More Related Content
Similar to 50120130406045
Similar to 50120130406045 (20)
More from IAEME Publication
More from IAEME Publication (20)
50120130406045
- 1. International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print),
INTERNATIONAL JOURNAL OF COMPUTER ENGINEERING &
ISSN 0976 - 6375(Online), Volume 4, Issue 6, November - December (2013), © IAEME
TECHNOLOGY (IJCET)
ISSN 0976 – 6367(Print)
ISSN 0976 – 6375(Online)
Volume 4, Issue 6, November - December (2013), pp. 414-422
© IAEME: www.iaeme.com/ijcet.asp
Journal Impact Factor (2013): 6.1302 (Calculated by GISI)
www.jifactor.com
IJCET
©IAEME
ENHANCED BIOMETRIC BASED AUTHENTICATION FOR NETWORK
SECURITY USING IRIS
Mohamed Basheer. K. P
Research Scholar, Jamal Mohammed College, Tiruchirappalli, Tamil Nadu, India
Dr. T. Abdul Razak
Associate Professor & Research Supervisor,
Jamal Mohammed College, Tiruchirappalli, Tamil Nadu, India
ABSTRACT
Information security becomes a very difficult task because of the increased number of thefts.
The conventional security system uses password or security key for authentication, though those
passwords and security keys can be easily stolen. To overcome these issues, biometrics of a person is
used to secure the system. The usage of biometrics system permits the recognition of a living person
according to the physiological features or behavioral features to be recognized without human
involvement. This paper uses iris biometric system for efficient biometric based authentication for
network security. It proposes a novel method using iris authentication system which is more accurate
than other biometric system. The iris localization and normalization techniques are used to make the
biometric template noise free which gives better result than the existing methods in authentication
process. The experimental results obtained show that the proposed method could effectively provide
network security.
1. INTRODUCTION
In information technology, increasing emphasis on security has resulted in more attention to
automatic personal identification system based on biometrics. There are more and more industries
going the biometric way. In the modern era, it has become more important to move towards
technologies which are more secure and ensure privacy. Biometrics deals with automated methods of
recognizing a person based on physiological characteristics such as face, fingerprints, hand
geometry, iris, retina, and vein. Biometric authentication techniques based on iris patterns are
suitable for high level security systems.
414
- 2. International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print),
ISSN 0976 - 6375(Online), Volume 4, Issue 6, November - December (2013), © IAEME
Recently, human iris biometric based identification has attracted the attention of research and
development community. Iris recognition has many advantages over the other forms of biometric
identification. Iris is the annular ring between the pupil and the sclera of the eye. The structure of iris
is fixed from about one year in age and remains constant overtime. It exhibits long-term stability and
infrequent re-enrolment requirements. The variations in the gray level intensity values distinguish
two individuals. The iris is highly protected, noninvasive and ideal for handling applications
requiring management of large user groups, like voter ID management. The iris recognition
techniques potentially prevent unauthorized access to ATMs, cellular phones, desktop PCs,
workstations, buildings and computer networks. The accuracy of iris recognition systems is proven
to be much higher compared to other types of biometric systems like fingerprint, handprint and
voiceprint. [1,2]
Human iris recognition process is basically divided into two phases. The phase, which deals
with the extraction of iris features from an eye image, and storing them into database is called the
“enrollment process”. At the time of matching we capture the iris features of a human and compare
them with the stored features. This is called the “matching process”. Each of the above phases are
complex and hence is divided into several sub tasks.
The feature processing task is basically composed of two sub tasks: feature extraction and
feature encoding. In the feature extraction task, we capture the discriminant iris features from a
normalized iris image. There are several methods to capture the iris features. Gabor filter is used in
several works. The other methods for iris feature extraction include Log-Gabor wavelet, Haar
wavelet, Laplacian-of-Gaussian filter, Gaussian Hermitte moments, etc. It is reviewed that the
number of extracted iris features in the existing work is very high. The existing approaches require
higher number of bits to represent the iris features and as a consequence the need for higher
computations to process these iris features. This paper addressed this limitation and focuses on
reducing the number of iris features without compromising the accuracy rate. We propose an
encoding scheme to store an iris feature with a lesser number of bits [3, 4].
S. C. Chong et.al [5] proposed a biometrics formulation which is based on the concealment of
random kernel and the iris images to synthesize minimum average correlation energy filter for iris
authentication. Particularly, the training images are multiplied with the user-specific random kernel
in frequency domain before biometric filter is created. The main aim of the proposed technique is to
provide private biometrics realization in iris authentication in which biometric template can be
reissued once it was compromised.
This paper mainly focuses on approaches for network security for personal authentication,
where the biometric features used for authentication are fingerprint, iris and retina. Among these
three biometrics, iris for personal authentication is implemented by using this approach. The phases
included in this proposed iris based approach are user registration, extraction of retinal minutiae
points, extraction of minutiae feature, generation of secret key, extraction of lock/unlock data.
2. RELATED WORK
J. Daugman [6] uses the two dimensional version of Gabor filters, to extract the iris features
and demodulates the output of the Gabor filters in order to compress the data. Demodulation is done
by quantizing the phase information into four levels for each possible quadrant in the complex plane.
These four levels are represented using two bits of data. In other words, each pixel in the normalized
iris pattern corresponds to two bits of data in the iris template. A total of 2,048 bits are calculated for
the template, and an equal number of masking bits are generated in order to mask out corrupted
regions within the iris. This creates a compact 256- byte template. M. Vasta et al. [7] use Log-Gabor
filter for iris feature extraction. Wildes R [8] represents the iris texture with a Laplacian of Gaussian
filter constructed with four different resolution levels. Gaussian-Hermite moments are used for
415
- 3. International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print),
ISSN 0976 - 6375(Online), Volume 4, Issue 6, November - December (2013), © IAEME
texture feature extraction with mathematical orthogonal and effectiveness for characterizing local
details of the signal. The one-dimensional continuous wavelet transform is used to decompose iris
image. Here, each decomposed one-dimensional waveform is approximated by an optimal piecewise
linear curve connecting a small set of node points, which is used as a feature vector.
There are several matching techniques to match a captured iris template with enrolled
template. Among all these Hamming distance, weighted Euclidean distance and Normalized
Correlation [10] measurement techniques are popular. The Hamming distance [11] gives a measure
of how many bits are same between two bit patterns. The Hamming distance via the XOR operator is
used for the similarity measure between two iris templates [12]. The Weighted Euclidean distance is
used to compare two iris templates. The weighted Euclidean distance gives a measure of how similar
a collection of values are between two templates. The weighted Euclidean distance can be used to
compare two templates, especially if the template is composed of integer values.
Muhammad Khurram Khana et al. [13] have proposed an improved multimodal face and
fingerprint biometrics authentication technique on space-limited tokens, e.g., smart cards, driver
license and Radio Frequency IDentification (RFID) card. Fingerprint templates were encrypted and
encoded/embedded within face images by which the characteristic features do not get disturbed
radically through the process of encoding and decoding. It is observed from the experimental results
that the presented technique was an inexpensive alternate to the multimodal biometrics
authentication on space-limited tokens without downgrading the whole decoding and matching the
performance of the biometrics technique.
Yunsu Chung et al. [14] described a technique for biometric based secret key generation for
protection mechanism. The strap of the user's identity and biometric feature data to an entity is
provided by an authority through a digitally signed data structure called a biometric certificate.
Therefore, the main objective of their work is to propose a simple method for generating biometric
digital key with biometric certificate on fuzzy fingerprint vault mechanism. Biometric digital key
from biometric data has a lot of applications such as automatic identification, user authentication
with message encryption, etc. Therefore, their work analyzed the associated scheme and proposed a
simplified model where a general fuzzy fingerprint vault using biometric certificate with security
consideration.
Sandip Dutta et al. [15] presented a new method for providing network security using
biometric and cryptography. They proposed a biometrics-based encryption/decryption method, in
which unique key is generated using partial portion of combined sender's and receiver’s fingerprints.
From this inimitable key a random sequence is generated, which is used as an asymmetric key for
both encryption and decryption. The inimitable key is sent by the sender after watermarking it in
sender’s fingerprint along with encrypted message. The computational requirement and network
security features are described.
3. METHODOLOGY
Authentication systems contribute major role in many applications. Fig. 1 shows steps
involved in extracting feature point for iris.
416
- 4. International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print),
ISSN 0976 - 6375(Online), Volume 4, Issue 6, November - December (2013), © IAEME
Pre Processing Steps
Input Image
Normalization
Preprocessing
Orientation Estimation
Minutiae Feature
Extraction
Frequency Estimation
Mapping Function
Filtering
Thinning
Fig 1: Steps involved in Extracting Feature Point for Iris
3.1
Iris Based Authentication and Key Exchange System
Current cryptographic techniques need their keys to be very lengthy and arbitrary for better
security, specifically, 128 bits for authentication and key exchange system (AES) [16]. These keys
are accumulated in smart cards and can be used throughout encryption/decryption process by using
proper authentication. There are two key difficulties with these keys: One of the major difficulties is
randomness. The randomness obtained from the current mathematical algorithms is not adequate to
support the users for commercial applications. The second difficulty is authentication. Most of the
authentication mechanisms use passwords to release the exact decrypting key, but these mechanisms
are incapable of providing non-repudiation.
3.2
Extraction of Minutiae Feature
The iris images from CASIA Iris image Database and CUHK Iris Database are used in this
proposed approach. CASIA Iris Image Data base contains a total number of 756 iris image which are
taken in two different time frames. Every iris image is 8-bit grey scale with resolution 320 X 280.
Canny edge detection technique is carried out mutually in vertical and horizontal directions
as suggested by Wildes. The CASIA iris image database has iris radius 80 to 150 pixels and pupil
radius from 30 to 75 pixels, which are found manually and given to the Hough transform. Hough
transform is performed initially for iris/sclera boundary and then to iris/pupil boundary to get
accurate results. The output of this step results in storing the radius and x, y parameters of inner and
outer circles.
Canny edge detection is used to construct edges in horizontal direction and then Hough
transform is implemented on it. If the maximum Hough space is less than the threshold it represents
417
- 5. International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print),
ISSN 0976 - 6375(Online), Volume 4, Issue 6, November - December (2013), © IAEME
non occlusion of eyelids. For isolating eyelashes it is easier by using thresholding, since they are
darker when compared with other elements in eye. The eye images collected from the above
database are of grey scale and their contrast is enhanced using histogram equalization. The localized
iris image is shown in Fig. 2.
Figure 2: Localized iris image
Daugman [17] suggested normal Cartesian to polar transformation that maps each pixel in the
iris area into a pair of polar coordinates(r, θ), where r and θ are on the intervals of [0 1] and [0 2π]
respectively. Fig 3 shows the normalized iris image.
Fig 3: Normalized Iris
A.
Generation of Secret Key
A typical iris exhibits rich texture information in the immediate vicinity of the pupil which
tapers away intensity as one moves away from the pupil. Similarly, there is a chance of having noise
in iris patterns at the top and bottom rows even after preprocessing. Also the iris pixels near the pupil
have more variations than those of farther from the pupil. Thus after leaving 3 rows of patterns both
at bottom and top, the remaining rows are used to extract the key.
418
- 6. International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print),
ISSN 0976 - 6375(Online), Volume 4, Issue 6, November - December (2013), © IAEME
B.
Extraction of Lock/Unlock Data
On the highlighted iris structures as a whole, the following sequence of morphological
operations [18] is used to extract the pseudo structures. The morphological operations are used to
remove structures according to its size resulting image with structures disposed in layers and
thresholding is applied to obtain binary image. For appropriate representation of structures, thinning
is used so that it presents every structure itself as an agglomerate of pixels.
C.
Implementation Stage
The implementation stage of the proposed approach comprises of transformation, encoding,
and decoding and iris authentication protocol.
(i) Transformation
Simple operations such as translation and permutation are used to transform the original
minutiae features into new minutiae. The password given by the user is limited to 8 characters so that
its length is 64 bits, which is divided into 4 blocks of each 16 bits length. Similarly iris circular rim
containing minutiae is divided into 4 quadrants. Each password block is divided into two
components Tr of 7 bits and Tθ of 9 bits length, where Tr is the translation in radial direction and Tθ
is in angular direction. These translation values are added to original values with modulo of
appropriate range. That is Qr′= (Qr+ Tr)mod(27) and Qθ′= (Qθ+Tθ)mod(29) where Qr and Qr′ are the
radial values before and after transmission respectively. Similarly Qθ and Qθ′ are the angular values
before and after transformation respectively.
(ii) Encoding
The transformed minutiae are encoded in the database using the password as described in the
earlier section. This layer of encryption prevents an imposter without the knowledge of the password
from modifying the database.
(iii) Decoding
During authentication phase, the encrypted database and the minutiae data are decrypted
using the password given by the user. The template and query data sets are aligned and the password
based transformation is applied to these query minutiae and used for unlocking the database.
(iv) The Proposed Iris Authentication Protocol
The proposed authentication protocol uses Lipmaa’s PIR [19] as it has one of the best known
communication complexities. The iris features are used in this authentication protocol. Thus, the
proposed approach uses the iris biometric for network security and deniable authentication protocol.
4. EXPERIMENTAL RESULTS
In order to evaluate the proposed method, Iris samples are taken from CASIA and CUHK
datasets. In the context of modern biometrics, these features called “iris minutiae”, can be captured,
analyzed, and compared electronically, with correlations drawn between a live sample and a
reference sample, as with other biometric technologies. There are two requirements for registration
using iris. The user should obtain the biometric feature from his/her iris using such appropriate image
processing techniques as the one mentioned in the previous section. The second is that the minutia
template supposed to be encrypted with AES 128 bit symmetric cipher and is then transmitted to the
server for storage in the database, so that it should not be possible for an outside attacker to
determine the biometric feature by an exhaustive search at the server side.
419
- 7. International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print),
ISSN 0976 - 6375(Online), Volume 4, Issue 6, November - December (2013), © IAEME
Quadrant
Table 1: List of iris minutiae
Orientation
Distance Qr
Qθ
(7 –bits)
(9-bits)
I
41
99
8
III
94
140
IV
18
0101001
000110110
1100011
000001000
1011110
010001100
0010010
010011110
54
II
Minutiae Value
(16-bits)
158
The polar indices Qr (radial value) and Qθ (angular value) of nodes and end points are used
for projections of the polynomial. Some of the minutiae extracted from a sample iris are shown in
Table 1. The password used for the transformation is 'IRISFEATURES'. In the Table, 1 represents a
ridge ending point and 0 represents a secluded point in an iris image. The performance measures
obtained, exposed that the proposed method could effectively provide network security. Therefore it
can be directly applied to strengthen the existing standard single-server biometric based security
applications.
Table 2: False Acceptance Rate (FAR)
Biometric Feature
Images
Existing Iris key
authentication
Proposed Iris key
authentication
1-10
0.39
0.38
11-20
0.47
0.43
21-30
0.52
0.47
31-40
0.59
0.51
Table 3: False Rejection Rate (FRR)
Biometric Feature
Images
Existing Iris key
authentication
Proposed Iris key
authentication
1-10
0.89
0.41
11-20
21-30
31-40
0.89
0.92
0.90
0.40
0.37
0.36
Table 2 shows the resulted False Acceptance Rate (FAR) for the proposed and existing
technique. From the result, it can be observed that the proposed technique results in lesser FAR for
all the biometric features, whereas the existing techniques results with higher percentage of FAR.
From the Table 3, it can be observed that the proposed technique results in lesser False Rejection
Rate (FRR) when compared to the existing technique. From all the results obtained, it can be said
that the proposed technique results in better security than the existing technique.
420
- 8. International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print),
ISSN 0976 - 6375(Online), Volume 4, Issue 6, November - December (2013), © IAEME
5. CONCLUSION
The paper proposed a novel biometric personal authentication system using a novel Iris Key
Exchange Authentication for Network Security. The performance was evaluated based on the
parametric standards such as FAR and FRR. While comparing with the existing biometric
techniques, it is observed from the tables that the proposed biometric technique provide better FAR
and FRR. Therefore it can be directly applied to strengthen the existing standard single-server
biometric based security applications. For further enhancing the network security, Iris can be fused
with other type of biometric systems.
REFERENCES
[1]
[2]
[3]
[4]
[5]
[6]
[7]
[8]
[9]
[10]
[11]
[12]
[13]
[14]
[15]
Y. J. Chang, Z. Wende, and T. Chen, “Biometrics- based cryptographic key generation,"
IEEE International Conference on Multimedia and Expo, vol. 3, p. 2203-2206, 2004.
Mr.P.Balakumar1and Dr.R.Venkatesan,., “Secure Biometric Key Generation Scheme for
Cryptography using Combined Biometric Features of Fingerprint and Iris”. IJCSI
International Journal of Computer Science Issues, Vol. 8, Issue 5, No 2, September 2011.
J. G. Daugman. High Confidence Visual Recognition of Persons by a Test of Statistical
Independence. IEEE Transactions on Pattern Analysis and Machine Intelligence,
15(11):1148–1161, November 1993.
John Daugman. Iris Recognition. American Scientist, 89:326–333, JulyAugust 2001.
S. C. Chong, A. B. J. Teoh, and D. C. L. Ngo, “Iris authentication using privatized advanced
correlation filter,” in ICB, pages 382–388, 2006.
J. Daugman. “How iris recognition works”. IEEE Transactions on Circuits and Systems for
Video Technology, 14(1):21– 30, 2004.
M. Vasta, R. Singh, and A.Noore. Reducing the False Rejection Rate of Iris Recognition
Using Textural and Topological Fearures. International Journal of Signal Processing,
2(2):66–72, 2005.
Wildes R, “Iris Recognition: An Emerging Biometric Technology”, Proceedings of the IEEE,
Vol. 85, Pp 1348-1363, 1999.
Klein, “Foiling the cracker: A survey of, and improvements to, password security,"
Proceedings of the 2nd USENIX Security Workshop, pp. 5-14, Aug. 1990.
Anil Jain, Umut Uludag and Arun Ross, “Biometric Template Selection: A Case Study in
Fingerprints”, Proceeding of 4th International Conference on Audio- and Video-Based
Person Authentication (AVBPA), Guildford, UK, Pp. 335-342, 2003.
I. Armstrong. Passwords exposed: users are the weakest link. Available at
http://www.safestone.com/downloads/news/news passwords exposed sc magazine
may03.pdf, 2003.
Gang Zheng, Wanqing Li and Ce Zhan, “Cryptographic Key Generation from Biometric Data
using Lattice Mapping”, Proceedings of the 18th International Conference on Pattern
Recognition, Vol. 4, Pp. 513 - 516, 2006.
Muhammad Khurram Khan and Jiashu Zhang, “Multimodal Face and Fingerprint Biometrics
Authentication on Space-Limited Tokens”, Neuro Computing, Vol. 71, Pp. 3026-3031, 2008.
Yunsu Chung, Kiyoung Moon, and Hyung-Woo Lee, “Biometric Certificate Based Biometric
Digital Key Generation with Protection Mechanism,” Frontiers in the Convergence of
Bioscience and Information Technologies, pp. 709-714, 2007.
Sandip Dutta, Avijit Kar, N. C. Mahanti, and B. N. Chatterji, “Network Security Using
Biometric and Cryptography,” Proceedings of the 10th International Conference on
Advanced Concepts for Intelligent Vision Systems, pp. 38-44, 2008.
421
- 9. International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print),
ISSN 0976 - 6375(Online), Volume 4, Issue 6, November - December (2013), © IAEME
[16] Srinivasa Reddy E and Ramesh Babu I, “Performance of Iris based Hard Fuzzy Vault”,
International Journal of Computer Science and Network Security, Vol. 8 No.1, Pp. 297-304,
2008.
[17] Daugman J, “How Iris Recognition Works”, IEEE Transactions on Circuits and Systems for
Video Technology, Vol. 14, No. 1, Pp. 21-30, 2004.
[18] Jean Serra, “Morphological Image Operators (Henk J. A. M. Heijmans)”, Siam Review, Vol.
38, No. 1, 1996.
[19] Lipmaa H, “An Oblivious Transfer Protocol with Log-Squared Communication” 8th
Information Security Conference (ISC), Vol. 3650 of LNCS, pp. 314–328, Singapore, 2005.
[20] Mumtaz M.A. Al-Mukhtar and Badour W. Kasim, “A Honeynet Framework to Promote
Enterprise Network Security”, International journal of Computer Engineering & Technology
(IJCET), Volume 4, Issue 1, 2013, pp. 404 - 413, ISSN Print: 0976 – 6367, ISSN Online:
0976 – 6375.
[21] Vijay M.Mane, GauravV. Chalkikar and Milind E. Rane, “Multiscale Iris Recognition
System”, International Journal of Electronics and Communication Engineering & Technology
(IJECET), Volume 3, Issue 1, 2012, pp. 317 - 324, ISSN Print: 0976- 6464, ISSN Online:
0976 –6472.
[22] Sayeesh and Dr. Nagaratna P. Hegde, “A Comparison of Multiple Wavelet Algorithms For
Iris Recognition”, International journal of Computer Engineering & Technology (IJCET),
Volume 4, Issue 2, 2013, pp. 386 - 395, ISSN Print: 0976 – 6367, ISSN Online: 0976 – 6375.
,
422