irreproducible by other way. The less reproducible the trait, the

more likely it will be reliable. Biometric technologies: fingerprint, facial features, hand

geometry, voice, iris, retina, vein patterns, palm print, DNA, keystroke dynamics, ear shape,

odor, signature all satisfy the above requirements.

3. Challenges in Biometric Authentication:

The different challenges in front of biometric system are as follows:

3.1 Privacy Issues: An inconsequential way to include biometric authentication in smart card-

based password authentication is to scan the biometric characteristics and store the extracted

biometric data as a template in the server. During the authentication, a comparison is made

between the stored data and the input biometric data. If there is an adequate cohesion, a

biometric authentication is said to be successful. This method, however, will raise some security

risks, mainly in a multi server environment where user privacy is a concern. Servers are not fully

secure. Servers with weak security protections can be broken in by attackers, who will obtain the



ISSN: 1548-7741

www.joics.org399

biometric data on those servers. And also servers are not 100 percent trusted. Server-X could try

to login to Server-Y on behalf of their common clients, or distribute users’ biometric information

in the system. In both the cases, user privacy will be compromised, and a single-point failure on

a server will relegate the whole system’s security level from three-factor authentication to two-

factor authentication.

3.2 Error Tolerance and No trusted Devices: One challenge in biometric authentication is that

biometric characteristics are prone to various noises during data collecting, and this natural

feature makes it impossible to reproduce precisely each time biometric characteristics are

measured. A biometric authentication protocol cannot simply compare the hash or the encryption

of biometric template. Instead biometric authentication must endure failures within a rational

bound. Another issue in biometric authentication is that the verification of biometrics should be

performed by the server instead of other devices, since such devices are usually remotely located

from the server and cannot be fully trusted.

4. Kind of Biometrics:

We can classify the biometric techniques into two classes:

Physiological based techniques include facial analysis, fingerprint, hand geometry, retinal

analysis, DNA and measure the physiological characteristics of a person.

Behavior based techniques include signature, key stroke, voice, smell, sweat pores analysis and

measure behavioral characteristics.



ISSN: 1548-7741

www.joics.org400

Figure 2: Kinds of Biometric System

4.1 DNA Matching: Chemical Biometric The identification of an individual using the analysis

of segments from DNA.



ISSN: 1548-7741

www.joics.org401

4.2 Ear Based Recognition: Visual Biometric The identification of an individual using the shape

of the ear.

4.3 Eyes - Iris Recognition: Visual Biometric the use of the features found in the iris to identify

an individual.

Iris recognition is an automated method of biometric identification which uses mathematical

pattern recognition techniques on video images of the irises of an individual's eyes, whose

complex random patterns are unique and can be seen from some distance. Iris cameras perform

recognition detection of a person’s identity by analysis of the random patterns that are visible

within the iris of an eye from several distances. It combines computer vision, pattern recognition,

statistical inference and optics. The iris is the colored ring around the pupil of every human being

and like a snowflake, no two are the same. Each one is unique in its own way, exhibiting a

distinctive form.

4.4 Eyes - Retina Recognition: Visual Biometric The use of patterns of veins in the back of the

eye to accomplish recognition.

4.5 Face Recognition: Visual Biometric The analysis of facial features or patterns for the

authentication or recognition of an individual’s identity.



ISSN: 1548-7741

www.joics.org402

Most face recognition systems either use eigenfaces or local feature analysis. The facial

recognition systems differentiate between the background and the face. This is important when

the system has to identify a face within a throng. The system then makes use of a person's facial

features – its peaks and valleys and landmarks – and treats these as nodes that can be measured

and compared against those that are stored in the system's database. There are around 80 nodes

comprising the face print that the system makes use of and this includes the jaw line length, eye

socket depth, and distance between the eyes, cheekbone shape, and the width of the nose.

4.6 Fingerprint Recognition: Visual Biometric The use of the ridges and valleys (minutiae)

found on the surface tips of a human finger to identify an individual.

4.7 Finger/ Hand Geometry Recognition: Visual/Spatial Biometric The use of 3D geometry of

the finger to determine identity.

The use of the geometric features of the hand such as the lengths of fingers and the width of the

hand to identify an individual.



ISSN: 1548-7741

www.joics.org403

4.8 Gait Recognition: Behavioral Biometric The use of an individuals walking style or gait to

determine identity.

4.9 Signature Recognition:

Visual/Behavioral Biometric The authentication of an individual by the analysis of

handwriting style, in particular the signature. There are two key types of digital

handwritten signature authentication, Static and Dynamic. Static is most often a

visual comparison between one scanned signature and another scanned signature, or

a scanned signature against an ink signature. Technology is available to check two

scanned signatures using advances algorithms. Dynamic is becoming more popular

as ceremony data is captured along with the X,Y,T and P Coordinates of the signor

from the signing device. This data can be utilized in a court of law using digital

forensic examination tools, and to create a biometric template from which dynamic

signatures can be authenticated either at time of signing or post signing, and as

triggers in workflow processes.



ISSN: 1548-7741

www.joics.org404

4.10 Typing Recognition:

Behavioural Biometric The use of the unique characteristics of a persons typing for establishing

identity.

4.11 Vein Recognition:

Vein recognition is a type of biometrics that can be used to identify individuals based on the vein

patterns in the human finger or palm.



ISSN: 1548-7741

www.joics.org405

4.12 Keystroke:

The functionality of this biometric is to measure the dwell time (the length of time a key is held

down) and flight time (the time to move from one key to another) for keyboard actions.

Keystroke biometrics work on the basis of multiple feature extraction being used to create a

profile of an individual. This profile is used to identify or authenticate the user. Keystroke

analysis is concerned with the frequency, accuracy, the pause between strokes and the length of

time a key is depressed.

4.13 Voice / Speaker Recognition: There are two major applications of speaker recognition.

Voice - Speaker Verification / Authentication

Auditory Biometric The use of the voice as a method of determining the identity of a speaker for

access control.

If the speaker claims to be of a certain identity and the voice is used to verify this claim. Speaker

verification is a 1:1 match where one speaker's voice is matched to one template (also called a

"voice print" or "voice model"). Speaker verification is usually employed as a "gatekeeper" in

order to provide access to a secure system (e.g.: telephone banking). These systems operate with

the user's knowledge and typically require their cooperation. For example, presenting a person’s

passport at border control is a verification process - the agent compares the person’s face to the

picture in the document.

Voice - Speaker Identification: Auditory Biometric Identification is the task of determining an

unknown speaker's identity.

Speaker identification is a 1:N (many) match where the voice is compared against N templates.

Speaker identification systems can also be implemented covertly without the user's knowledge to

identify talkers in a discussion, alert automated systems of speaker changes, check if a user is

already enrolled in a system, etc. For example, a police officer compares a sketch of an assailant

against a database of previously documented criminals to find the closest match (es). In forensic

applications, it is common to first perform a speaker identification process to create a list of "best

matches" and then perform a series of verification processes to determine a conclusive match.

Note: There is a difference between speaker recognition (recognizing who is speaking) and

speech recognition (recognizing what is being said). These two terms are frequently confused, as

is voice recognition. Voice recognition is a synonym for speaker, and thus not speech,



ISSN: 1548-7741

www.joics.org406

recognition. In addition, there is a difference between the act of authentication (commonly

referred to as speaker verification or speaker authentication) and identification.

5. Conclusion & Future Scope:

In this survey, we have presented an extensive survey of research conducted in the field of

keystroke dynamics over the past three decades. However, there are a few challenges and open

areas of research that should be addressed in order to make this an effective biometric. With

mobile computing gaining popularity through the use of smart phones, tablets and other touch

screen devices; it might be worthwhile to consider the application of keystroke dynamics on

these devices. Biometrics has been widely used and adopted as a promising authentication

method due to its advantages over some existing methods, particularly, its resistance to losses

incurred by theft of passwords and smart cards it also advancement of technology privacy threats

arise while establishing communication in social networking sites.

6. References:

1. Smita S. Mudholkar , Pradnya M. Shende , Milind V. Sarode “Biometrics Authentication

Technique For intrusion Detection Systems Using Fingerprint Recognition” International

Journal Of Computer Science, Engineering And Information Technology (IJCSEIT), Vol.2, No.1,

February 2012.

2. Birgit Kaschte Computer Science Department University Of Auckland “Biometric

Authentication Systems Today And In The Future” 24 October 2005.



ISSN: 1548-7741

www.joics.org407

3. Renu Bhatia Department Of Computer Science And Applications Kurukshetra University

“Biometrics And Face Recognition Techniques”

International Journal Of Advanced Research In Computer Science And Software Engineering

Volume 3, Issue 5, May 2013.

4. Israa M. Alsaadi “Physiological Biometric Authentication Systems, Advantages,

Disadvantages and Future Development: A Review” International Journal Of Scientific &

Technology Research Volume 4, Issue 12, December 2015.

5. Ephin M, N. A. Vasanthi “A Highly Secure Integrated Biometrics Authentication Using

Finger-Palm Print Fusion” International Journal Of Scientific & Engineering Research Volume

4, Issue 1, January-2013.

6. Salil P. Banerjee, Damon L. Woodard “Biometric Authentication And Identification Using

Keystroke Dynamics: A Survey” Journal Of Pattern Recognition Research 7 (2012) 116-139

Received April 28, 2012. Revised July 10, 2012. Accepted July 1, 2012.

7. Shilpi Sharma And J. S. Sodhi, Computer Science And Engineering Department, ASET,

Amity University Noida, India “ Implementation Of Biometric Techniques In Social Networking

Sites” International Journal Of Security And Its Applications Vol.8, No.6 (2014), Pp.51-60.



ISSN: 1548-7741

www.joics.org408

biometrics authentication & security systemjoics.org/gallery/ics-1635.pdf · communication in...

Documents