Published on

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide


  1. 1. International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print), INTERNATIONAL JOURNAL OF COMPUTER ENGINEERING & ISSN 0976 - 6375(Online), Volume 4, Issue 6, November - December (2013), © IAEME TECHNOLOGY (IJCET) ISSN 0976 – 6367(Print) ISSN 0976 – 6375(Online) Volume 4, Issue 6, November - December (2013), pp. 414-422 © IAEME: www.iaeme.com/ijcet.asp Journal Impact Factor (2013): 6.1302 (Calculated by GISI) www.jifactor.com IJCET ©IAEME ENHANCED BIOMETRIC BASED AUTHENTICATION FOR NETWORK SECURITY USING IRIS Mohamed Basheer. K. P Research Scholar, Jamal Mohammed College, Tiruchirappalli, Tamil Nadu, India Dr. T. Abdul Razak Associate Professor & Research Supervisor, Jamal Mohammed College, Tiruchirappalli, Tamil Nadu, India ABSTRACT Information security becomes a very difficult task because of the increased number of thefts. The conventional security system uses password or security key for authentication, though those passwords and security keys can be easily stolen. To overcome these issues, biometrics of a person is used to secure the system. The usage of biometrics system permits the recognition of a living person according to the physiological features or behavioral features to be recognized without human involvement. This paper uses iris biometric system for efficient biometric based authentication for network security. It proposes a novel method using iris authentication system which is more accurate than other biometric system. The iris localization and normalization techniques are used to make the biometric template noise free which gives better result than the existing methods in authentication process. The experimental results obtained show that the proposed method could effectively provide network security. 1. INTRODUCTION In information technology, increasing emphasis on security has resulted in more attention to automatic personal identification system based on biometrics. There are more and more industries going the biometric way. In the modern era, it has become more important to move towards technologies which are more secure and ensure privacy. Biometrics deals with automated methods of recognizing a person based on physiological characteristics such as face, fingerprints, hand geometry, iris, retina, and vein. Biometric authentication techniques based on iris patterns are suitable for high level security systems. 414
  2. 2. International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print), ISSN 0976 - 6375(Online), Volume 4, Issue 6, November - December (2013), © IAEME Recently, human iris biometric based identification has attracted the attention of research and development community. Iris recognition has many advantages over the other forms of biometric identification. Iris is the annular ring between the pupil and the sclera of the eye. The structure of iris is fixed from about one year in age and remains constant overtime. It exhibits long-term stability and infrequent re-enrolment requirements. The variations in the gray level intensity values distinguish two individuals. The iris is highly protected, noninvasive and ideal for handling applications requiring management of large user groups, like voter ID management. The iris recognition techniques potentially prevent unauthorized access to ATMs, cellular phones, desktop PCs, workstations, buildings and computer networks. The accuracy of iris recognition systems is proven to be much higher compared to other types of biometric systems like fingerprint, handprint and voiceprint. [1,2] Human iris recognition process is basically divided into two phases. The phase, which deals with the extraction of iris features from an eye image, and storing them into database is called the “enrollment process”. At the time of matching we capture the iris features of a human and compare them with the stored features. This is called the “matching process”. Each of the above phases are complex and hence is divided into several sub tasks. The feature processing task is basically composed of two sub tasks: feature extraction and feature encoding. In the feature extraction task, we capture the discriminant iris features from a normalized iris image. There are several methods to capture the iris features. Gabor filter is used in several works. The other methods for iris feature extraction include Log-Gabor wavelet, Haar wavelet, Laplacian-of-Gaussian filter, Gaussian Hermitte moments, etc. It is reviewed that the number of extracted iris features in the existing work is very high. The existing approaches require higher number of bits to represent the iris features and as a consequence the need for higher computations to process these iris features. This paper addressed this limitation and focuses on reducing the number of iris features without compromising the accuracy rate. We propose an encoding scheme to store an iris feature with a lesser number of bits [3, 4]. S. C. Chong et.al [5] proposed a biometrics formulation which is based on the concealment of random kernel and the iris images to synthesize minimum average correlation energy filter for iris authentication. Particularly, the training images are multiplied with the user-specific random kernel in frequency domain before biometric filter is created. The main aim of the proposed technique is to provide private biometrics realization in iris authentication in which biometric template can be reissued once it was compromised. This paper mainly focuses on approaches for network security for personal authentication, where the biometric features used for authentication are fingerprint, iris and retina. Among these three biometrics, iris for personal authentication is implemented by using this approach. The phases included in this proposed iris based approach are user registration, extraction of retinal minutiae points, extraction of minutiae feature, generation of secret key, extraction of lock/unlock data. 2. RELATED WORK J. Daugman [6] uses the two dimensional version of Gabor filters, to extract the iris features and demodulates the output of the Gabor filters in order to compress the data. Demodulation is done by quantizing the phase information into four levels for each possible quadrant in the complex plane. These four levels are represented using two bits of data. In other words, each pixel in the normalized iris pattern corresponds to two bits of data in the iris template. A total of 2,048 bits are calculated for the template, and an equal number of masking bits are generated in order to mask out corrupted regions within the iris. This creates a compact 256- byte template. M. Vasta et al. [7] use Log-Gabor filter for iris feature extraction. Wildes R [8] represents the iris texture with a Laplacian of Gaussian filter constructed with four different resolution levels. Gaussian-Hermite moments are used for 415
  3. 3. International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print), ISSN 0976 - 6375(Online), Volume 4, Issue 6, November - December (2013), © IAEME texture feature extraction with mathematical orthogonal and effectiveness for characterizing local details of the signal. The one-dimensional continuous wavelet transform is used to decompose iris image. Here, each decomposed one-dimensional waveform is approximated by an optimal piecewise linear curve connecting a small set of node points, which is used as a feature vector. There are several matching techniques to match a captured iris template with enrolled template. Among all these Hamming distance, weighted Euclidean distance and Normalized Correlation [10] measurement techniques are popular. The Hamming distance [11] gives a measure of how many bits are same between two bit patterns. The Hamming distance via the XOR operator is used for the similarity measure between two iris templates [12]. The Weighted Euclidean distance is used to compare two iris templates. The weighted Euclidean distance gives a measure of how similar a collection of values are between two templates. The weighted Euclidean distance can be used to compare two templates, especially if the template is composed of integer values. Muhammad Khurram Khana et al. [13] have proposed an improved multimodal face and fingerprint biometrics authentication technique on space-limited tokens, e.g., smart cards, driver license and Radio Frequency IDentification (RFID) card. Fingerprint templates were encrypted and encoded/embedded within face images by which the characteristic features do not get disturbed radically through the process of encoding and decoding. It is observed from the experimental results that the presented technique was an inexpensive alternate to the multimodal biometrics authentication on space-limited tokens without downgrading the whole decoding and matching the performance of the biometrics technique. Yunsu Chung et al. [14] described a technique for biometric based secret key generation for protection mechanism. The strap of the user's identity and biometric feature data to an entity is provided by an authority through a digitally signed data structure called a biometric certificate. Therefore, the main objective of their work is to propose a simple method for generating biometric digital key with biometric certificate on fuzzy fingerprint vault mechanism. Biometric digital key from biometric data has a lot of applications such as automatic identification, user authentication with message encryption, etc. Therefore, their work analyzed the associated scheme and proposed a simplified model where a general fuzzy fingerprint vault using biometric certificate with security consideration. Sandip Dutta et al. [15] presented a new method for providing network security using biometric and cryptography. They proposed a biometrics-based encryption/decryption method, in which unique key is generated using partial portion of combined sender's and receiver’s fingerprints. From this inimitable key a random sequence is generated, which is used as an asymmetric key for both encryption and decryption. The inimitable key is sent by the sender after watermarking it in sender’s fingerprint along with encrypted message. The computational requirement and network security features are described. 3. METHODOLOGY Authentication systems contribute major role in many applications. Fig. 1 shows steps involved in extracting feature point for iris. 416
  4. 4. International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print), ISSN 0976 - 6375(Online), Volume 4, Issue 6, November - December (2013), © IAEME Pre Processing Steps Input Image Normalization Preprocessing Orientation Estimation Minutiae Feature Extraction Frequency Estimation Mapping Function Filtering Thinning Fig 1: Steps involved in Extracting Feature Point for Iris 3.1 Iris Based Authentication and Key Exchange System Current cryptographic techniques need their keys to be very lengthy and arbitrary for better security, specifically, 128 bits for authentication and key exchange system (AES) [16]. These keys are accumulated in smart cards and can be used throughout encryption/decryption process by using proper authentication. There are two key difficulties with these keys: One of the major difficulties is randomness. The randomness obtained from the current mathematical algorithms is not adequate to support the users for commercial applications. The second difficulty is authentication. Most of the authentication mechanisms use passwords to release the exact decrypting key, but these mechanisms are incapable of providing non-repudiation. 3.2 Extraction of Minutiae Feature The iris images from CASIA Iris image Database and CUHK Iris Database are used in this proposed approach. CASIA Iris Image Data base contains a total number of 756 iris image which are taken in two different time frames. Every iris image is 8-bit grey scale with resolution 320 X 280. Canny edge detection technique is carried out mutually in vertical and horizontal directions as suggested by Wildes. The CASIA iris image database has iris radius 80 to 150 pixels and pupil radius from 30 to 75 pixels, which are found manually and given to the Hough transform. Hough transform is performed initially for iris/sclera boundary and then to iris/pupil boundary to get accurate results. The output of this step results in storing the radius and x, y parameters of inner and outer circles. Canny edge detection is used to construct edges in horizontal direction and then Hough transform is implemented on it. If the maximum Hough space is less than the threshold it represents 417
  5. 5. International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print), ISSN 0976 - 6375(Online), Volume 4, Issue 6, November - December (2013), © IAEME non occlusion of eyelids. For isolating eyelashes it is easier by using thresholding, since they are darker when compared with other elements in eye. The eye images collected from the above database are of grey scale and their contrast is enhanced using histogram equalization. The localized iris image is shown in Fig. 2. Figure 2: Localized iris image Daugman [17] suggested normal Cartesian to polar transformation that maps each pixel in the iris area into a pair of polar coordinates(r, θ), where r and θ are on the intervals of [0 1] and [0 2π] respectively. Fig 3 shows the normalized iris image. Fig 3: Normalized Iris A. Generation of Secret Key A typical iris exhibits rich texture information in the immediate vicinity of the pupil which tapers away intensity as one moves away from the pupil. Similarly, there is a chance of having noise in iris patterns at the top and bottom rows even after preprocessing. Also the iris pixels near the pupil have more variations than those of farther from the pupil. Thus after leaving 3 rows of patterns both at bottom and top, the remaining rows are used to extract the key. 418
  6. 6. International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print), ISSN 0976 - 6375(Online), Volume 4, Issue 6, November - December (2013), © IAEME B. Extraction of Lock/Unlock Data On the highlighted iris structures as a whole, the following sequence of morphological operations [18] is used to extract the pseudo structures. The morphological operations are used to remove structures according to its size resulting image with structures disposed in layers and thresholding is applied to obtain binary image. For appropriate representation of structures, thinning is used so that it presents every structure itself as an agglomerate of pixels. C. Implementation Stage The implementation stage of the proposed approach comprises of transformation, encoding, and decoding and iris authentication protocol. (i) Transformation Simple operations such as translation and permutation are used to transform the original minutiae features into new minutiae. The password given by the user is limited to 8 characters so that its length is 64 bits, which is divided into 4 blocks of each 16 bits length. Similarly iris circular rim containing minutiae is divided into 4 quadrants. Each password block is divided into two components Tr of 7 bits and Tθ of 9 bits length, where Tr is the translation in radial direction and Tθ is in angular direction. These translation values are added to original values with modulo of appropriate range. That is Qr′= (Qr+ Tr)mod(27) and Qθ′= (Qθ+Tθ)mod(29) where Qr and Qr′ are the radial values before and after transmission respectively. Similarly Qθ and Qθ′ are the angular values before and after transformation respectively. (ii) Encoding The transformed minutiae are encoded in the database using the password as described in the earlier section. This layer of encryption prevents an imposter without the knowledge of the password from modifying the database. (iii) Decoding During authentication phase, the encrypted database and the minutiae data are decrypted using the password given by the user. The template and query data sets are aligned and the password based transformation is applied to these query minutiae and used for unlocking the database. (iv) The Proposed Iris Authentication Protocol The proposed authentication protocol uses Lipmaa’s PIR [19] as it has one of the best known communication complexities. The iris features are used in this authentication protocol. Thus, the proposed approach uses the iris biometric for network security and deniable authentication protocol. 4. EXPERIMENTAL RESULTS In order to evaluate the proposed method, Iris samples are taken from CASIA and CUHK datasets. In the context of modern biometrics, these features called “iris minutiae”, can be captured, analyzed, and compared electronically, with correlations drawn between a live sample and a reference sample, as with other biometric technologies. There are two requirements for registration using iris. The user should obtain the biometric feature from his/her iris using such appropriate image processing techniques as the one mentioned in the previous section. The second is that the minutia template supposed to be encrypted with AES 128 bit symmetric cipher and is then transmitted to the server for storage in the database, so that it should not be possible for an outside attacker to determine the biometric feature by an exhaustive search at the server side. 419
  7. 7. International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print), ISSN 0976 - 6375(Online), Volume 4, Issue 6, November - December (2013), © IAEME Quadrant Table 1: List of iris minutiae Orientation Distance Qr Qθ (7 –bits) (9-bits) I 41 99 8 III 94 140 IV 18 0101001 000110110 1100011 000001000 1011110 010001100 0010010 010011110 54 II Minutiae Value (16-bits) 158 The polar indices Qr (radial value) and Qθ (angular value) of nodes and end points are used for projections of the polynomial. Some of the minutiae extracted from a sample iris are shown in Table 1. The password used for the transformation is 'IRISFEATURES'. In the Table, 1 represents a ridge ending point and 0 represents a secluded point in an iris image. The performance measures obtained, exposed that the proposed method could effectively provide network security. Therefore it can be directly applied to strengthen the existing standard single-server biometric based security applications. Table 2: False Acceptance Rate (FAR) Biometric Feature Images Existing Iris key authentication Proposed Iris key authentication 1-10 0.39 0.38 11-20 0.47 0.43 21-30 0.52 0.47 31-40 0.59 0.51 Table 3: False Rejection Rate (FRR) Biometric Feature Images Existing Iris key authentication Proposed Iris key authentication 1-10 0.89 0.41 11-20 21-30 31-40 0.89 0.92 0.90 0.40 0.37 0.36 Table 2 shows the resulted False Acceptance Rate (FAR) for the proposed and existing technique. From the result, it can be observed that the proposed technique results in lesser FAR for all the biometric features, whereas the existing techniques results with higher percentage of FAR. From the Table 3, it can be observed that the proposed technique results in lesser False Rejection Rate (FRR) when compared to the existing technique. From all the results obtained, it can be said that the proposed technique results in better security than the existing technique. 420
  8. 8. International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print), ISSN 0976 - 6375(Online), Volume 4, Issue 6, November - December (2013), © IAEME 5. CONCLUSION The paper proposed a novel biometric personal authentication system using a novel Iris Key Exchange Authentication for Network Security. The performance was evaluated based on the parametric standards such as FAR and FRR. While comparing with the existing biometric techniques, it is observed from the tables that the proposed biometric technique provide better FAR and FRR. Therefore it can be directly applied to strengthen the existing standard single-server biometric based security applications. For further enhancing the network security, Iris can be fused with other type of biometric systems. REFERENCES [1] [2] [3] [4] [5] [6] [7] [8] [9] [10] [11] [12] [13] [14] [15] Y. J. Chang, Z. Wende, and T. Chen, “Biometrics- based cryptographic key generation," IEEE International Conference on Multimedia and Expo, vol. 3, p. 2203-2206, 2004. Mr.P.Balakumar1and Dr.R.Venkatesan,., “Secure Biometric Key Generation Scheme for Cryptography using Combined Biometric Features of Fingerprint and Iris”. IJCSI International Journal of Computer Science Issues, Vol. 8, Issue 5, No 2, September 2011. J. G. Daugman. High Confidence Visual Recognition of Persons by a Test of Statistical Independence. IEEE Transactions on Pattern Analysis and Machine Intelligence, 15(11):1148–1161, November 1993. John Daugman. Iris Recognition. American Scientist, 89:326–333, JulyAugust 2001. S. C. Chong, A. B. J. Teoh, and D. C. L. Ngo, “Iris authentication using privatized advanced correlation filter,” in ICB, pages 382–388, 2006. J. Daugman. “How iris recognition works”. IEEE Transactions on Circuits and Systems for Video Technology, 14(1):21– 30, 2004. M. Vasta, R. Singh, and A.Noore. Reducing the False Rejection Rate of Iris Recognition Using Textural and Topological Fearures. International Journal of Signal Processing, 2(2):66–72, 2005. Wildes R, “Iris Recognition: An Emerging Biometric Technology”, Proceedings of the IEEE, Vol. 85, Pp 1348-1363, 1999. Klein, “Foiling the cracker: A survey of, and improvements to, password security," Proceedings of the 2nd USENIX Security Workshop, pp. 5-14, Aug. 1990. Anil Jain, Umut Uludag and Arun Ross, “Biometric Template Selection: A Case Study in Fingerprints”, Proceeding of 4th International Conference on Audio- and Video-Based Person Authentication (AVBPA), Guildford, UK, Pp. 335-342, 2003. I. Armstrong. Passwords exposed: users are the weakest link. Available at http://www.safestone.com/downloads/news/news passwords exposed sc magazine may03.pdf, 2003. Gang Zheng, Wanqing Li and Ce Zhan, “Cryptographic Key Generation from Biometric Data using Lattice Mapping”, Proceedings of the 18th International Conference on Pattern Recognition, Vol. 4, Pp. 513 - 516, 2006. Muhammad Khurram Khan and Jiashu Zhang, “Multimodal Face and Fingerprint Biometrics Authentication on Space-Limited Tokens”, Neuro Computing, Vol. 71, Pp. 3026-3031, 2008. Yunsu Chung, Kiyoung Moon, and Hyung-Woo Lee, “Biometric Certificate Based Biometric Digital Key Generation with Protection Mechanism,” Frontiers in the Convergence of Bioscience and Information Technologies, pp. 709-714, 2007. Sandip Dutta, Avijit Kar, N. C. Mahanti, and B. N. Chatterji, “Network Security Using Biometric and Cryptography,” Proceedings of the 10th International Conference on Advanced Concepts for Intelligent Vision Systems, pp. 38-44, 2008. 421
  9. 9. International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print), ISSN 0976 - 6375(Online), Volume 4, Issue 6, November - December (2013), © IAEME [16] Srinivasa Reddy E and Ramesh Babu I, “Performance of Iris based Hard Fuzzy Vault”, International Journal of Computer Science and Network Security, Vol. 8 No.1, Pp. 297-304, 2008. [17] Daugman J, “How Iris Recognition Works”, IEEE Transactions on Circuits and Systems for Video Technology, Vol. 14, No. 1, Pp. 21-30, 2004. [18] Jean Serra, “Morphological Image Operators (Henk J. A. M. Heijmans)”, Siam Review, Vol. 38, No. 1, 1996. [19] Lipmaa H, “An Oblivious Transfer Protocol with Log-Squared Communication” 8th Information Security Conference (ISC), Vol. 3650 of LNCS, pp. 314–328, Singapore, 2005. [20] Mumtaz M.A. Al-Mukhtar and Badour W. Kasim, “A Honeynet Framework to Promote Enterprise Network Security”, International journal of Computer Engineering & Technology (IJCET), Volume 4, Issue 1, 2013, pp. 404 - 413, ISSN Print: 0976 – 6367, ISSN Online: 0976 – 6375. [21] Vijay M.Mane, GauravV. Chalkikar and Milind E. Rane, “Multiscale Iris Recognition System”, International Journal of Electronics and Communication Engineering & Technology (IJECET), Volume 3, Issue 1, 2012, pp. 317 - 324, ISSN Print: 0976- 6464, ISSN Online: 0976 –6472. [22] Sayeesh and Dr. Nagaratna P. Hegde, “A Comparison of Multiple Wavelet Algorithms For Iris Recognition”, International journal of Computer Engineering & Technology (IJCET), Volume 4, Issue 2, 2013, pp. 386 - 395, ISSN Print: 0976 – 6367, ISSN Online: 0976 – 6375. , 422