Low overhead octet indexed template security scheme for multi-modal biometric system

Abstract

Multi-modal biometric systems (MBS) are an enhancement of unibiometric systems where recognition is based on multiple biological traits of the user. Once the biological traits of a user are captured through sensors, the unique feature points are extracted from each modality and represented as a feature vector. The privacy and security of feature templates in biometric recognition systems are the top design issues, which is gaining the attention of the majority of research community. In this paper, a hybrid template security technique is designed for a bi-modal biometric system based on fingerprint and hand geometry. The technique first use the bio-hashing, in order to transform the actual feature vectors (FVs) into respective binary feature vectors (BFVs) and then applying a transformation scheme to fuse the binary vectors into a secured template. In order to improve the storage overhead for the protected template, a novel octet indexing technique is applied on the intermediate feature vector (IFV). The proposed technique results in improvement of storage requirement by representing secured template as a 64-bits vector with octet indexing. Furthermore, the proposed technique results in the overall enhancement of the recognition accuracy as compared to fingerprint and hand geometry uni-biometrics. The proposed hybrid scheme results in a recognition rate of 98.4% and an equal error rate (EER) of 0.48%, with improvement in template storage overhead up to 50%.

Keywords

Biometric system feature fusion multimodal biometric template indexing template security

1 Introduction

The authentication based on biometric traits of human being is one of the most reliable and accurate methods in the modern day computing. A biometric based recognition system works on the principle of establishing the identity of an individual by using biological or chemical traits [1]. In the world of digital technology, an accurate and reliable system of authentication is essential for human-computer interaction. These days paradigm is shifting from conventional methods of individual identification to biometric oriented systems. Biometric systems like the fingerprint, face, hand geometry, voice, iris etc., constitute an important security infrastructure in today’s modern life [2, 3]. Biometric systems are also gaining applications in the homeland and biometric security. The biometric based authentication systems are also employed for implementing national identity or voter identity registration systems. Another major application of biometric based authentication system in military security checkpoints for border security. The largest AFIS repository in the USA is maintained by the department of Homeland Security’s US Visit Program, containing more than 120 million individual’s biometric samples, most of them in the form of multiple fingerprints. In 2007 only two fingerprints were captured in AFIS database of US, which is increased to ten fingerprints in 2016. The Unique Identification Authority of India (UIDAI) is the world’s leading fingerprint (and largest multi-modal biometric) system, covering more than 820 million fingerprints, face, iris biometric records of citizens of India. The biometric-based systems are mainly developed to provide security during authentication in a large number of computational applications. But, the biometric-based systems are also susceptible to a large number of security threats including the spoof attacks. There are a variety of threats to a biometric recognition system as identified by Ratha’s et al. 2007, which is a subject of great concern [4, 5]. The replay attacks may circumvent the sensor of the system by feeding a recorded image of user’s trait in the system. It is a much easier attack to fool the system. The spoof attack on the sensor is a threat to biometric recognition system in which a fake biological trait is presented by unauthorized user to claim the identity. In another scenario, the feature sets in the template during verification or directly in the template database may be altered, in order to achieve a better recognition rate, without knowing the fact that original image was presented. In a masquerade attack, a digital image from the stored template of a user may be created. These are more prone to remote access based authentication systems [6]. In the substitution threat, if an unauthorized person gains an access to a template in the database storage, then that template may be replaced by the template of any other person. The virus attack on extractor or matcher is a bug based attack on the software part of the biometric system. In this case, an attacker may replace a matcher algorithm by a Trojan horse program, which may in specific case, output high or low recognition scores. Similarly, this attack may be on feature extractor algorithm which may always produce wrong features of already enrolled user’s during the verification process. In the case of multi-modal systems, the fusion technique is used to join templates from various modalities, it may be modified. Therefore, it may result in incorrect generation of templates, which are stored in the database. One of the problems in biometric based systems is that the output of such systems is always binary e.g. accepted or rejected response (yes/no or match/no match). An attacker may attempt to change the overall response of system from yes to no or vice versa.

It has been discovered in past studies, that scalability of use, inter-class variations in biological traits and spoof attacks are the key design issues and need to be addressed for biometric systems [7, 8]. Among all, the most vital issue need to be addressed, is the security of feature templates, which are generated by the feature extractor of the biometric system. The security of feature templates of the legitimate user are the important issues for successful and accurate operation of a MB based system [9 –11]. In the past, a variety of schemes has been designed and developed for template security and protection for different multi-modal systems [12 –14]. A single template security scheme is not sufficient to meet all the important characteristics of an ideal technique [1]. In this paper, we propose a novel hybrid template security scheme for a multi-modal biometric system based on two modalities. The rest of the article is organised as follows; The Section 2 present the background of fingerprint and hand geometry feature extraction process, related work in the field of template security schemes. The Section 3 briefly explains about motivation behind this work and the key objectives. In the Section 4, the framework for the proposed scheme and hybrid algorithm for template security is described. A novel matching algorithm is also designed for the human identification during the testing phase. The Section 5 of this paper shows step by step explanation of the proposed scheme by with an example. The performance of the proposed algorithm is experimentally evaluated in terms of storage overhead, recognition rate and equal error rate. In this section, key advantages and security analysis of the proposed scheme is also presented. In the last, Section 6 briefly highlights the key findings of this work followed by the future directions.

2 Background

The system that different parts of human body can be used to recognize their unique selves is not latest. The prints of hand, foot and fingerprints have already been used in ancient times because of their unique characteristics. Prehistoric artefacts including carvings similar to the friction ridge skin have been revealed in many places throughout the world. Image writing of a hand with ridge patterns was discovered in Nova Scotia. In ancient Babylon, fingerprints were used on clay tablets for business transactions. The epidermal ridge patterns of fingerprints were firstly used by Sir F. Galton in 1872 to build up a probabilistic system of individuality. Each of the Galton features has a specific form, for instance, bifurcation point or end point, an exclusive location on the fingerprint, and as well as a specific orientation. In 1977, Osterburg et al. determined the probability of occurrence of a certain configuration of Galton features in a given fingerprint. However, after few years, S. Sclove, claimed through an article the probability of Galton features as pores in a fingerprint with two-dimensional Markov model. In most of the cases, pores are used in forensic matching but minutia is used in recognition matching with pores as only subsidiary information. Among all the biometrics, fingerprint has been extensively used and proved comparatively reliable modality. The fingerprint of an individual is a pattern of ridges and valleys and scientific facts reveal that it is unique for every human. Even though, twins who shares same DNA also have different patterns of fingerprints. Fingerprints have a set of either local or global feature points of ridges within it. Earlier fingerprints used to be captured through ink impressions on paper. The emergence of electronics era has urged researchers to collect more reliable fingerprints of human through a variety of sensor technologies. A typical FP based system works by identifying the important feature points from the image of captured fingerprint. The typical feature points are minutia points and generally identifies as either ridge ending or a ridge bifurcation. The minutia points may be extracted from FP image using different algorithms. In the proposed security scheme, we have adopted the method as proposed by Jain et al. in their research work for fingerprint based identification system. The feature point extraction in this case, is a three step process. Firstly, estimation of the orientation field, next step is extraction of the ridges and finally extraction of the minutia points.

i. Estimation of the orientation field: Suppose I (x, y) be the FP image captured through a sensor. The mage I is firstly divided into blocks of size P × P. Then, local orientation L_x and L_y are calculated at each pixel (m, n) of the image I (x, y), using the Equations 1–3. $\begin{matrix} L_{x} (m, n) \\ = \sum_{k = m - \frac{p^{.}}{2}}^{m + \frac{P}{2}} \sum_{l = n - \frac{p}{2}}^{n + \frac{P}{2}} 2 g_{x} (k, l) g_{y} (k, l) \end{matrix}$ (1) $\begin{matrix} L_{y} (m, n) \\ = \sum_{k = m - \frac{p^{.}}{2}}^{m + \frac{P}{2}} \sum_{l = n - \frac{p}{2}}^{n + \frac{P}{2}} 2 (g_{x}^{2} (k, l) - g_{xy}^{2} (k, l)) \end{matrix}$ (2) $θ (m . n) = \frac{1}{2} {tan}^{- 1} (\frac{L_{x} (m, n)}{L_{y} (m, n)})$ (3)

In the next step, the consistency levels of the orientation field in local neighbourhood of a block (m, n), is computed using the Equations 4 and 5. $\begin{matrix} C (m, n) \\ = \frac{1}{M} \sqrt{\sum_{(m^{'}, n^{'}) \in H} | θ (m^{'} . n^{'}) - θ (m . n) |^{2}} \end{matrix}$ (4) $\begin{matrix} | θ - θ^{'} | \\ = {\begin{matrix} e & if (e = θ - θ^{'} + 360) \\ mod 360) < 180 \\ e - 180 & otherwise \end{matrix} \end{matrix}$ (5)

H is the local neighborhood around the block (m, n) and M is the number of blocks in the H. The θ (m′ . n′) and θ (m, n) are the local ridge orientations of the respective blocks. A segmentation algorithm is applied on the image, in order to slash the area of interest, after the orientation fields is computed.

ii. Detection of ridges: The ridges are detected from the image obtained from the previous step (e.g. step-i), by using an important characteristics that gray level values are maximum on a ridge along a direction which is normal to the local ridge orientation. The number of pixels on a ridge may be detected by using this property. The convolution is applied on the fingerprint image by using two masks. Then, the gray level value at a particular pixel in the convolved image is compared with a threshold. If the gray level value of a pixel found to be more than a threshold then it is declared as a ridge.

iii. Detection of minutia feature points: If a pixel is on a thinned ridge and eight connected, its value is 1 otherwise it is 0. Consider a pixel (a, b) lying on a ridge and suppose H₀ : H₇ be the eight neighbors of the pixel. $\begin{matrix} Type of ridge \\ = {\begin{matrix} (\sum_{j = 0}^{7} H_{j} &) = 1, (a, b) is ridge ending \\ (\sum_{j = 0}^{7} H_{j} &) > 2, (a, b) is ridge bifurcation \end{matrix} \end{matrix}$

The identified minutia pixel’s positional and angular dimension is now measured and recorded. The feature is now denoted a collection of m feature points as an m × 3 vector. The extracted feature vector is stored in the system database as template and represents the identity of the enrolled user. The complete process of feature point extraction in a FP based system is shown in Fig. 1a-d. The hand-geometry based identification systems use the measurement of length, width, thickness, and surface area of the fingers and hand [15 –17]. This biometric offers low protection level because it is not scalable, i.e. those measurements do not tend to be unique for large scale identification systems. An important limitation is that biometrics system involves complex hardware to capture the hand- image and may not be suitable for simple applications like computer based login. Bulatov et al. (2002), defined 32-global unique feature points of typical hand geometry [29]. The typical hand geometry feature points as identified by Jain et al. 1999 are shown in the Fig. 2, where the feature points are the length and width of fingers of a hand. The complete feature vector is denoted as an array of 16 measurements e.g. F₁, F₂ … F₁₆. The feature extraction process for hand geometry system has been proposed by many authors[15, 16].

Fig.1

(a) Original Fingerprint, (b) Binarization, (c) Thinning & orientation, (d) Extracted minutia feature points.

Fig.2

Hand geometry modality with respective features points (adopted from Jain et al. [18]).

The template security is a key design issue for the recognition accuracy in biometrics system. In order to achieve better accuracy and performance in biometrics system, the template data need to be protected from unauthorized users and therefore efficient template security techniques need to be designed [7, 19–21 , 7, 19–21].

As shown in Fig. 3, template protection schemes are broadly classified into two types; namely biometric cryptosystems and transformation based schemes [7]. The cryptosystem based security schemes may be further classified as either fuzzy vault or fuzzy commitment based. Transformation based schemes are may be classified either as invertible or noninvertible (cancelable biometric). Template transformation based schemes transform the template based on the factors derived from external sources such as keys or passwords. In the case of authentication same function is applied to the query template matched with the stored template in the transformed domain. On the other hand, bio cryptosystems involve in getting error correcting information from biometric vectors known as helper data. The error-correction information is used during the verification process to recover the original template form stored template. The templates generated from transformation based schemes are easily revocable and biometric cryptosystems rely on error-correcting coding theory. Both types of schemes have their merits and demerits, therefore in most of the cases, hybrid or mixed schemes areused.

Fig.3

Types of template security schemes.

In the secure sketch approach, a sketch or helper data SS is derived from the given biometric trait B and stored in to database. A function takes decision after testing whether the query template X is consistent with the sketch SS [22]. Secure sketches are constructed in such a ways that it draws little information from the biometric trait. In 1999, Juels and Wattenberg proposed and introduced a fuzzy commitment scheme. Fuzzy commitment techniques involve the in binding secret information, say S, to template T during the enrollment, which may be recovered during testing of the legitimate user. There are many methods to bind the secret messages and few popular techniques are quantization index modulation (QIM) and ECC.

The cancelable biometric technique involves intentionally distortion of biometric traits during enrolment [23]. The distortion function is repeatable so that it may be again applied during testing the legitimate user during verification. Further, distortion function is also noninvertible and revocable. Therefore if template stored in the database is compromised, then system administrator may cancel the stored template data and fresh distortion function may be applied on the biometric trait to get new template after enrollment. Popular approach of cancellable biometrics involves salting of biometric features with a secret key (A. Kong et al. 2006), noninvertible functions applied to angular tessellation of face or fingerprints biometrics (N. Ratha et al. 2001) and quantized random projections computation from feature vectors (A. Teoh, 2006).

The bio-hashing approach works by converting a given template using a large number of random codes, into binary sequences, which are called as bio hashes. The random codes are stored into tokens, which are used during verification. Bio-hashing involves two important steps, randomization and quantization. In 2006, Teoh et al. used bio hashing for fingerprint biometric Features were extracted from fingerprint using Fourier Mellin transform framework and integrated wavelet. In 2009, Aoh et al. used bio hashing technique for template protection in infrared facial biometrics. In this case, bio hashes were generated by comparing features with randomly generated thresholds. In 2007, Teoh et al. [24] proposed a security scheme, where complex numbers were used to generate bio hashes. In this case, random vectors and feature vectors are imaginary parts and real part respectively. The phase of complex numbers is averaged which are called as bio phasor and further discretized to generate a bio hash. One of the limitations, of bio hashing, is that, if a key is known to the imposter then matching performance degrades mainly due to quantization of features and reduction of dimensions. Further, drawback of bio hashing is that it is easy to invert the bio hashes if key is known to the adversary. In this way, original template may be recovered from the stored template.

U. Uludag et al. (2003) describes in details about how biometric cryptosystem works and highlights various issues and limitations [21]. A comprehensive study of various template security techniques along with requirements of template protection techniques is presented by authors in [26]. A brief background is presented in Table 1 about the development of template security schemes by various authors during last decade. Significant work is presented on how biometric data may be hidden using watermarking. Two applications of an amplitude modulation based watermarking a method, in which a user’s biometric data is hidden in a range of images. This method is applied on face and fingerprint images and leads to low visibility of the embedded pointer [27]. Y.C. Feng et al. [28], highlights comprehensive details of binarization process and gives an analysis of various techniques based on security, accuracy and performance. In [29], the authors focus is on biometric systems that combine cues obtained from multiple biometric sources and these systems are commonly referred to as multibiometric systems. Method uses fuzzy vault to improve the security of feature template. The modalities are the fingerprint and palm print inputs which are firstly processed in order to enhance the quality of the image and build it well for extraction of features. The system gives good performance with FRR of 88% and FAR of 12%. It acts well even after adding salt and pepper noise to result in a FRR of 72.2% and FAR of 27.8%. Authors in their work [12] proposed a method to bind the biometric template in a cryptographic key which does not reveal any information about the original biometric trait when it is compromised by the attacker. Another advantage of the proposed method is in terms of security as well as improvement on recognition accuracy. Y.J. Chin et al. (2014) developed a technique to secure templates during feature fusion in a multimodal biometric system based on fingerprint and palm print. In this work, authors used a transformation method called a Random tiling and equal probable discretization technique [30]. An approach to improve the security of templates in fingerprint has been developed by authors [31]. The main goal of the system is to build a non-invertible transformation of fingerprint template which meets the requirements of revocability, diversity, security and performance. Here, a key is generated from the minutiae extracted from the image, in the form of a special spiral curve. Nandkumar et al. proposed a template security scheme for MBS based on fingerprint and iris, where fuzzy vault scheme was used to fuse FP minutia feature vector with iris-code [32]. Kanada et al. proposed template security scheme for face and iris, in which cryptographic key was generated with higher entropy. Nagar et al. used feature fusion level to protect the template in a MBS based on face, fingerprint and iris using fuzzy commitment scheme. The practically implemented showed how template may be protected at feature fusion level and found a trade-off between multi-biometric accuracy and security. Sutcu et al. presented the minutia- based fingerprint and face featured using SVD, where the feature vectors are converted to binary codes and then combined at feature level fusion.

Table 1

Developments in the template security schemes

Technique	Biometric trait	FMR/FNMR	Authors
Quantization	Online Signature	0.0/7.05	Vielhauer (2002)
Fuzzy Vault	Fingerprint	0.0/20-30	Clancy et al. (2003)
Bio Hashing	Face	0.0/0.0	Teoh et al. (2004)
Fuzzy Commitment	Iris	0.0/0.42	Hao et al. (2006)
Bio Hashing	Face	0.0002 (EER)	Goh et al. (2006)
Fuzzy Commitment	Iris	0.0/5.62	Bringer et al. (2007)
Block Permutation, Surface folding	Fingerprint	0.0004/15-35	Ratha et al. (2007)
Bio-Convolving	Signature/Iris	10.81 EER	Maiorana et al. (2010)
Transformation &Quantization	Fingerprint	15% EER	Zhe Jin et al. (2012)
Cryptosystem of Fuzzy vault	Fingerprint	0.7–0.01%	[25] C. Moujahdi, (2014)
Hash Functions	Fingerprint	0.01/0.02	Y. Yang et al. (2015)

3 Motivation and objectives

It is noticed in the earlier studies that fingerprint biometric is far superior as compared to other counterparts in terms of its implementation and performance. The hand geometry on the other side proved as relatively weaker biometric for human recognition. The uni-biometric systems are being replaced by multimodal systems to overcome the issues like improving inter-class variation, identification accuracy and more relevantly overcoming spoof attacks. Multimodal systems (MBS) are generally designed by using more than one biological trait of the same user. The information fusion is a fundamental step during the design of a multimodal system, where feature templates or decisions of multiple modalities are combined [3]. The MB based systems results in improvements of scalability to cater the requirements for large population, but template security is still remains a challenge for the designers. The feature transformation or cryptosystems based security schemes may be used for a multimodal system to design a hybrid technique [7, 8]. Consider a multimodal biometric system (say M) based on two or more biometric modalities and assume that P be the number of performance parameters for M. The objective of this work is to secure templates of biometric module M at feature fusion level so that secured template is both diverse and revocable. Therefore, task is to design an efficient and effective template security scheme S for multimodal system M (P). If T₁, and T₂ be the feature vectors generated from two different biometric traits. The mapping may be denoted as; f : (T₁, T₂) → T, Where f is a mapping function, which transforms T₁ and T₂ into a secured and compact octet indexed feature template, say T. Furthermore, the objectives of this research work is threefold; Firstly to design a scheme to secure multimodal templates generated from two biometric modalities; second is, securing the template during feature fusion phase of the multi-modal biometric system; third is to reduce the size of the united intermediate template before storing it in the database of the system.

4 The proposed template security scheme

A framework of the proposed system is shown in the Fig. 4, where the system works in the enrolment and testing phases. In the enrolment phase, feature extractors are applied on the captured images, to extract feature vectors from both the modalities of a user. The extracted FVs are then converted to corresponding binary feature vectors by using the bio- hashing technique (R. Belguechi et al.) [33]. The binary feature vectors (BFVs) are then fused together by the basic Ex-OR (XOR) operation to obtain an intermediate feature vector (IFV).

Fig.4

Proposed framework for template security scheme.

Finally, a novel octet indexing technique is applied on the IFV to improve the storage overhead of the template before storing it in the database. In the testing phase, query template is derived in the same manner from both the modalities of enrolled user and compared with stored template using the proposed matching algorithm. The Table 2 shows the list of symbols with their meanings, which will be used in the proposed scheme.

Table 2

Notations and their meaning

Notation	Meaning
T ₁	Fingerprint feature template
T ₂	Hand geometry feature template
ψ	Secured template
BV _F P	Fingerprint binary vector
BV _H G	Hand geometry binary vector
z [p]	Intermediate template
Φ	Threshold
D	Matching score
T _X	Query template
o _i	ith- octet
IFV	Intermediate feature vector
MBS	Multi-modal system
FV	Feature vector
SOM	Self organising map

Let T₁ be the feature vector (FV) obtained from the feature extraction process of fingerprint biometric. The FV T₁, as shown in Equation 6 is an n × 3 dimensional feature vector which denotes the fingerprint uniqueness of the enrolled user. The fingerprint extractor extracts the minutia features points from the raw image of the user and these feature points are denoted as a triplet (x, y, φ), where (x, y) is the positional parameter of a feature point and φ is the angular dimension of feature point with x-axis. $T_{1} = {x_{i}, y_{i}, φ_{i}} where i = 1, 2, 3, \dots \dots n$ (6)

The feature vector generated from the feature extractor of hand geometry is denoted as T₂ and shown in Equation 7 $T_{2} = {f_{1}, f_{2}, f_{3}, \dots \dots f_{m}} where m = 16 .$ (7)

The dimensionality and range of both the vectors T₁ and T₂ is not the same. Therefore, these feature vectors may be converted to equivalent binary vectors after applying a suitable bio-hashing technique. In our hybrid scheme, we use the bio-hashing scheme proposed by R. Belguechi et al. [25], for computing the bio codes of both the modalities. The steps used in the bio-hashing techniques are listed in the Table 3.

Table 3

Biohashing algorithm adopted from R. Belguechi et al. [33]

1.	For k = 1 to n, generate n pseudorandom vectors V_k of length n, from random seed.
2.	Use the Gram-Schmidt algorithm on the n vectors V_k, into n orthogonal vectors OR₁, OR₂, …, OR_n.
3.	for k = 1 to n, computing the n scalar products p_k =< FV, OR_k > between the biometric feature FV and the n orthogonal vectors OR_k.
4.	Compute the n bit bio-code (b₁, b₂, …… b_n) with the threshold τ
	$b_{k} = {\begin{matrix} 0, & p_{k} < τ \\ 1, & p_{k} \geq τ \end{matrix}$

On applying the bio hashing technique on T₁ and T₂ the respective BFVs are obtained as shown in Equations 8–9 and denoted as BV_FP and BV_HG. $\begin{matrix} {BV}_{FP} = {b_{i}^{0}, b_{i}^{1}, b_{i}^{2}} where \\ i = 1, 2, 3 \dots \dots n \end{matrix}$ (8) ${BV}_{HG} = {c_{j}} where j > = 16$ (9)

Suppose the intermediate feature vector obtained after applying the fusion technique is denoted as IFV.

$IFV = {d_{k}^{0}, d_{k}^{1}, d_{k}^{2} = (b_{i}^{0}, b_{i}^{1}, b_{i}^{2}) Ex - OR c_{j} for all j = 1, 2, 3 \dots \dots m}$ where k = 1 : n × m.

The IFV is bigger in size then total the size of the original templates extracted from both the modalities. In order to improve the storage requirement of the secured template, an octet indexing scheme for template representation is applied in thiswork.

4.1 Octet indexing

The values of the IFV are in the range of binary 000 and 111. This fact may be used to cluster the identical values of IFV in eight different clusters. Each octet is denoted by a 3-bits binary code and lets us suppose counting of the respective octet is represented by 5-bits. Therefore, total bits required to denote each octet together with its count is 8 bits. In the representation of final octet indexed secured template, the size is reduced and denoted as an array of 8×8. The octet indexing is implemented with a Self Organising Map (SOM) competitive neural network as shown in Fig. 5. The SOM neural network for octet indexing has three neurons in input layer and eight neurons in the output layer. The input layer takes a pattern of three bits from intermediate feature vector (IFV) and clusters it in any of the eight octets in the output layer. The SOM neural network is trained for each 3-bit pattern available in IFV and in this way closely related patterns are indexed in the respectiveoctet.

Fig.5

The SOM –NN based octet indexing technique.

4.2 The algorithm for proposed scheme

The algorithm for the proposed hybrid template security scheme is shown in the Fig. 6. Let us assume that BV_FP and BV_HG be the binary vectors corresponding to the fingerprint and hand geometry obtained after bio hashing technique. In the next step, one-dimensional binary vector BV_HG is fused with two-dimensional BV_FP by using bit-wise exclusive-OR operator (XOR). In this step, a binary bit from the vector BV_HG is picked and XOR operation is performed with every triplet of the vector BV_FP. If there are m numbers of entries in BV_FP and q is the number of triplets in vector BV_FP then the total number of XOR operations need to be performed equals to m × q × 3. Suppose that the intermediate template after fusion is denoted as z [p]. The total number of bits required to store the template z [p], on storage disk is equals (m × 3) × q.

Fig.6

Algorithm for the proposed hybrid scheme.

4.3 Matching algorithm

The steps used during testing of the proposed hybrid template security scheme are shown in the Algorithm 2, as shown in the Fig. 7. The algorithm works by comparing the query template T_Q of an enrolled user with the respective template ψ stored in the database. In this approach count of the ith octet in the query template is compared with respective octet count in stored template and difference is stored in variable d_i. Thereafter, the geometric mean of all errors is computed, denoted as D. The final decision is based on comparing the overall error D with a threshold Φ to arrive at a conclusion of acceptance and rejection.

Fig.7

Matching algorithm for the proposed scheme.

5 Experimental results

The proposed algorithm is implemented in MATLAB 7.6.0 and the source code is openly available for feature extraction process in fingerprint and hand geometry systems. The experiments are performed on a fresh multimodal dataset of 300 samples collected from 100 different subjects. The multimodal biometric traits were collected from heterogeneous population covering subjects from different backgrounds, gender and age. The subjects were mainly the students, staff, workers and old people of the Jammu and the Punjab states, with their age ranging between 14 to 70 yrs. The impressions of fingerprint and images of right hand geometry were captured from each subject at three different times on a day. The fingerprint images were captured with a high quality sensor at 300×300 and 500 dpi. The hand image is captured by putting the hand on a Back-lit translucent base. The light source beneath the translucent base helps in clearly distinguishing the palm from the background. A digital camera is used to obtain the top-view of the hand. The hand image is captured at a resolution of 640×480 dpi. The performance of the proposed security scheme is evaluated for the storage overhead and recognition efficiency.

In order to understand the working of the proposed scheme, let us consider an instance of FVs extracted from both the modalities of a user. A sample of extracted fingerprint FV and its equivalent BFV is shown in Table 4a–b. In the same way, hand geometry FV and respective BFV is shown in the Table 5. The secured template with a compact representation using octet indexing is obtained after applying our proposed algorithm is shown in the Table 6. The secured template is represented by using a two-dimensional array of 8×8 size. First three bits of the entry in an indexed template denotes octet number and last five bits are used to indicate the count of that octet in an intermediate template.

Table 4(a)
Example of a fingerprint feature vector

X Y Angle X Y Angle X Y Angle

3 7 25.00 153 27 159.00 102 202 106.0

105 25 124.0 26 162 176.00 185 106 279.0

27 112 29.0 163 211 164.00 107 300 113.0

244 31 90.0 300 168 270.00 299 118 17.00

34 77 35.0 170 282 181.00 118 198 124.0

123 37 257.0 252 186 24.00 17 131 260.0

38 266 40.0 189 296 193.00 137 163 138.0

64 40 116 25 205 2.00 83 138 147.0

41 250 41.0 205 174 206.00 139 293 146.0

285 45 55.0 126 207 248.00 270 118 271.0

45 276 48.0 221 2 226.00 57 277 286.0

220 50 43.0 13 227 173.00 279 222 279.0

50 295 63.0 228 300 229.00 230 281 78.0

28 64 64.0 44 230 86.00 283 300 84.0

65 255 67.0 232 16 232.00 159 287 167.0

X	Y	Angle	X	Y	Angle	X	Y	Angle
3	7	25.00	153	27	159.00	102	202	106.0
105	25	124.0	26	162	176.00	185	106	279.0
27	112	29.0	163	211	164.00	107	300	113.0
244	31	90.0	300	168	270.00	299	118	17.00
34	77	35.0	170	282	181.00	118	198	124.0
123	37	257.0	252	186	24.00	17	131	260.0
38	266	40.0	189	296	193.00	137	163	138.0
64	40	116	25	205	2.00	83	138	147.0
41	250	41.0	205	174	206.00	139	293	146.0
285	45	55.0	126	207	248.00	270	118	271.0
45	276	48.0	221	2	226.00	57	277	286.0
220	50	43.0	13	227	173.00	279	222	279.0
50	295	63.0	228	300	229.00	230	281	78.0
28	64	64.0	44	230	86.00	283	300	84.0
65	255	67.0	232	16	232.00	159	287	167.0

Table 4(b)

BFV corresponding to FV in 3(a)

1	0	0	0	1	0	1	0	0
1	1	1	1	0	1	0	1	1
0	1	1	0	1	1	0	1	1
1	0	1	0	0	1	1	0	1
0	1	1	0	1	1	1	1	0
1	0	1	1	1	1	1	0	1
0	0	1	0	1	1	0	0	1
0	0	0	0	0	0	0	0	0
1	0	1	1	0	1	0	0	0
1	0	1	1	0	1	1	0	1
1	0	0	0	0	0	1	0	1
0	0	1	1	0	1	1	0	1
1	0	1	1	0	1	1	0	1
1	0	0	1	0	1	1	0	0
0	0	1	0	0	1	1	0	1

Table 5

Example of hand geometry FV and corresponding BFV

	F₁	F₂	F₃	F₄	F₅	F₅	F₆	F₇	F₈	F₉	F₁₀	F₁₁	F₁₂	F₁₃	F₁₅	F₁₆
FV	2	5	7	2	13	14	13	12	10	8	9	4	5	8	8	5
BFV	0	1	1	0	1	0	0	1	0	1	1	1	1	0	0	1

Table 6

An instance of final secured template

Octet No.			No of items
0	0	0	0	0	1	1	0
0	0	1	0	0	1	0	1
0	1	0	0	1	1	0	1
0	1	1	0	0	1	1	0
1	0	0	0	1	1	1	1
1	0	1	0	1	0	1	0
1	1	0	0	1	0	0	0
1	1	1	0	0	1	1	0

The proposed octet- indexing technique results in the reduction of storage requirement and provides a uniform size for all the secured templates to be stored in the database. The size of original feature template is compared with intermediate secured template and octet indexed template as shown in Table 7. The proposed octet indexing of the template storage is capable of improving the size of storage and improvement in sizes is summarized in Table 8. Moreover, the improvement in template size is additionally significant, when the size of the original template is even larger. A comparison of size requirements in original, proposed octet indexed template and improvement in size is graphically drawn in the Fig. 8(a).

Table 7

Original template Vs Secured, Octet indexed template

Original template	Secured template	Size with octet
size	size (bits)	indexing
60×64 bits	60×16	64
100×64bits	100×16	64
180×64 bits	180×16	64
200×64 bits	200×16	64
250×64bits	250×16	64

Table 8

Storage overhead improvement

Fingerprint	Hand	Total	After	Total
	FV	geometry	bits	octet	improvement
FV	needed	indexing	(bits)
60	16	76	64	10
70	16	86	64	20
80	16	96	64	30
90	16	106	64	40
100	16	116	64	50
110	16	126	64	60
120	16	136	64	70

Fig.8

(a) proposed template security scheme in terms of storage overhead, (b) Recognition rate of the proposed scheme.

The proposed algorithm enhances the security of template as well as improves the recognition rate of the system. The proposed security scheme secures the template during fusion as well as improves identification accuracy. The recognition rate of proposed system is compared with the unimodal biometric counterparts at different thresholds values as shown in Fig. 8(b). The Fig. 9 shows that the performance of the proposed hybrid scheme computed in terms of receiver operating curve (ROC) and compared with multi-modal biometric system without the proposed scheme. The curve in Fig. 9 shows that the equal error rate(EER) for the proposed scheme is 0.48% which is considerably low as compared to 1.01% of the MB systems without this scheme. The recognition rate of the proposed system is at 98.1% which is far better than unimodal systems of fingerprint and hand geometry at respectively 91.64% and 80.56%. In the case of dissimilarity matching scores, the recognition rate of proposed system is better when the threshold (Φ) is low and it decreases with increase in threshold value. The performance of proposed system may be further improved by using more sophisticated sensors to capture clear samples of the users.

Fig.9

ROC curve -proposed template security scheme for MBS vs. without proposed scheme.

5.1 Advantages of the proposed technique

There are four key merits of the proposed hybrid scheme as follows; Firstly, it secures templates during feature fusion level. Feature fusion is one of the important steps for successful implementation of a multi-biometric system. This technique may be used to serve the additional function of protecting the templates besides combining the feature vectors from both modalities. The proposed algorithm uses bio-hashing as normalization step followed by applying a bitwise operator like exclusive –OR for fusion. The second advantage is based on the fact that it is a cancelable security scheme. The proposed scheme uses a one-way transformation technique to convert the feature vectors into a single secured cancelable template. The secured template is non-invertible and difficult to imitate the original modality. Thirdly, the proposed scheme reduces the overall template storage overhead and improves the recognition rate. The storage requirement of the biometric database is improved by using a novel octet indexing technique. The size of templates is 64-bits with octet indexing, where first 3-bits of entry represent the octet type and next 5- bits represents the actual counting of this octet type in the fused feature vector. The fourth advantage of the proposed scheme is that, the final secured and indexed feature template behaves like an associative memory or content addressable memory. In order to improve the matching time, the proposed matching algorithm may be implemented using suitable hardware.

5.2 Security analysis of the propose scheme

The proposed scheme is evaluated for various security parameters as described in ISO standards. The proposed hybrid security scheme provides security at multiple levels, from template generation to the time, before it is stored the device. An adversary may try to attack the secured template using any one of the four scenarios.

Biohashing key is not known: In such cases, binary vectors generated from both the modalities will not be guessed by the imposters, hence, difficult to guess the secured template. In order to randomly generate the secured template, the number of attempts required will be in the range of 2⁶⁴. Therefore, the biometric modalities reconstruction will be extremely difficult in the worst case.

Biohashing keys are known: In this case, if an imposter is successful in getting the biohashing keys then, guessing the fusion function will be a challenging task for attackers. The biohashing keys in this case may be only used to obtain the binary vectors of the respective modalities.

Biohashing key and fusion function are known: In this case, where fusion function is guessed, then intermediate templates may be recovered, but octet indexing technique will protect the secured templates. The octet indexing is the non- invertible key step in the proposed scheme. In order to obtain the octet indexed secured template from the intermediate template, the complexity is in the order of n² log₂n.

Biohashing key, fusion function and octet indexing techniques are known: In the worst case scenario, if the template security is wrecked at all the levels and secured template is compromised, then the stored template in the database may be revoked. A fresh secured template for the user may be generated using a new biohashing key.

6 Conclusion and future directions

In this paper, a hybrid template security scheme for bi-modal biometric system is developed, where templates are secured at feature fusion level. The proposed hybrid template security scheme is based on combining BFVs of the fingerprint and hand geometry biometric modalities, followed by applying a novel octet indexing method in order to reduce the storage overhead. Consequently, the octet indexing scheme results in a low storage overhead of 40–50% (Approx.) as well as secures the templates after fusion. The presented scheme performs well with a recognition rate of 98.4% (Approx.) with reasonably less Equal error rate of 0.48%. The hybrid template security scheme satisfies the most of the desirable properties of an ideal template security scheme. In order to convert FVs to BFVs before fusion, a bio-hashing technique is used in the proposed hybrid scheme, which ensures that stored template may be revoked in the case of compromise by an adversary. Another attractive feature of the proposed scheme is that it provides security to feature templates at multiple levels before storage on to the storage device. On the down side, the proposed scheme needs more exhaustive testing by computing additional biometric performance parameters. The computational efficiency of the proposed algorithm may be improved in future using an optimization technique. In future, the proposed template security scheme may be extended for use in other multi-modal biometricsystems.

Footnotes

Acknowledgments

Authors are grateful to the Department of Research, Innovation & Consultancy (RIC), I.K. Gujral Punjab Technical University, Punjab, India, for providing all the necessary sources to carry out this research work.

References

Adler

, Biometric System Security, in Handbook of Biometrics, 2008, pp. 381–402.

Matyas

S.M.

and Stapleton

, A biometric standard for information management and security, Comput Secur19(5) (2000), 428–441.

Zhang

, Fan

M.Y.

and Fu

, Side-channel attack on biometric cryptosystem based on keystroke dynamics, in Proceedings of the 1st International Symposium on Data, Privacy, and E-Commerce, ISDPE 2007, 2007, pp. 221–223.

Singh

Y.N.

and Singh

S.K.

, A taxonomy of biometric system vulnerabilities and defences, Int J Biom5(2) (2013), 137.

Prabhakar

, Pankanti

and Jain

A.K.

, Biometric recognition: Security and privacy concerns, IEEE Secur Priv (2003), 33–42.

Roberts

, Biometric attack vectors and defences, Comput Secur26(1) (2007), 14–25.

Nandakumar

, Jain

A.K.

and Nagar

, Biometric template security, EURASIP J Adv Signal Process2008 (2008).

Jain

A.K.

, Ross

and Uludag

, Biometric template security: Challenges and solutions, Secur Watermarking Multimed4675(IV) (2002), 629–640.

Ross

and Jain

A.A.K.

, Multimodal biometrics: An overview, Signal Processing (2004), pp. 1221–1224.

10.

Selwal

and Kumar

, Template security analysis of multimodal biometric frameworks based on fingerprint and hand geometry, Perspect Sci8 (2016), 705–708.

11.

Selwal

and Kumar

, Fuzzy analytic hierarchy process based template data analysis of multimodal biometric conceptual designs, Procedia - Procedia Comput Sci85(Cms) (2016), 899–905.

12.

Argyropoulos

, Tzovaras

, Ioannidis

, Damousis

, Strintzis

M.G.

, Braun

and Boverie

, Biometric template protection in multimodal authentication systems based on error correcting codes, J Comput Secur18(1) (2010), 161–185.

13.

Meenakshi

V.S.

and Padmavathi

, Security analysis of password hardened multimodal biometric fuzzy vault, World Acad Sci Eng Technol56 (2009), 312–320.

14.

Paul

P.P.

and Gavrilova

, Multimodal biometric approach for cancelable face template generation, Multisensor, Multisource Inf Fusion Archit Algorithms8407 (2012), 84070H–84070H–7.

15.

Dutag

and Yo

, Hand biometrics, 24 (2006), 483–497.

16.

Bača

, Grd

and Fotak

, Basic Principles and Trends in Hand Geometry and Hand Shape Biometrics.

17.

Correia

M.B.R.P.L.

and Soares

L.D.

, Hand-based multimodal identification system with secure biometric template storage, 2011 (2012), 165–173.

18.

Jain

A.K.

and Ross

, A Prototype Hand Geometry-based Verification System, 1999, pp. 166–171.

19.

Nagar

, Nandakumar

and Jain

A.K.

, Biometric Template Transformation: A Security Analysis, Proc SPIE - Int Soc Opt Eng, vol. 7541, 2010, p. 75410O–75410O–15.

20.

Sutcu

, Li

and Memon

, How to Protect Biometric Templates, Proc SPIE SPIE Conf Secur Steganography Watermarking Multimed Contents IX, vol. 6505, 2007, p. 11.

21.

Uludag

, Pankanti

, Prabhakar

and Jain

A.K.

, Biometric cryptosystems: Issues and challenges, in, Proceedings of the IEEE92(6) (2004), 948–959.

22.

Ramu

and Arivoli

, Biometric template security: An overview, 65 (2012).

23.

Teoh

A.B.J.

, Wai

and Lee

, Cancellable biometrics and annotations on BioHash, 41 (2008), 2034–2044.

24.

Jin

A.T.B.

and Jaihie

, FuzzyHash: A secure biometric template protection technique, in Proceedings of the Frontiers in the Convergence of Bioscience and Information Technologies, FBIT 2007, 2007, pp. 688–694.

25.

Moujahdi

, Bebis

, Ghouzali

and Rziza

, Fingerprint shell: Secure representation of fingerprint template q, Pattern Recognit Lett45 (2014), 189–196.

26.

Nandakumar

and Jain

A.K.

, Biometric Template Protection: Bridging the performance gap between theory and practice, IEEE Signal Process Mag32(5) (2015), 88–100.

27.

Jain

A.K.

and Uludag

, Hiding biometric data, IEEE Trans Pattern Anal Mach Intell25(11) (2003), 1494–1498.

28.

Feng

Y.C.

, Lim

M.H.

and Yuen

P.C.

, Masquerade attack on transform-based binary-template protection based on perceptron learning, Pattern Recognit47(9) (2014), 3019–3033.

29.

Brindha

V.E.

, Biometric template security using fuzzy vault, in: Proceedings of the International Symposium on Consumer Electronics, ISCE, 2011, pp. 384–387.

30.

Chin

Y.J.

, Ong

T.S.

, Teoh

A.B.J.

and Goh

K.O.M.

, Integrated biometrics template protection technique based on fingerprint and palmprint feature-level fusion, Inf Fusion18(1) (2014), 161–174.

31.

Prasad

M.V.N.K.

and Santhosh Kumar

, Fingerprint template protection using multiline neighboring relation, Expert Syst Appl41(14) (2014), 6114–6122.

32.

Nandakumar

and Jain

A.K.

, Multibiometric template security using fuzzy vault, in Applications and Systems, BTAS 2008 - IEEE 2nd International Conference on Biometrics: Theory, 2008.

33.

Belguechi

, Rosenberger

and Ait-Aoudia

, Biohashing for Securing Minutiae Template, in 2010 20th International Conference on Pattern Recognition, 2010, pp. 1168–1171.

1	0	0	0	1	0	1	0	0
1	1	1	1	0	1	0	1	1
0	1	1	0	1	1	0	1	1
1	0	1	0	0	1	1	0	1
0	1	1	0	1	1	1	1	0
1	0	1	1	1	1	1	0	1
0	0	1	0	1	1	0	0	1
0	0	0	0	0	0	0	0	0
1	0	1	1	0	1	0	0	0
1	0	1	1	0	1	1	0	1
1	0	0	0	0	0	1	0	1
0	0	1	1	0	1	1	0	1
1	0	1	1	0	1	1	0	1
1	0	0	1	0	1	1	0	0
0	0	1	0	0	1	1	0	1

1	0	0	0	1	0	1	0	0
1	1	1	1	0	1	0	1	1
0	1	1	0	1	1	0	1	1
1	0	1	0	0	1	1	0	1
0	1	1	0	1	1	1	1	0
1	0	1	1	1	1	1	0	1
0	0	1	0	1	1	0	0	1
0	0	0	0	0	0	0	0	0
1	0	1	1	0	1	0	0	0
1	0	1	1	0	1	1	0	1
1	0	0	0	0	0	1	0	1
0	0	1	1	0	1	1	0	1
1	0	1	1	0	1	1	0	1
1	0	0	1	0	1	1	0	0
0	0	1	0	0	1	1	0	1

1	0	0	0	1	0	1	0	0
1	1	1	1	0	1	0	1	1
0	1	1	0	1	1	0	1	1
1	0	1	0	0	1	1	0	1
0	1	1	0	1	1	1	1	0
1	0	1	1	1	1	1	0	1
0	0	1	0	1	1	0	0	1
0	0	0	0	0	0	0	0	0
1	0	1	1	0	1	0	0	0
1	0	1	1	0	1	1	0	1
1	0	0	0	0	0	1	0	1
0	0	1	1	0	1	1	0	1
1	0	1	1	0	1	1	0	1
1	0	0	1	0	1	1	0	0
0	0	1	0	0	1	1	0	1