computer security
DESCRIPTION
Computer Security. Biometrics Digital Watermarking Document Security Video Surveillance Computer Virus Spam Filtering Web-server Log-files Encryption Artificial Immune Systems Machine Safety. - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Computer Security](https://reader036.vdocuments.us/reader036/viewer/2022081516/56813a10550346895da1e879/html5/thumbnails/1.jpg)
Computer Security
Biometrics Digital Watermarking Document Security Video Surveillance Computer Virus Spam Filtering Web-server Log-files Encryption Artificial Immune Systems Machine Safety
![Page 2: Computer Security](https://reader036.vdocuments.us/reader036/viewer/2022081516/56813a10550346895da1e879/html5/thumbnails/2.jpg)
Wikipedia on Biometrics
Biometrics (ancient Greek: bios ="life", metron ="measure") is the study of methods for uniquely recognizing humans based upon one or more intrinsic physical or behavioral traits.
In information technology, biometric authentication refers to technologies that measure and analyze human physical and behavioural characteristics for authentication purposes. Examples of physical (or physiological or biometric) characteristics include fingerprints, eye retinas and irises, facial patterns and hand measurements, while examples of mostly behavioural characteristics include signature, gait and typing patterns. All behavioral biometric characteristics have a physiological component, and, to a lesser degree, physical biometric characteristics have a behavioral element.
![Page 3: Computer Security](https://reader036.vdocuments.us/reader036/viewer/2022081516/56813a10550346895da1e879/html5/thumbnails/3.jpg)
Many choices...
Fingerprint Face Iris Height Voice Signature Handwriting Hand veins Facial Thermogram Keystrokes
Retina DNA Odor Gait (Walk pattern) Eye color IQ Hand geometry Ear shape ...
One is wrong here! Which one?
![Page 4: Computer Security](https://reader036.vdocuments.us/reader036/viewer/2022081516/56813a10550346895da1e879/html5/thumbnails/4.jpg)
Why not IQ?
• IQ is used for ranking persons• different persons can have the same IQ• criteria for computing IQ can vary over time• a smart person can simulate a lower IQ• the “acquisition time” for getting the IQ is too
large• some of these may be also true for other
biometrics, but never all of them
![Page 5: Computer Security](https://reader036.vdocuments.us/reader036/viewer/2022081516/56813a10550346895da1e879/html5/thumbnails/5.jpg)
...and becoming more
An OTOACOUSTIC EMISSION (OAE) is a sound which is generated from within the inner ear. Having been predicted by Thomas Gold in 1948, their existence was first demonstrated experimentally by David Kemp in 1978 and they have since been shown to arise by a number of different cellular mechanisms within the inner ear. Numerous studies have shown that OAEs disappear after the inner ear has been damaged, so OAEs are often used in the laboratory and the clinic as a measure of inner ear health. There are two types of otoacoustic emissions: Spontaneous Otoacoustic Emissions (SOAEs), which can occur without external stimulation, and Evoked Otoacoustic Emissions (EOAEs), which require an evoking stimulus.Recently, Beeby, Brown and White from University of Southhampton, UK, have studied the use of OAE for biometric systems (e.g. included in mobile telephones).
![Page 6: Computer Security](https://reader036.vdocuments.us/reader036/viewer/2022081516/56813a10550346895da1e879/html5/thumbnails/6.jpg)
Two application modi
Identification Given a biometric pattern, identify the person out
of a set of n persons (1:n match) Verification
Given a biometric pattern, verify the identity of that person by comparing with a biometric template of the same person that was given before (1:1 match).
Detection? What could it mean in this context?
![Page 7: Computer Security](https://reader036.vdocuments.us/reader036/viewer/2022081516/56813a10550346895da1e879/html5/thumbnails/7.jpg)
Several Aspects...
Universality describes how commonly a biometric is found in each individual.
Uniqueness is how well the biometric separates one individual from another.
Permanence measures how well a biometric resists aging. Collectability explains how easy it is to acquire a biometric for
measurement. Performance indicates the accuracy, speed, and robustness of
the system capturing the biometric. Acceptability indicates the degree of approval of a technology by
the public in everyday life. Circumvention is how hard it is to fool the authentication system.
![Page 8: Computer Security](https://reader036.vdocuments.us/reader036/viewer/2022081516/56813a10550346895da1e879/html5/thumbnails/8.jpg)
Fingerprints
Impression of friction ridges of tip part of the finger.Known from history as being unique for every person.Used in legal issues for more than 100 years (first use reported 1892 by Argentine police to identify a murder).Several countries maintain large collections of fingerprints, so-called AFIS (automated fingerprint identification systems).
![Page 9: Computer Security](https://reader036.vdocuments.us/reader036/viewer/2022081516/56813a10550346895da1e879/html5/thumbnails/9.jpg)
Some related questions
Do twins have the same fingerprint? Are the fingerprints of different fingers of the
same person different? Do the same left and right finger of the same
person have a mirrored fingerprint? Are relatives having similar fingerprints? Are the fingerprints of the same person aged
20 and aged 60 identical? Can the gender be concluded from a
fingerprint?
![Page 10: Computer Security](https://reader036.vdocuments.us/reader036/viewer/2022081516/56813a10550346895da1e879/html5/thumbnails/10.jpg)
Some related questions
Do twins have the same fingerprint? no Are the fingerprints of different fingers of the
same person different? yes Do the same left and right finger of the same
person have a mirrored fingerprint? no Are relatives having similar fingerprints? no Are the fingerprints of the same person aged
20 and aged 60 identical? nearly Can the gender be concluded from a
fingerprint? no
![Page 11: Computer Security](https://reader036.vdocuments.us/reader036/viewer/2022081516/56813a10550346895da1e879/html5/thumbnails/11.jpg)
Our criteria (L,M,H)
Universality?
![Page 12: Computer Security](https://reader036.vdocuments.us/reader036/viewer/2022081516/56813a10550346895da1e879/html5/thumbnails/12.jpg)
Fingerprint: Universality
Medium! There is so-called Naegeli syndrome.
Affected persons have a dimished function of the sweat glands, therefore, they are not producing a fingerprint.
Injuries may also affect the fingerprint pattern.
![Page 13: Computer Security](https://reader036.vdocuments.us/reader036/viewer/2022081516/56813a10550346895da1e879/html5/thumbnails/13.jpg)
Our criteria (L,M,H)
Uniqueness?
![Page 14: Computer Security](https://reader036.vdocuments.us/reader036/viewer/2022081516/56813a10550346895da1e879/html5/thumbnails/14.jpg)
Fingerprint: Uniqueness
High! No two fingerprints have ever been found
identical. However, between features like minutiae
position there might be some similarity (twins).
![Page 15: Computer Security](https://reader036.vdocuments.us/reader036/viewer/2022081516/56813a10550346895da1e879/html5/thumbnails/15.jpg)
Our criteria (L,M,H)
Permanence?
![Page 16: Computer Security](https://reader036.vdocuments.us/reader036/viewer/2022081516/56813a10550346895da1e879/html5/thumbnails/16.jpg)
Fingerprint: Permanence
High! Despite of affections during lifetime (injuries),
the fingerprint pattern is preserved during skin alterations during lifetime.
![Page 17: Computer Security](https://reader036.vdocuments.us/reader036/viewer/2022081516/56813a10550346895da1e879/html5/thumbnails/17.jpg)
Our criteria (L,M,H)
Collectability?
![Page 18: Computer Security](https://reader036.vdocuments.us/reader036/viewer/2022081516/56813a10550346895da1e879/html5/thumbnails/18.jpg)
Fingerprint: Collectability
Medium! Need special devices and procedures to
visualize a fingerprint. Comparison of two fingerprints is very hard
for the naked eye, and needs training and expertize.
![Page 19: Computer Security](https://reader036.vdocuments.us/reader036/viewer/2022081516/56813a10550346895da1e879/html5/thumbnails/19.jpg)
Our criteria (L,M,H)
Performance?
![Page 20: Computer Security](https://reader036.vdocuments.us/reader036/viewer/2022081516/56813a10550346895da1e879/html5/thumbnails/20.jpg)
Fingerprint: Performance
High! Accuracy: allows for the identification of a
fingerprint among several thousands of fingerprints (but not millions!)
Speed: Verification is today possible “on-board”, needs a few millisecond on modern computer (acquisition takes longer!)
Robustness: error measures state a FAR at 1% for a FRR of 0.1%. What does this mean? Later!
![Page 21: Computer Security](https://reader036.vdocuments.us/reader036/viewer/2022081516/56813a10550346895da1e879/html5/thumbnails/21.jpg)
Our criteria (L,M,H)
Acceptability?
![Page 22: Computer Security](https://reader036.vdocuments.us/reader036/viewer/2022081516/56813a10550346895da1e879/html5/thumbnails/22.jpg)
Fingerprint: Acceptability
Medium! Usual association of taking a fingerprint is
related to crime cases. Many countries pose data protection
regulations on the collection of fingerprints (often only databases of criminals and public authorities are allowed to be collected).
The fingerprint pattern can be easily “stolen.”
![Page 23: Computer Security](https://reader036.vdocuments.us/reader036/viewer/2022081516/56813a10550346895da1e879/html5/thumbnails/23.jpg)
Our criteria (L,M,H)
Circumvention?
![Page 24: Computer Security](https://reader036.vdocuments.us/reader036/viewer/2022081516/56813a10550346895da1e879/html5/thumbnails/24.jpg)
Fingerprint: Circumvention
Medium! (some say High) Gels can be used to produce a copy of the
ridge pattern of a person. Finger gloves also fake human warmth.
![Page 25: Computer Security](https://reader036.vdocuments.us/reader036/viewer/2022081516/56813a10550346895da1e879/html5/thumbnails/25.jpg)
Fingerprint: Bonus
Do other animals have fingerprints?
More similar to human than primates: from which animal is the fingerprint to the left?
![Page 26: Computer Security](https://reader036.vdocuments.us/reader036/viewer/2022081516/56813a10550346895da1e879/html5/thumbnails/26.jpg)
How does it work?
![Page 27: Computer Security](https://reader036.vdocuments.us/reader036/viewer/2022081516/56813a10550346895da1e879/html5/thumbnails/27.jpg)
Fingerprint Sensors
optical
capacitive
thermal
![Page 28: Computer Security](https://reader036.vdocuments.us/reader036/viewer/2022081516/56813a10550346895da1e879/html5/thumbnails/28.jpg)
Biometric workflow
![Page 29: Computer Security](https://reader036.vdocuments.us/reader036/viewer/2022081516/56813a10550346895da1e879/html5/thumbnails/29.jpg)
Minutia and Terminals
Unique features of a fingerprint pattern are the location of forkings of ridges (minutiae) and their endpoints (terminals).
Most persons have between 20 and 80 such positions.
The set of all minutiae and terminals of a given fingerprint is called a template. It is used for comparing two fingerprints.
![Page 30: Computer Security](https://reader036.vdocuments.us/reader036/viewer/2022081516/56813a10550346895da1e879/html5/thumbnails/30.jpg)
Forkings and Endings
Mahadik, S., Narayanan, K., Bhoir, D. V., and Shah, D. 2009. Access Control System using fingerprint recognition. In Proceedings of the international Conference on Advances in Computing, Communication and Control (Mumbai, India, January 23 - 24, 2009). ICAC3 '09. ACM, New York, NY, 306-311. DOI= http://doi.acm.org/10.1145/1523103.1523166
![Page 31: Computer Security](https://reader036.vdocuments.us/reader036/viewer/2022081516/56813a10550346895da1e879/html5/thumbnails/31.jpg)
Fingerprint Scan
Fingerpint image, as received from sensor. First it needs to enhance the contrast of the image. The goal is to enhance the ridge structures of the fingerprint.
![Page 32: Computer Security](https://reader036.vdocuments.us/reader036/viewer/2022081516/56813a10550346895da1e879/html5/thumbnails/32.jpg)
Image Enhancement
In smaller areas of the image, the ridges appear to be parallel straight lines – thus having frequency and orientation. A method called Fourier Transformation can be used to filter only the lines having the major frequency and orientation.
orientationorientation
frequencyfrequency
![Page 33: Computer Security](https://reader036.vdocuments.us/reader036/viewer/2022081516/56813a10550346895da1e879/html5/thumbnails/33.jpg)
Binarization
All pixels in the image are either assigned Black (0) or White (255) by using a threshold.
![Page 34: Computer Security](https://reader036.vdocuments.us/reader036/viewer/2022081516/56813a10550346895da1e879/html5/thumbnails/34.jpg)
Orientation Field
For some points, the direction of the line is represented by an arrow. This also helps to identify the fingerprint class (but not used in this system).
![Page 35: Computer Security](https://reader036.vdocuments.us/reader036/viewer/2022081516/56813a10550346895da1e879/html5/thumbnails/35.jpg)
Region of Interest (ROI)
The further processing has to be restricted to some part of the image. Only in this part, the minutia and terminals can be safely extracted. Other parts, out of the border, will not provide a good enough quality.
![Page 36: Computer Security](https://reader036.vdocuments.us/reader036/viewer/2022081516/56813a10550346895da1e879/html5/thumbnails/36.jpg)
Thinning
The ridges (lines in the image) are “eroded,” until only a line of one pixel width remains – but while preserving the topological structure of the connected parts of the binary image.
There are several algorithms for such a Thinning, mostly from the so-called Mathematical Morphology, a discipline of image processing.
![Page 37: Computer Security](https://reader036.vdocuments.us/reader036/viewer/2022081516/56813a10550346895da1e879/html5/thumbnails/37.jpg)
Candidate Points
From the former result, candidates for minutia and terminal positions can be found by looking into the neighborhood of each white point.
However, it can be seen that there are too many candidates, some only caused by artefacts of the thinning process. Using the ROI, and other information, the wrong candidates can be removed.
![Page 38: Computer Security](https://reader036.vdocuments.us/reader036/viewer/2022081516/56813a10550346895da1e879/html5/thumbnails/38.jpg)
Final Result
![Page 39: Computer Security](https://reader036.vdocuments.us/reader036/viewer/2022081516/56813a10550346895da1e879/html5/thumbnails/39.jpg)
Biometric workflow
![Page 40: Computer Security](https://reader036.vdocuments.us/reader036/viewer/2022081516/56813a10550346895da1e879/html5/thumbnails/40.jpg)
Affine Matching
![Page 41: Computer Security](https://reader036.vdocuments.us/reader036/viewer/2022081516/56813a10550346895da1e879/html5/thumbnails/41.jpg)
Matching
Template to test Stored Template
![Page 42: Computer Security](https://reader036.vdocuments.us/reader036/viewer/2022081516/56813a10550346895da1e879/html5/thumbnails/42.jpg)
Assumed Corresponding Points
Template to test Stored Template
![Page 43: Computer Security](https://reader036.vdocuments.us/reader036/viewer/2022081516/56813a10550346895da1e879/html5/thumbnails/43.jpg)
Testing
Template to test Stored Template
according to assumed correspondance, points should be e.g. about here in the stored template
according to assumed correspondance, points should be e.g. about here in the stored template
one nearly matches, the other do notone nearly matches, the other do not
![Page 44: Computer Security](https://reader036.vdocuments.us/reader036/viewer/2022081516/56813a10550346895da1e879/html5/thumbnails/44.jpg)
Better assumed corresponding points
Template to test Stored Template
![Page 45: Computer Security](https://reader036.vdocuments.us/reader036/viewer/2022081516/56813a10550346895da1e879/html5/thumbnails/45.jpg)
Better assumed corresponding points
Template to test Stored Template
now, nearly each estimated position is about correct
now, nearly each estimated position is about correct
![Page 46: Computer Security](https://reader036.vdocuments.us/reader036/viewer/2022081516/56813a10550346895da1e879/html5/thumbnails/46.jpg)
Last but not least...
• the pair of points, for which the number of matching other points is highest, is found (A,B)
• the ratio for these matching points is determined (80%)
• if it is larger than a threshold, than the system replies that both fingerprints are from the same person (same finger) (80% > 70% -> ok)
• note that this threshold is important for the correct decision of the system
![Page 47: Computer Security](https://reader036.vdocuments.us/reader036/viewer/2022081516/56813a10550346895da1e879/html5/thumbnails/47.jpg)
Performance
A biometric system can make two kinds of errors, false acceptances and false rejections – the best trade-off between them is called equal error rate and an objective measure for biometric system performance
However, the weighting of these two errors might be different (forgeries are not as likely as correct transactions)
![Page 48: Computer Security](https://reader036.vdocuments.us/reader036/viewer/2022081516/56813a10550346895da1e879/html5/thumbnails/48.jpg)
False Acceptance
• the template to test is from person A, the stored template from person B
• the system replies that the fingerprints are the same (and the door opens...)
• this is a False Acceptance• the ratio among a number of test then is
called False Acceptance Rate (FAR)
![Page 49: Computer Security](https://reader036.vdocuments.us/reader036/viewer/2022081516/56813a10550346895da1e879/html5/thumbnails/49.jpg)
False Rejection
• the template to test is from person A, the stored template also from person A
• the system replies that the fingerprints are different (and keeps the door closed...)
• this is a False Rejection• the ratio among a number of test then is
called False Rejection Rate (FRR)
![Page 50: Computer Security](https://reader036.vdocuments.us/reader036/viewer/2022081516/56813a10550346895da1e879/html5/thumbnails/50.jpg)
Equal Error Rate
• but the reply of the system depends on the threshold
• assume the treshold t varies from 0% to 100%
• for 0%, any match is larger, and the system will always ACCEPT, so FAR will be 100%, and FRR will be 0%
• for 100%, the system will never ACCEPT, thus FAR is 0%, and FRR is 100%
• if threshold goes from 0% to 100%, the FAR line will decrease from 100% to 0%, the FRR will increase from 0% to 100%
• thus, both lines will intersect for some threshold
• this is the so-called equal error rate (EER)
![Page 51: Computer Security](https://reader036.vdocuments.us/reader036/viewer/2022081516/56813a10550346895da1e879/html5/thumbnails/51.jpg)
State-of-the-Art