Fig 2 - uploaded by Bian Yang
Content may be subject to copyright.
Source publication
Random projection provides a good diversification effect for biometric template protection but is drawing increasing security concerns under the token-stolen (or public parameter) case. We propose a dynamic random projection method to alleviate these security concerns due to the stolen token by increasing the computational complexity to search for...
Contexts in source publication
Context 1
... each minutia m i (i=1,2,…,M) in the original template consisting of M minutiae, 3 closest (in terms of Euclidean distance) neighboring minutiae are found around m i and the quadruplets (including m i ) are defined as a minutia vicinity V i . Denote the 4 minutiae in one vicinity as J j (j = 1, 2, 3, 4) indexed in an ascending order of the Euclidean distance from m i (d(m i ,J ij ) as shown in Fig.2), thus J i1 =m i and the 6 orientations O l (l = 1, 2, …,6) can be defined between the minutiae pairs (e.g., pair m i and c i2 defining O 2 in Fig. 2) and along each orientation the remaining minutiae pair (c i1 and c i3 in the example in Fig. 2) can be geometrically-aligned (resulting J a3 and J a4 respectively). ...
Context 2
... m i ) are defined as a minutia vicinity V i . Denote the 4 minutiae in one vicinity as J j (j = 1, 2, 3, 4) indexed in an ascending order of the Euclidean distance from m i (d(m i ,J ij ) as shown in Fig.2), thus J i1 =m i and the 6 orientations O l (l = 1, 2, …,6) can be defined between the minutiae pairs (e.g., pair m i and c i2 defining O 2 in Fig. 2) and along each orientation the remaining minutiae pair (c i1 and c i3 in the example in Fig. 2) can be geometrically-aligned (resulting J a3 and J a4 respectively). Mathematically, if the orientation O l is formed by two points J p and J q (1≤p,q≤4, p≠q) in the old coordinate system, the remaining 2 minutiae J j (1≤j≤4, j≠p, j≠q) will ...
Context 3
... 1, 2, 3, 4) indexed in an ascending order of the Euclidean distance from m i (d(m i ,J ij ) as shown in Fig.2), thus J i1 =m i and the 6 orientations O l (l = 1, 2, …,6) can be defined between the minutiae pairs (e.g., pair m i and c i2 defining O 2 in Fig. 2) and along each orientation the remaining minutiae pair (c i1 and c i3 in the example in Fig. 2) can be geometrically-aligned (resulting J a3 and J a4 respectively). Mathematically, if the orientation O l is formed by two points J p and J q (1≤p,q≤4, p≠q) in the old coordinate system, the remaining 2 minutiae J j (1≤j≤4, j≠p, j≠q) will be aligned ...
Similar publications
In this paper, we introduce an approach for diversifying user comments on news articles. We claim that, although content diversity suffices for the keyword search setting, as proven by existing work on search result diversification, it is not enough when it comes to diversifying comments of news articles. Thus, in our proposed framework, we define...
Citations
... In contrast to [14,15] outlines a CB scheme based on the Bloom filter for the iris initially and then extended to other biometric modalities, e.g., face [16], and fingerprint [17]. In the meantime [18], first applies the Karhunen-Loeve transform to compress the Minutia Cylinder-Code (MCC) [18] extracted from the fingerprint images, followed by the binarization stage to generate the protected fingerprint templates, dubbed PMCC [20]. ...
The wide deployment of biometrics has prompted enormous security and privacy concerns regarding biometric template protection. Cancellable biometrics is one of the most representative countermeasures that maps a biometric feature vector into its protected template non-invertible yet replaceable when the previously transformed template is compromised. This paper proposes a two-stage cancellable biometric scheme on top of the Index-of-Maximum (IoM) hashing, dubbed Random Sparse Binary Encoded IoM (RSBE-IoM) hashing. Unlike the vanilla IoM hashing that operates only on the first-ranked feature indices, the RSBE-IoM hashing employs the first and the second-ranked features for additional discriminability gain. We also devise an instance-specific Random Sparse Binary (RSB) encoder to project the IoM-hashed vectors (both first and second-ranked) into a random sparse binary bitstring. We also introduce an instance-specific seeding mechanism to the RSB encoder such that a one-time seed is generated on the fly and not physically cached upon enrolment. We comprehensively evaluate the proposed RSBE-IoM scheme with six fingerprint benchmark datasets, i.e., DB 1 to 3 for each FVC 2002 and FVC 2004. In addition to accuracy performance, our discussions cover other important perspectives, including computational cost, biometric template protection criteria, and privacy and security concerns.
... A type of non-linear random projection is called dynamic random projection, which dynamically assembles or builds a projection matrix by selecting m candidate row vectors. The selection of the vectors depends on the biometric features and is performed using amplitude quantification techniques [133]. For instance, an authentication system with this projection was developed for iris [134] and fingerprint [135]. ...
An essential part of cloud computing, IoT, and in general the broad field of digital systems, is constituted by the mechanisms which provide access to a number of services or applications. Biometric techniques aim to manage the access to such systems based on personal data; however, some biometric traits are openly exposed in the daily life, and in consequence, they are not secret, e.g., voice or face in social networks. In many cases, biometric data are non-cancelable and non-renewable when compromised. This document examines the vulnerabilities and proposes hardware and software countermeasures for the protection and confidentiality of biometric information using randomly created supplementary information. Consequently, a taxonomy is proposed according to the operating principle and the type of supplementary information supported by protection techniques, analyzing the security, privacy, revocability, renewability, computational complexity, and distribution of biometric information. The proposed taxonomy has five categories: (1) biometric cryptosystems, (2) cancelable biometrics, (3) protection schemes based on machine learning or deep learning, (4) hybrid protection schemes, and (5) multibiometric protection schemes. Furthermore, this document proposes quantitative evaluation measures to compare the performance of protection techniques. Likewise, this research highlights the advantages of injective and linear mapping for the protection of authentication and identification systems, allowing the non-retraining of these systems when the protected biometric information is canceled and renewed. Finally, this work mentions commercial products for cancelable biometric systems and proposes future directions for adaptive and cancelable biometric systems in low-cost IoT devices.
... Dynamic key generation for biometric salting is proposed by different authors to mitigate the problem of storing the security critical user specific data and to calculate it dynamically at the time of verification. Yang et al. [60] proposed a dynamic random projection by calculating transformation matrix dynamically. Dynamic nature is achieved by storing a set of candidate random projection matrices in the system and selecting one matrix dynamically based on the input biometric data. ...
The idea of cancelable biometrics was proposed to ensure the privacy and security of user’s original biometric data, which is collected for recognition by storing only transformed template in the database after applying irreversible operations. State of the art cancelable schemes use either biometric salting or non-linear transformations for generating protected template. However, biometric salting techniques suffer from the threat of unauthorized access to user specific key; whereas non-linear transformation based schemes have the inherent issue of performance degradation due to information loss. In order to overcome these limitations of the existing techniques, this work proposes a patch level distortion based cancelable scheme which can be applied for multiple modalities. In the proposed method, biometric images are divided into Voronoi patches and log Gabor feature vector of each patch is distorted by combining it with a function of difference vectors of other patches. Proposed scheme is able to eliminate the need of security critical user specific key and many to one transformations. Irreversibility is assured as the function of difference vectors of patches used as noise in distortion process is random enough and unpredictable for an intruder. Cancelability and non-linkability can be ensured by changing the number and location of seed points. Superior performance compared to state of the art techniques is obtained in distorted domain when experiments were conducted on CASIA face database.
... As stated with Biohashing, these methods are subject to inverse attack also, if enough data is available to the attacker. To improve upon these drawbacks, various techniques such as Multi-space Random Projections [47], Dynamic Random Projections [54] and Sectored Random Projections [37] have been proposed. ...
Biometric recognition, particularly fingerprint, has been widely adopted in many civil and military applications. However, security concerns have arisen regarding the protection of the saved biometric templates. If the fingerprints database is compromised, the person can no longer use his/her registered fingerprint for authentication. Cancelable biometrics have been used to overcome this issue, by transforming fingerprint templates to a secure representation before saving them on the database. The identity verification is performed in the transformed domain, and a new transform is assigned to a user if his/her biometric data is compromised. In this context, we propose a unique cancelable fingerprint scheme based on the extraction of Scale Invariant Feature Transform (SIFT) features from fingerprint minutiae positions. To provide cancelability, SIFT features are transformed by applying user-specific random projections, followed by quantization to ensure irreversibility. We successfully achieved a zero Equal Error Rate (EER) for the Fingerprint Verification Competition (FVC) 2002 DB1 benchmark in the different-key scenario, and 1.78 EER in the stolen-key scenario. We compare our results with state-of-the-art methods based on the EER metric in the stolen-key scenario. Genuine and impostor distributions have also been used for performance and security assessment of the proposed method. Moreover, we demonstrate the robustness of the proposed approach against brute force attacks.
... When a template is compromised, a new template can be generated by the same biometric feature vector and newly generated pseudo-random numbers. BioHashing can be applied on fingerprint [12], [14], iris [15], and face [13]. However, BioHashing and its variants operate under the assumption that the pseudo-random numbers would never be lost, stolen, shared or duplicated, which cannot be guaranteed in general. ...
... Moreover, our method exceeds Bloom filter-based approach thanks to the distance preservation property offered by the proposed method. It is noteworthy that both [14] and [22] report the results based on a fraction of the database (e.g., only 2 nd , 3 rd and 6 th samples in FVC2002 DB1&2 used in [14]) while the proposed method strictly follows the FVC protocol, where all 8 samples are utilized. Therefore, the accuracy performance can be justified based on the above observations. ...
... Moreover, our method exceeds Bloom filter-based approach thanks to the distance preservation property offered by the proposed method. It is noteworthy that both [14] and [22] report the results based on a fraction of the database (e.g., only 2 nd , 3 rd and 6 th samples in FVC2002 DB1&2 used in [14]) while the proposed method strictly follows the FVC protocol, where all 8 samples are utilized. Therefore, the accuracy performance can be justified based on the above observations. ...
Hashing technology gains much attention in protecting the biometric template lately. For instance, Index-of-Max (IoM), a recent reported hashing technique, is a ranking-based locality sensitive hashing technique, which illustrates the feasibility to protect the ordered and fixed-length biometric template. However, biometric templates are not always in the form of ordered and fixed-length, rather it may be an unordered and variable size point set e.g. fingerprint minutiae, which restricts the usage of the traditional hashing technology. In this paper, we proposed a generalized version of IoM hashing namely gIoM, and therefore the unordered and variable size biometric template can be used. We demonstrate a realization using a well-known variable size feature vector, fingerprint Minutia Cylinder-Code (MCC). The gIoM transforms MCC into index domain to form indexing-based feature representation. Consequently, the inversion of MCC from the transformed representation is computational infeasible, thus to achieve non-invertibility while the performance is preserved. Public fingerprint databases FVC2002 and FVC2004 are employed for experiment as benchmark to demonstrate a fair comparison with other methods. Moreover, the security and privacy analysis suggest that gIoM meets the criteria of template protection: non-invertibility, revocability, and non-linkability.
... The other research direction concentrates on the design of non-invertible transformation functions; see for example, Jin et al. (2004) , Ahmad and Hu, (2010) . Yang et al. (2010) , Wang and Hu, (2012) , Wang and Hu, (2014) , Wang and Hu, (2016) , Jin et al. (2017) . In Jin et al. (2004) , a transformation function called biohashing is proposed. ...
... This scheme offers good revocability since there are many possibilities for a minutia to be found on the projection line. In Yang et al. (2010) , a dynamic random projection is presented to address the security concern of commonly used random projections in the stolen token case. In this scheme, a random projection matrix is assembled from many candidates and the selection of a candidate is determined by the biometric feature data itself. ...
... The overall system architecture of the proposed system.Yang et al. (2010) ,Wang and Hu, (2012) ,Wang and Hu, (2014) ,Wang and Hu, (2016) .Jin et al. ( ...
Authentication is a critical requirement of many systems, in domains such as law enforcement, financial services and consumer devices. Due to poor user practices, especially regarding passwords, biometric technologies have been presented as a viable solution, and have been constantly evolving to meet this requirement. It is important to consider the security aspects of any proposed biometric authentication system, as threats targeting biometric template data are serious. Given that the original biometric data are not revocable, if compromised, they are lost (or tainted) forever. To prevent biometric template data from being compromised by attackers, we propose a new linear convolution-based cancelable fingerprint authentication system. In the proposed system, instead of using the original feature data themselves as the inputs to the linear convolution function, the second input is replaced by a help vector, which guarantees that errors from one part of the template data do not impact other parts. Moreover, to ensure the safety of the help vector chosen from a help vector pool in the lost-key scenario, a feature-guided index generation algorithm is developed. The experimental results show that the proposed system achieves satisfactory recognition accuracy, while providing strong protection to fingerprint template data.
... Also, Paul et al. [19] proposed a random cross-folding method using random projection and selection to create cancelable templates. In order to make it a userdependent dynamic process, Yang et al. proposed a nonlinear projection process in which the projection vector was dynamically decided by feature vector itself [20]. In general, most of the projection techniques discussed are vulnerable to attacks such as inverse operations if both templates and transformation matrix are stolen [21]. ...
Biometric systems provide various benefits over traditional pin-based authentication systems. However, the issue of data privacy and theft is of great concern. To resolve these issues, a novel cancelable multimodal biometric system is proposed that combines multiple traits by means of a projection-based approach. The proposed approach generates a cancelable biometric feature that is used to obtain revocable and noninvertible templates. Cancelable features are generated by projecting the feature points onto a random plane obtained using a user-specific key. The point of projection is then transformed into cylindrical coordinates and a combined cancelable feature is obtained. Extensive experiments are performed over 3 chimeric multimodal databases and results reveal high performance. The average DI and EER achieved by the proposed method are 16.63 and 0.004, respectively. Also, the proposed method is successfully analyzed for privacy concerns, namely revocability, non-invertibility, and unlinkability. Moreover, the proposed system demonstrated tolerance against various security attacks like brute force attacks, attacks via record multiplicity, and substitution attacks.
... RP operation can also preserve distances well (Jin 2006), in other words, the biometric intra-user variations are preserved well whilst amplifying the projected biometric inter-user variations in uncorrelated random subspaces via the RP operation (Peng and Yang 2017). Therefore, RP is a better approach for the generation of unlinkable biometric templates based on the special property that biometric feature vectors can be projected to the various vectors based on different RP matrices (Yang et al. 2010). ...
... In the proposed scheme, it is assumed that the adversaries have obtained an obsolete BCH codeword T derived from the same user. Considering the RP operation in the proposed scheme, the projected vector V = R T F shows the randomness if different projection matrices R are applied to project the original biometric feature vector F (Yang et al. 2010). As mentioned in Sect. ...
Several biometric cryptosystem techniques have been proposed to protect biometric templates and preserve users’ privacy. Although such techniques can thwart different attacks, it is difficult to achieve well non-linkability between biometric cryptosystems. In this paper, we propose a novel biometric cryptosystem scheme based on random projection (RP) and back propagation neural network (BPNN) to perform the task of biometric template protection. With the help of RP, an original biometric feature vector can be projected onto a fix-length feature vector of random subspace that is derived from a user-specific projection matrix. This process is revocable and produces unlinkable biometric templates. The proposed scheme further utilizes a BPNN model to bind a projected feature vector with a random key. Based on BPNN, a robust mapping between a projected feature vector and a random key is learned to generate an error-correction-based biometric cryptosystem. The security of the proposed scheme is analyzed and the experimental results on multiple biometric datasets show the feasibility and efficiency of the proposed scheme.
... Approaching from the direction of applying two-factor key generated by splitting the projection matrix to produce biometric template, Yang et al. [40] projects the biometric features as the transformation in the sense that a dynamic random projection is applied on feature vectors of the local minutia. The projection's content is determined by the feature vectors. ...
The emerging field of privacy-preserving biometrics is attracting significant attention, as a paradigm that can address several of the key concerns in cryptographic authentication processes, whilst simultaneously addressing the issues of privacy. This paper contributes to the understanding of the field from following perspectives: (1) It proposes a novel and comprehensive taxonomy of privacy-preserving biometrics for the classification of the knowledge/existing literature in the field. (2) It provides a taxonomy-guided literature survey. (3) Open research problems/future works are discussed. (4) As the techniques used in privacy-preserving biometric authentication systems rely upon, or integrate with, general biometric matching techniques, a taxonomy and summary of the stateof- art biometrics matching techniques has also been developed. Such system-level knowledge organization will help produce excellent self-contained contents of reference materials for researchers in both the biometrics community and cryptography community who would otherwise have difficulty in understanding the relevant materials from the other community.
... Each minutia after transformation falls into a specific cell of the 3D array and each cell is marked as 1 if more than one minutia locates in it; otherwise it is marked as 0. A resultant bit-string is then permuted by using a user specific PIN. Yang et al. [8] proposed to use a dynamic random projection method to protect the biometric features extracted from local structures composed of a reference minutia and three closest minutiae around it. Although this method can dynamically choose a projection matrix from a set of candidate projection matrices, it is a primitive direct biometric key generation technique, which has poor error tolerance for low quality fingerprint images. ...
... By contrast, the proposed scheme is resilient to this attack. In [8] transformation parameters are derived directly from biometrics via quantization, causing them rarely to be identical for the same user when large minutia variance exists in fingerprint images, which leads to poor performance. The structures in [9][10][11] are constructed by each minutia with all other minutiae in the image, resulting in more computational complexity. ...
Smart mobile devices are playing a more and more important role in our daily life. Cancelable biometrics is a promising mechanism to provide authentication to mobile devices and protect biometric templates by applying a noninvertible transformation to raw biometric data. However, the negative effect of nonlinear distortion will usually degrade the matching performance significantly, which is a nontrivial factor when designing a cancelable template. Moreover, the attacks via record multiplicity (ARM) present a threat to the existing cancelable biometrics, which is still a challenging open issue. To address these problems, in this paper, we propose a new cancelable fingerprint template which can not only mitigate the negative effect of nonlinear distortion by combining multiple feature sets, but also defeat the ARM attack through a proposed feature decorrelation algorithm. Our work is a new contribution to the design of cancelable biometrics with a concrete method against the ARM attack. Experimental results on public databases and security analysis show the validity of the proposed cancelable template.
