Securing Pervasive Networks Using Biometrics

Slides:



Advertisements
Similar presentations
Lecture 6 User Authentication (cont)
Advertisements

ECE 5367 – Presentation Prepared by: Adnan Khan Pulin Patel
Biometrics based Cryptosystem Design. Cryptosystem A mechanism using which one can encode an information content to an incomprehensible form and also.
Security Challenges of Biometric Systems
What is Biometric identification 1 ? –Biometrics is the use of automated methods to recognize a person based on a physical characteristic. –Biometric technologies.
Speaker Recognition Sharat.S.Chikkerur Center for Unified Biometrics and Sensors
66: Priyanka J. Sawant 67: Ayesha A. Upadhyay 75: Sumeet Sukthankar.
BTC - 1 Biometrics Technology Centre (BTC) Biometrics Solution for Authentication Prof. David Zhang Director Biometrics Technology Centre (UGC/CRC) Department.
Cascaded Filtering For Biometric Identification Using Random Projection Atif Iqbal.
Biometric Cryptosystems Presenters: Yeh Po-Yin Yang Yi-Lun.
BIOMETRICS AND NETWORK AUTHENTICATION Security Innovators.
Introduction to Fingerprint Biometrics By Tamar Bar.
Symmetric hash functions for fingerprint minutiae
Department of Electrical and Computer Engineering Physical Biometrics Matthew Webb ECE 8741.
Biometrics II CUBS, University at Buffalo
FIT3105 Biometric based authentication and identity management
Biometric Authentication: Security Issues M. Fahim Zibran February 23, 2009.
CUBS, University at Buffalo
Introduction to Biometrics Dr. Pushkin Kachroo. New Field Face recognition from computer vision Speaker recognition from signal processing Finger prints.
GUIDE TO BIOMETRICS CHAPTER I & II September 7 th 2005 Presentation by Tamer Uz.
Thwarting Attacks Dr. Pushkin Kachroo. Introduction Biometrics can help convenience and security Might remove or strengthen some weak points but get new.
Biometrics and Authentication Shivani Kirubanandan.
Automatic Fingerprint Verification Principal Investigator Venu Govindaraju, Ph.D. Graduate Students T.Jea, Chaohang Wu, Sharat S.Chikkerur.
B IOMETRICS Akash Mudubagilu Arindam Gupta. O VERVIEW What is Biometrics? Why Biometrics? General Biometric System Different types of Biometrics Uses.
IIIT Hyderabad Atif Iqbal and Anoop Namboodiri Cascaded.
Security-Authentication
1J. M. Kizza - Ethical And Social Issues Module 16: Biometrics Introduction and Definitions Introduction and Definitions The Biometrics Authentication.
Module 14: Biometrics Introduction and Definitions The Biometrics Authentication Process Biometric System Components The Future of Biometrics J. M. Kizza.
A survey of image-based biometric identification methods: Face, finger print, iris, and others Presented by: David Lin ECE738 Presentation of Project Survey.
Biometrics: Ear Recognition
Karthiknathan Srinivasan Sanchit Aggarwal
Zachary Olson and Yukari Hagio CIS 4360 Computer Security November 19, 2008.
By Alvaro E. Escobar 1 Biometrics Agenda I. Video II. Biometric Overview III. Biometric Technologies IV. Accuracy Metrics V. BioPrivacy Concerns.
Authentication Approaches over Internet Jia Li
CS 736 A methodology for Analyzing the Performance of Authentication Protocol by Laseinde Olaoluwa Peter Department of Computer Science West Virginia.
Introduction to Biometrics Charles Tappert Seidenberg School of CSIS, Pace University.
Symmetric hash functions for fingerprint minutiae S. Tulyakov, V. Chavan and V. Govindaraju Center for Unified Biometrics and Sensors SUNY at Buffalo,
BIOMETRICS By: Lucas Clay and Tim Myers. WHAT IS IT?  Biometrics are a method of uniquely identifying a person based on physical or behavioral traits.
Lecture 7 Page 1 CS 236 Online Challenge/Response Authentication Authentication by what questions you can answer correctly –Again, by what you know The.
Biometrics Stephen Schmidt Brian Miller Devin Reid.
UNIT I PART II R.S.Ponmagal. Pervasive Architecture Architecture is an abstraction of the system. Architecture defines the system elements and how they.
Lecture 7 Page 1 CS 236, Spring 2008 Challenge/Response Authentication Authentication by what questions you can answer correctly –Again, by what you know.
BIOMETRICS FOR RECOGNITION. Presentation Outlines  Traditional methods of security  Need for biometrics  Biometrics recognition techniques  How biometrics.
Biometrics Authentication Technology
TECHNICAL SEMINAR PRESENTATION BIOMETRICS:THE MAGIC OF IDENTIFICATION.
PRESENTATION ON BIOMETRICS
ARTIFICIAL INTELLIGENCE FOR SPEECH RECOGNITION. Introduction What is Speech Recognition?  also known as automatic speech recognition or computer speech.
Authentication What you know? What you have? What you are?
INTRODUCTION TO BIOMATRICS ACCESS CONTROL SYSTEM Prepared by: Jagruti Shrimali Guided by : Prof. Chirag Patel.
COEN 351 Authentication. Authentication is based on What you know Passwords, Pins, Answers to questions, … What you have (Physical) keys, tokens, smart-card.
Lecture 7 Page 1 CS 236 Online Challenge/Response Authentication Authentication by what questions you can answer correctly –Again, by what you know The.
What does it mean to us?.  History  Biometrics Defined  Modern Day Applications  Spoofing  Future of Biometrics.
By Kyle Bickel. Road Map Biometric Authentication Biometric Factors User Authentication Factors Biometric Techniques Conclusion.
An Introduction to Biometrics
Michael Carlino. ROADMAP -Biometrics Definition -Different types -Future -Advantages -Disadvantages -Common Biometric Report -Current Issues.
By: Brad Brosig.  Introduction  Types of Biometric Security  The Installation Process  Biometric Authentication Errors  The Necessity of Mobile Device.
Multimodal Biometric Security 1.
Challenge/Response Authentication
BLIND AUTHENTICATION: A SECURE CRYPTO-BIOMETRIC VERIFICATION PROTOCOL
Authentication.
Multimodal Biometric Security
FACE RECOGNITION TECHNOLOGY
Biometrics.
Biometrics Reg: AMP/HNDIT/F/F/E/2013/067.
Sharat.S.Chikkerur S.Anand Mantravadi Rajeev.K.Srinivasan
Seminar Presentation on Biometrics
Biometrics.
Asst. Prof. Arvind Selwal, CUJ,Jammu
A Framework of Remote Biometric Authentication on the Open Network
Faculty of Science IT Department Lecturer: Raz Dara MA.
Presentation transcript:

Securing Pervasive Networks Using Biometrics Viraj S. Chavan, Sharat Chikkerur, Sergey Tulyakov and Venu Govindaraju Center for Unified Biometrics and Sensors, University at Buffalo http://www.cubs.buffalo.edu

Abstract Challenges in pervasive computing environments Computing devices are numerous and ubiquitous Traditional authentication including login schemes do not work well with so many devices Proposed Solution Use biometrics for authentication At the same time, ensure security of biometric templates in an open environment Contributions Propose a biometrics based framework for securing pervasive environment Implemented a novel scheme for securing biometric data in an open environment using symmetric hash functions

Background “The most profound technologies are those that disappear. They weave themselves into the fabric of everyday life until they are indistinguishable from it” – Mark Weiser Pervasive Computing A web of computing devices and sensors embedded in everyday objects ranging from cars to house appliances The devices are context sensitive and user ‘aware’ Focus on human computer interaction and AI Existing efforts Project Oxygen , MIT [1] Project Aura, CMU [2] Planet Blue, IBM [3] Conventional security systems rely on PINs, passwords and other token or key based methods for authentication and identification of users. Though these systems are easy to use, they are insecure as the tokens can be lost, stolen or used by more than one person. With each service requiring different form and means of identification, the multiplicity of authentication schemes becomes difficult to manage.  

Aspects of a Pervasive Environment User Interaction User interacts with speech, gestures and movements The sensors and computing devices are ‘aware’ of the user and in the ideal case are also aware of his ‘intent’. Proactivity The computing devices should interact and query other devices on Transparency Technology has to be transparent. behalf of the user and his intent Device interaction Frequent Multiparty interactions No central authority or third party

Security and Privacy Consequences of a pervasive network Devices are numerous, ubiquitous and shared The network shares the context and preferences of the user Smart spaces are aware of the location and intent of the user Security Concerns Only authorized individuals need to be given access Authentication should be minimally intrusive Devices should be trustworthy Privacy issues User should be aware of when he is being observed The user context should be protected within the network Need to balance accessibility and security Should be scalable with multiple users operating in the network

Learn from History? Wireless networks Initial research focused on implementing wireless and ad hoc networking devices and protocols Security an afterthought? Lessons for pervasive computing Human computer interface issues will be solved eventually Network infrastructure will mature Security has to be considered in the design stage Foresights Authentication has to be transparent Trusted third party may not be available Traditional key based systems will not scale well Trust based models work well with devices and agents Trust is not well defined for human user

Solution: Biometrics? Definition Examples Physical Biometrics Biometrics is the science of verifying and establishing the identity of an individual through physiological features or behavioral traits. Examples Physical Biometrics Fingerprint Hand Geometry Iris patterns Behavioral Biometrics Handwriting Signature Speech Gait Chemical/Biological Biometrics Perspiration Skin composition(spectroscopy) Biometrics offers a promising solution for reliable and uniform identification and verification of an individual. Biometrics is the science of verifying and establishing the identity of an individual through physiological features or behavioral traits. Physical biometrics rely on physiological features such as fingerprints, hand geometry, iris pattern, facial features etc. for identity verification. Behavioral biometrics depends upon behavioral features such as speech patterns, handwriting, signature, walking gait etc. for authentication. These traits are unique to an individual and hence cannot be misused, lost or stolen. Biometrics are based on established scientific principles as a basis for authentication.

Why Biometrics? With numerous devices, traditional paradigm of user name and password based scenarios are not practical Only authorized users should have access to data and services Biometrics provide an unobtrusive and convenient authentication mechanism Advantages of biometrics Uniqueness No need to remember passwords or carry tokens Biometrics cannot be lost, stolen or forgotten More secure than a long password Solves repudiation problem Not susceptible to traditional dictionary attacks

General Biometric System Sensor Feature Extraction Database Enrollment ID : 8809 Biometric Sensor Feature Extraction Matching Authentication Result

Framework for Authentication/Interaction S1 S2 Speaker Recognition Speech Recognition parsing and arbitration SK SN

Framework for Authentication/Interaction S1 Switch on Channel 9 S2 Speaker Recognition Speech Recognition parsing and arbitration SK SN

Framework for Authentication/Interaction Who is speaking? S1 S2 Speaker Recognition Speech Recognition parsing and arbitration SK Annie David Cathy SN “Authentication”

Framework for Authentication/Interaction What is he saying? S1 S2 Speaker Recognition Speech Recognition parsing and arbitration SK On,Off,TV Fridge,Door SN “Understanding”

Framework for Authentication/Interaction What is he talking about? S1 S2 Speaker Recognition Speech Recognition parsing and arbitration SK “Switch”,”to”,”channel”,”nine” Channel->TV Dim->Lamp On->TV,Lamp SN “Inferring and execution”

Speaker Recognition Definition It is the method of recognizing a person based on his voice It is one of the forms of biometric identification Depends of speaker specific characteristics.

Speaker Recognition Speech Production Mechanism Speech production Impulse Train Generator Glottal Pulse Model G(z) Vocal Tract V(z) Radiation R(z) Pitch Av AN Speech Production Mechanism Speech production Model Vocal Tract Modeling

Generic Speaker Recognition System Speech signal Score Analysis Frames Feature Vector Preprocessing Feature Extraction Pattern Matching Verification Preprocessing Feature Extraction Speaker Model Enrollment Stochastic Models GMM HMM Template Models DTW Distance Measures LAR Cepstrum LPCC MFCC A/D Conversion End point detection Pre-emphasis filter Segmentation Choice of features Differentiating factors b/w speakers include vocal tract shape and behavioral traits Features should have high inter-speaker and low intra speaker variation

State of the art in speech Literature 0.3%, Colombi et al. (Cepstrum) 6-8%, Reynolds(MelCepstrum) 4% Wan and Renals, (SVM) NIST Speaker Recognition evaluation ~1% FAR, 10-15% FRR (Text independent) Via voice IBM voice recognition engine is being open sourced ‘Speech recognition on a chip’ CMU is developing a chip architecture to completely embed speech recognition on a single chip

Framework is Generic “Authentication” “Understanding” Face Recognition Gesture Recognition parsing and arbitration SK SN “Authentication” “Understanding” “Inferring and execution”

Security of Biometric Data Issues in biometrics Biometrics is secure but not secret Permanently associated with user Used across multiple applications Can be covertly captured Types of circumvention Denial of service attacks(1) Fake biometrics attack(2) Replay and Spoof attacks(3,5) Trojan horse attacks(4,6,7) Back end attacks(8) Collusion Coercion Fake Biometrics Threats to a Biometric System

Hashing Hashing Instead of storing the original password P, a hashed values P’=H(P) is stored instead. The user is authenticated if H(password) = P’. It is computationally hard to recover P given H(P) H() – one way hashing function Problem with biometrics Biometric data has high uncertainty Matching is inexact/probabilistic Therefore, hashing function should be error tolerant

Biometric Hashing Hashing Schema Hashing Personalized Hashing

Fingerprints 101 Minutiae: Local anomalies in the ridge flow X Y θ T 106 26 320 R 153 50 335 255 81 215 B Minutiae: Local anomalies in the ridge flow Pattern of minutiae are unique to each individual

Fingerprint Verification Two major problems: noise and elastic distortion. So fuzzy matching is necessary

Research Challenges Hashed values 1 Hashed values 2 Same? Fingerprint space Hash space h f1 f2 h(f1) h(f2) Images include different scanned area. Set of features is different for two different fingerprints of the same finger. Similar fingerprints should have similar hash values Hash values should be invariant to rotation/translation

Hash functions of minutia points Consider following functions of minutia positions: The values of these symmetric functions do not depend on the order of minutia points.

Hash functions of transformed minutiae What happens with hash functions if minutia point set is transformed?

Symmetric Hash Functions n=2, m=1: for each minutia point we find it nearest neighbor, and n=3, m=1: for each minutia point we find two nearest neighbors and n=3, m=2: for each minutia point find three nearest neighbors, and for each minutia triplet including original minutia point construct 2 hash functions

Results We used fingerprint database of FVC2002 with 2800 genuine tests and 4950 impostor tests We obtained a best result of Total Error Rate of 4.5% as compared to a Total Error Rate of 2.5% for plain minutia-based matching Acceptable verification rates allowing for encryption of fingerprint minutia data

Conclusion Smart spaces and pervasive computing are moving from concepts to implementations Security has to be incorporated in the design stage Traditional authentication and access control paradigms cannot scale to numerous and ubiquitous devices Biometrics serves as a reliable alternative for minimally intrusive authentication Biometrics solves key management and repudiation problem Securing biometrics is a major challenge in an open environment Biometric hashing can be used to create revocable biometric templates

Thank You http://www.cubs.buffalo.edu

Implementations of Pervasive Computing MIT Project Oxygen. http://oxygen.lcs.mit.edu/videometaglue.html CMU Project Aura. http://www-2.cs.cmu.edu/ aura/. IBM Planet Blue, http://researchweb.watson.ibm.com/compsci/planetblue.html