biometrics authentication & security systemjoics.org/gallery/ics-1635.pdf · communication in...
TRANSCRIPT
Biometrics Authentication & Security System
Niraj Kumar Tiwari1, Assistant Professor
Abhishek Kumar Pandey2, Assistant Professor
Department of Computer Science & Engineering, SIET, Prayagraj, U.P., India
Abstract:
Due to increasing the user of internet and dependence on computers to store and process
sensitive information has made it necessary to secure them from intruders. Automatic
identification/verification of an individuals’ identity based on the analysis of that person
biological traits is broadly known as biometrics technology. A biometric system is generally a
pattern recognition system that recognizes a person by determining the authentication by using
his different biological features i.e. Hand Geometry Recognition, Signature Recognition Vein
Recognition, Face recognition, Fingerprint, retina-scan, iris scan, Voice recognition hand
geometry, and are leading physiological biometrics and behavioral characteristic are Voice
recognition, keystroke-scan, and signature-scan. Existing single modal biometric system has
more error rate and provides less security than the combined one. To reduce the error rate and
overcome the security flaw, multimodal biometric systems are used. Now days, the most used
applications for prevention or detection of attacks are intrusion detection systems. Basically
Biometrics is the measurement and use of the atomic(unique) attribute of living humans to
distinguish them from one another and it is better than compare to passwords and tokens as they
can be lost or stolen so we have choose the technique biometric authentication. Authentication is
a fundamental issue to any trust oriented computing system and also a critical part in many
security protocols. In this paper, we have given a brief introduction about biometrics. This paper
discusses why authentication using biometric data is not a common standard up to now. It also
analyses if the use of biometric data makes systems more secure and if it is worth spending more
money on such systems. In this paper different biometrics techniques such as Iris scan, retina
scan and face recognition techniques are discussed.
Keywords: Authentication, biometrics, cyber-security, identification methods, Intrusion
detection, keystroke, Automatic verification of identities,
1. Introduction:
Biometrics is a field of technology which has been and is being used in the identification of
individuals based on some physical attribute. The purpose of this paper will be to look at the use
of biometrics technology to determine how secure it might be in authenticating users, and how
Journal of Information and Computational Science
Volume 9 Issue 11 - 2019
ISSN: 1548-7741
www.joics.org397
the users job fun. Performing authentication is notoriously difficult. Biometrics has been widely
used and adopted as a promising authentication method due to its advantages over some existing
methods, particularly, its resistance to losses incurred by theft of passwords and smart cards.
However, biometrics introduces its own challenges, such as being irreplaceable once
compromised. With the advancement of technology privacy threats arise while establishing
communication in social networking sites. A biometric system can be either an 'identification'
system or a 'verification' (authentication) system, which are defined below.
Identification (1: n) – One-to-Many: Biometrics can be used to determine a person's identity
even without his awareness or approval. Such as scanning a crowd with the help of a camera and
using face recognition technology, one can verify matches that are already store in database.
Verification (1:1) One-to-One: Biometrics can also be used to verify a person's identity. Such as
one can allow physical access to a secure area in a building by using finger scans or can grant
access to a bank account at an ATM by using retina scan.
Figure 1: General Biometric System
2. BIOMETRIC PROPERTIES:
"Biometrics" means "life measurement" but the term is generally coupled with the use of unique
physiological characteristics to identify a person, some other characteristics of biometrics are:
Universal: Every person must possess the characteristic. The trait must be one that is universal
and seldom lost to accident or disease.
Journal of Information and Computational Science
Volume 9 Issue 11 - 2019
ISSN: 1548-7741
www.joics.org398
Invariance of properties: They should be constant over a long time. The trait should not be
focus to considerable differences based on age either episodic or chronic disease.
Measurability: This should be suitable for capture without waiting time and must be easy to
gather the attribute data passively.
Singularity: Each expression of the element must be distinctive to the person. The
characteristics should have adequate distinctive properties to distinguish one person from other.
Height, weight, hair and eye color are all elements that are unique assuming a mostly accurate
measure, but do not offer enough points of separation to be useful for more than categorizing.
Acceptance: The capturing should be possible in a manner acceptable to a large fraction of the
residents. Excluded are particularly persistent technologies, such technologies which is require a
part of the human body to be taken or which (apparently) impair the human body.
Reducibility: The captured data should be able of being reduced to a file which is easy to
handle.
Reliability and tamper-resistance: The attribute should be impractical to mask or modify.
Process should make sure high reliability and reproducibility.
Privacy: This process should not break the privacy of the individual.
Comparable: They should be able to reduce the trait to a state that makes it is digitally
comparable from others. It has less probabilistic for similarity and more dependable on the
identification.
Inimitable: The trait must be irreproducible by other way. The less reproducible the trait, the
more likely it will be reliable. Biometric technologies: fingerprint, facial features, hand
geometry, voice, iris, retina, vein patterns, palm print, DNA, keystroke dynamics, ear shape,
odor, signature all satisfy the above requirements.
3. Challenges in Biometric Authentication:
The different challenges in front of biometric system are as follows:
3.1 Privacy Issues: An inconsequential way to include biometric authentication in smart card-
based password authentication is to scan the biometric characteristics and store the extracted
biometric data as a template in the server. During the authentication, a comparison is made
between the stored data and the input biometric data. If there is an adequate cohesion, a
biometric authentication is said to be successful. This method, however, will raise some security
risks, mainly in a multi server environment where user privacy is a concern. Servers are not fully
secure. Servers with weak security protections can be broken in by attackers, who will obtain the
Journal of Information and Computational Science
Volume 9 Issue 11 - 2019
ISSN: 1548-7741
www.joics.org399
biometric data on those servers. And also servers are not 100 percent trusted. Server-X could try
to login to Server-Y on behalf of their common clients, or distribute users’ biometric information
in the system. In both the cases, user privacy will be compromised, and a single-point failure on
a server will relegate the whole system’s security level from three-factor authentication to two-
factor authentication.
3.2 Error Tolerance and No trusted Devices: One challenge in biometric authentication is that
biometric characteristics are prone to various noises during data collecting, and this natural
feature makes it impossible to reproduce precisely each time biometric characteristics are
measured. A biometric authentication protocol cannot simply compare the hash or the encryption
of biometric template. Instead biometric authentication must endure failures within a rational
bound. Another issue in biometric authentication is that the verification of biometrics should be
performed by the server instead of other devices, since such devices are usually remotely located
from the server and cannot be fully trusted.
4. Kind of Biometrics:
We can classify the biometric techniques into two classes:
Physiological based techniques include facial analysis, fingerprint, hand geometry, retinal
analysis, DNA and measure the physiological characteristics of a person.
Behavior based techniques include signature, key stroke, voice, smell, sweat pores analysis and
measure behavioral characteristics.
Journal of Information and Computational Science
Volume 9 Issue 11 - 2019
ISSN: 1548-7741
www.joics.org400
Figure 2: Kinds of Biometric System
4.1 DNA Matching: Chemical Biometric The identification of an individual using the analysis
of segments from DNA.
Journal of Information and Computational Science
Volume 9 Issue 11 - 2019
ISSN: 1548-7741
www.joics.org401
4.2 Ear Based Recognition: Visual Biometric The identification of an individual using the shape
of the ear.
4.3 Eyes - Iris Recognition: Visual Biometric the use of the features found in the iris to identify
an individual.
Iris recognition is an automated method of biometric identification which uses mathematical
pattern recognition techniques on video images of the irises of an individual's eyes, whose
complex random patterns are unique and can be seen from some distance. Iris cameras perform
recognition detection of a person’s identity by analysis of the random patterns that are visible
within the iris of an eye from several distances. It combines computer vision, pattern recognition,
statistical inference and optics. The iris is the colored ring around the pupil of every human being
and like a snowflake, no two are the same. Each one is unique in its own way, exhibiting a
distinctive form.
4.4 Eyes - Retina Recognition: Visual Biometric The use of patterns of veins in the back of the
eye to accomplish recognition.
4.5 Face Recognition: Visual Biometric The analysis of facial features or patterns for the
authentication or recognition of an individual’s identity.
Journal of Information and Computational Science
Volume 9 Issue 11 - 2019
ISSN: 1548-7741
www.joics.org402
Most face recognition systems either use eigenfaces or local feature analysis. The facial
recognition systems differentiate between the background and the face. This is important when
the system has to identify a face within a throng. The system then makes use of a person's facial
features – its peaks and valleys and landmarks – and treats these as nodes that can be measured
and compared against those that are stored in the system's database. There are around 80 nodes
comprising the face print that the system makes use of and this includes the jaw line length, eye
socket depth, and distance between the eyes, cheekbone shape, and the width of the nose.
4.6 Fingerprint Recognition: Visual Biometric The use of the ridges and valleys (minutiae)
found on the surface tips of a human finger to identify an individual.
4.7 Finger/ Hand Geometry Recognition: Visual/Spatial Biometric The use of 3D geometry of
the finger to determine identity.
The use of the geometric features of the hand such as the lengths of fingers and the width of the
hand to identify an individual.
Journal of Information and Computational Science
Volume 9 Issue 11 - 2019
ISSN: 1548-7741
www.joics.org403
4.8 Gait Recognition: Behavioral Biometric The use of an individuals walking style or gait to
determine identity.
4.9 Signature Recognition:
Visual/Behavioral Biometric The authentication of an individual by the analysis of
handwriting style, in particular the signature. There are two key types of digital
handwritten signature authentication, Static and Dynamic. Static is most often a
visual comparison between one scanned signature and another scanned signature, or
a scanned signature against an ink signature. Technology is available to check two
scanned signatures using advances algorithms. Dynamic is becoming more popular
as ceremony data is captured along with the X,Y,T and P Coordinates of the signor
from the signing device. This data can be utilized in a court of law using digital
forensic examination tools, and to create a biometric template from which dynamic
signatures can be authenticated either at time of signing or post signing, and as
triggers in workflow processes.
Journal of Information and Computational Science
Volume 9 Issue 11 - 2019
ISSN: 1548-7741
www.joics.org404
4.10 Typing Recognition:
Behavioural Biometric The use of the unique characteristics of a persons typing for establishing
identity.
4.11 Vein Recognition:
Vein recognition is a type of biometrics that can be used to identify individuals based on the vein
patterns in the human finger or palm.
Journal of Information and Computational Science
Volume 9 Issue 11 - 2019
ISSN: 1548-7741
www.joics.org405
4.12 Keystroke:
The functionality of this biometric is to measure the dwell time (the length of time a key is held
down) and flight time (the time to move from one key to another) for keyboard actions.
Keystroke biometrics work on the basis of multiple feature extraction being used to create a
profile of an individual. This profile is used to identify or authenticate the user. Keystroke
analysis is concerned with the frequency, accuracy, the pause between strokes and the length of
time a key is depressed.
4.13 Voice / Speaker Recognition: There are two major applications of speaker recognition.
Voice - Speaker Verification / Authentication
Auditory Biometric The use of the voice as a method of determining the identity of a speaker for
access control.
If the speaker claims to be of a certain identity and the voice is used to verify this claim. Speaker
verification is a 1:1 match where one speaker's voice is matched to one template (also called a
"voice print" or "voice model"). Speaker verification is usually employed as a "gatekeeper" in
order to provide access to a secure system (e.g.: telephone banking). These systems operate with
the user's knowledge and typically require their cooperation. For example, presenting a person’s
passport at border control is a verification process - the agent compares the person’s face to the
picture in the document.
Voice - Speaker Identification: Auditory Biometric Identification is the task of determining an
unknown speaker's identity.
Speaker identification is a 1:N (many) match where the voice is compared against N templates.
Speaker identification systems can also be implemented covertly without the user's knowledge to
identify talkers in a discussion, alert automated systems of speaker changes, check if a user is
already enrolled in a system, etc. For example, a police officer compares a sketch of an assailant
against a database of previously documented criminals to find the closest match (es). In forensic
applications, it is common to first perform a speaker identification process to create a list of "best
matches" and then perform a series of verification processes to determine a conclusive match.
Note: There is a difference between speaker recognition (recognizing who is speaking) and
speech recognition (recognizing what is being said). These two terms are frequently confused, as
is voice recognition. Voice recognition is a synonym for speaker, and thus not speech,
Journal of Information and Computational Science
Volume 9 Issue 11 - 2019
ISSN: 1548-7741
www.joics.org406
recognition. In addition, there is a difference between the act of authentication (commonly
referred to as speaker verification or speaker authentication) and identification.
5. Conclusion & Future Scope:
In this survey, we have presented an extensive survey of research conducted in the field of
keystroke dynamics over the past three decades. However, there are a few challenges and open
areas of research that should be addressed in order to make this an effective biometric. With
mobile computing gaining popularity through the use of smart phones, tablets and other touch
screen devices; it might be worthwhile to consider the application of keystroke dynamics on
these devices. Biometrics has been widely used and adopted as a promising authentication
method due to its advantages over some existing methods, particularly, its resistance to losses
incurred by theft of passwords and smart cards it also advancement of technology privacy threats
arise while establishing communication in social networking sites.
6. References:
1. Smita S. Mudholkar , Pradnya M. Shende , Milind V. Sarode “Biometrics Authentication
Technique For intrusion Detection Systems Using Fingerprint Recognition” International
Journal Of Computer Science, Engineering And Information Technology (IJCSEIT), Vol.2, No.1,
February 2012.
2. Birgit Kaschte Computer Science Department University Of Auckland “Biometric
Authentication Systems Today And In The Future” 24 October 2005.
Journal of Information and Computational Science
Volume 9 Issue 11 - 2019
ISSN: 1548-7741
www.joics.org407
3. Renu Bhatia Department Of Computer Science And Applications Kurukshetra University
“Biometrics And Face Recognition Techniques”
International Journal Of Advanced Research In Computer Science And Software Engineering
Volume 3, Issue 5, May 2013.
4. Israa M. Alsaadi “Physiological Biometric Authentication Systems, Advantages,
Disadvantages and Future Development: A Review” International Journal Of Scientific &
Technology Research Volume 4, Issue 12, December 2015.
5. Ephin M, N. A. Vasanthi “A Highly Secure Integrated Biometrics Authentication Using
Finger-Palm Print Fusion” International Journal Of Scientific & Engineering Research Volume
4, Issue 1, January-2013.
6. Salil P. Banerjee, Damon L. Woodard “Biometric Authentication And Identification Using
Keystroke Dynamics: A Survey” Journal Of Pattern Recognition Research 7 (2012) 116-139
Received April 28, 2012. Revised July 10, 2012. Accepted July 1, 2012.
7. Shilpi Sharma And J. S. Sodhi, Computer Science And Engineering Department, ASET,
Amity University Noida, India “ Implementation Of Biometric Techniques In Social Networking
Sites” International Journal Of Security And Its Applications Vol.8, No.6 (2014), Pp.51-60.
Journal of Information and Computational Science
Volume 9 Issue 11 - 2019
ISSN: 1548-7741
www.joics.org408