IJESR/April 2012/ Volume-2/Issue-4/Article No-4/158 … 4.pdfIJESR/April 2012/...

*Corresponding Author www.ijesr.org 158

IJESR/April 2012/ Volume-2/Issue-4/Article No-4/158-175 ISSN 2277-2685

International Journal of Engineering & Science Research

SECURITY EVALUATION OF FINGERPRINT BASED AUTHENTICATION

SYSTEMS

D.Venkatesh*1, S. Balaji2, A. S .N Chakravarthy2 1Research Scholar, Dept. of Electronics & Computer Engineering, K.L. University, A.P, India.

2Professor, Dept. of Electronics & Computer Engineering, K.L. University, A.P, India.

ABSTRACT

“Fingerprint authentication” is widely used in various authetication applications. It is because

that fingerprints can achieve the best balance among authentication performance, cost, size of

device and ease of use. With identity fraud in our society reaching unprecedented proportions

and with an increasing emphasis on the emerging automatic personal identification applications,

biometrics-based verification, especially fingerprint-based identification.

There are two major shortcomings of the traditional approaches to fingerprint

representation.Considerable fraction of population, the representations based on explicit

detection of complete ridge structures in the fingerprint are difficult to extract automatically.The

widely used minutiae based representation does not utilize a significant component of the rich

discriminatory information available in the fingerprints.

In this project we are providing authentication using fingerprints of the persons. Here there is

two cases test and train. In train case we register the finger print of persons to whom we wish to

give authorization .So after register the persons into the data base of the fingerprints .These are

changed into templates of predefined .After making Templates the database will be compared

with the testing.

In this project we also analyzed the security evaluation of fingerprint based authentication

systems. The traditional image authentication systems are not able to meet performance

requirements of many modern applications. Image based authentication system that use

physiological or behavioral traits (e.g., fingerprints) are good alternatives to traditional methods.

In this paper we addressed the issues and developed algorithms to eliminate associated problems.

Firstly we analyzed the attacks of fingerprint matchers and developed algorithms for

circumventing them. Here our approach is passing the security associated with the fingerprint

based authentication systems. Secondly we developed algorithms for increasing the security for

different fingerprint based attacks. It consists of two different attacks: Direct attack and indirect

attack. In direct attack it is starting from a latent fingerprint and standard ISO minutiae template.

In indirect attack it is measured in different countermeasures of the different attacks based on the

quality measures it will use hill climbing method to develop an algorithm. Finally we analyzed

the pitfalls in our system and developed algorithms to automatically improve the system

accuracy and privacy.

Keywords: AFIS, Authentication, Biometrics, Fingerprint, Identification, and Minutiae based

Security, Verification.

IJESR/April 2012/ Volume-2/Issue

Copyright © 2012 Published by IJESR

1. INTRODUCTION

1.1 BIOMETRICS

“Biometrics” is come from the Greek words “Bio” (Life) and “Metric” (to measure). Biometrics is the technologies used for measuring and analysing a person’s unique characteristics. Biometrics is becoming an interesting topic now in regards to computer andthe first known example of biometrics in practise was a form of fingerprinting being used in china in the 14th century. Today we have technology to refine the accuracy of biometric identification, and therefore the possibility of makingWith regard to technology, biometrics is the term given to the use of biological traits or

behavioural characteristics to identify an individual. These traits may be fingerprints, hand

geometry, facial geometry, and retina recogniti

software and the interconnecting infrastructure, enabling identification by matching a live sample

to a stored pattern in a database. The main use of biometric security is to replace the current

password system. Maintaining password security can be a major task for even a small

organization. Passwords have to be changed every few months and people forgot their passwords

or lock themselves out of the system by incorrectly entering their password repeatedly. V

often people write their password down and keep it near their computer (on a post it notes

attached to the underside of the keyboard is a frequently seen favourite). This is of course

completely undermines any effort at network security. The employees

problems. The passwords had to be changed every 90 days and no dictionary words were

allowed, only 8-digit alphanumeric strings.

Types of Biometrics

There are two types of biometrics:

1. Behavioral 2. Physical

Behavioral biometrics are generally used for verification while physical biometrics can be used

for either Identification or Verification.

Identification: It involves trying to find a match for a person’s biometric data in a database

containing records of people and chara

processing power, especially if the database is very large. This is called as ‘One to many process.

Verification: It involves comparing a user’s biometric data to the previously recorded data for

that person to ensure that this is the same person. This method requires less processing power

and time, is used for access control (to building or data). This is called as ‘One to One’ process.

In verification, biometric templates are used to verify a pe

Figure1: Basic block diagram of biometric system

2/Issue-4/Article No-4/158-175 ISSN 2277

Published by IJESR. All rights reserved

“Biometrics” is come from the Greek words “Bio” (Life) and “Metric” (to measure). Biometrics is the technologies used for measuring and analysing a person’s unique characteristics. Biometrics is becoming an interesting topic now in regards to computer and security. Possibly the first known example of biometrics in practise was a form of fingerprinting being used in

century. Today we have technology to refine the accuracy of biometric identification, and therefore the possibility of making it a viable field. [1] With regard to technology, biometrics is the term given to the use of biological traits or


geometry, facial geometry, and retina recognition system, including all the hardware, associated



stem. Maintaining password security can be a major task for even a small


or lock themselves out of the system by incorrectly entering their password repeatedly. V



completely undermines any effort at network security. The employees had the usual password


digit alphanumeric strings.

There are two types of biometrics:

trics are generally used for verification while physical biometrics can be used

for either Identification or Verification.

t involves trying to find a match for a person’s biometric data in a database

containing records of people and characteristic. This method requires time and a large amount of


t involves comparing a user’s biometric data to the previously recorded data for



In verification, biometric templates are used to verify a person's identity.

Figure1: Basic block diagram of biometric system

ISSN 2277-2685

159

“Biometrics” is come from the Greek words “Bio” (Life) and “Metric” (to measure). Biometrics is the technologies used for measuring and analysing a person’s unique characteristics.

security. Possibly the first known example of biometrics in practise was a form of fingerprinting being used in

century. Today we have technology to refine the accuracy of biometric

With regard to technology, biometrics is the term given to the use of biological traits or


on system, including all the hardware, associated



stem. Maintaining password security can be a major task for even a small


or lock themselves out of the system by incorrectly entering their password repeatedly. Very



had the usual password


trics are generally used for verification while physical biometrics can be used

t involves trying to find a match for a person’s biometric data in a database

cteristic. This method requires time and a large amount of


t involves comparing a user’s biometric data to the previously recorded data for




Copyright © 2012 Published by IJESR. All rights reserved 160

Biometric recognition refers to the use of distinctive physiological (fingerprint, hand geometry,

iris, face, retina etc.,) and behavioural (voice, signature etc.,) called biometric identifiers or

simply biometrics. Depending on the application context, a biometric system may operate either

verification or identification mode. The design of appropriate authentication system is becoming

more and more important. A system that has ability to authenticate the persons: accurately,

rapidly, reliably, without invading privacy rights, cost efficiently, in user friendly manner, and

without drastic changes to the existing infrastructures are desired.

The main physical biometric technologies include:

Fingerprint - analysing Fingerprint patterns

Facial Recognition - measuring facial characteristics.

Hand Geometry – measuring the shape of the hand

Iris Scan – analysing features of colored ring of the eye.

Retina Scan – analysing blood vessels in the eye

Vascular Patterns – analysing vein patterns

DNA – analysing genetic makeup.

The main behavioural biometric technologies include

Voice recognition – analysing a speaker’s vocal behaviour

Keystroke – measuring the time spacing of typed words

Gait recognition – manner of walking

Signature – analysing the way you sign.

2. FINGERPRINT

Fingerprint biometrics is an automated digital version of the old ink and paper method used for

more than a century for identification. The biometric device requires each user to place a finger

on a plate for the print to be read. Fingerprint biometrics currently has three main application

areas large scale Automated Finger Imaging Systems (AFIS). A major advantage of finger

imaging is the long time use of fingerprints and its wide acceptance by the public and law

enforcement communities as a reliable means of human recognition [2].

A fingerprint is made of a number of ridges and valleys on the surface of the finger. Ridges are

the upper skin layer segments of the finger and valleys are the lower segments. The ridges form

so called minutia points: ridge endings (very a ridge end) and ridge bifurcations (where a ridge

splits in two). Many types of minutiae exist, including dots (very small ridges), islands (ridges

slightly longer than dots, occupying a middle space between two temporarily divergent ridges).

The uniqueness of a fingerprint can be determined by the pattern of ridges and furrows as well as

the minutiae points. There are five basic fingerprint patterns: Arch, tented arch, left loop, right

loop and whorl. Loops make up 60% of all fingerprints, whorls account for 30%, and arches for

10%. Fingerprints are usually considered to be unique, with no two fingers having the exact

same dermal ridge characteristics.

2.1 Types of Fingerprint

Latent Prints

IJESR/April 2012/ Volume-2/Issue

Copyright © 2012 Published by IJESR

Although the word latent means hidden or invisible, in modern usage for forensic science the

term latent prints means any chance of accidental impression left by friction ridge skin on a

surface, regardless of whether it

chemical, and physical processing techniques permit visualization of invisible latent print residue

whether they are form natural secretions of the ecrine glands present on friction ridge skin

Patent Prints

These are friction ridge impressions of unknown origins which are obvious to the human eye are

caused by a transfer of foreign material on the finger, onto a surface. Because they are already

visible they need no enhancement, and general

same manner as latent prints, an attempt to preserve the actual print is always made with

numerous techniques; for latent presentation in court. Finger deposits can include materials such

as ink, dirt, or blood on to a surface.

Plastic Prints

A plastic print is a friction ridge impression from a finger or palm (toe/foot) deposited in a

material that retains the shape of the ridge detail. Commonly encountered examples are melted

candle wax, putty removed from t

car parts.

2.2 Classifying Fingerprints

Before computerization replaced manual filing systems in large fingerprint operations, manual

fingerprints classification system were used to categorize fin

formations (such as the presence or absence of circular patterns in various fingers), thus

permitting filing and retrieval of paper records in large collections based on friction ridge

patterns name, birth date, and other b

popular ten print classification systems is henry classification system, and roscher system. The

henry system was developed in India and implemented in most English speaking countries.

Figure2: Fingerprint categories: (a) arch, (b) tented arch, (c) left loop, (d) right loop, (e)

3. OPERATION

Optical, silicon and ultra sound are the main technologies used to capture the fingerprint images

with sufficient detail.

Process of fingerprint analysis

2/Issue-4/Article No-4/158-175 ISSN 2277

Published by IJESR. All rights reserved



surface, regardless of whether it is visible or invisible at the time of deposition. Electronic,


whether they are form natural secretions of the ecrine glands present on friction ridge skin



visible they need no enhancement, and generally photographed instead of being lifted in the



d on to a surface.



candle wax, putty removed from the perimeter of windows panes and thick grease deposits on


fingerprints classification system were used to categorize fingerprints based on general ridge



patterns name, birth date, and other biometric data that persons may misrepresent. The most




whorl, and (f) twin loop.


ISSN 2277-2685

161



is visible or invisible at the time of deposition. Electronic,


whether they are form natural secretions of the ecrine glands present on friction ridge skin [3].



ly photographed instead of being lifted in the





he perimeter of windows panes and thick grease deposits on


gerprints based on general ridge



iometric data that persons may misrepresent. The most







Scanning of a fingerprint image: the quality of the scanned image is the decisive factor for

automatic identification purposes. It is desirable to use a high definition fingerprint scanner

which is able to tolerate different skin types, damages, dryness, as well as humidity of the finger

surface.

Image quality improvement: by using image quality improvement, an optical improvement of the

structures (ridges) on the scanned image can be achieved.

Image processing: it means the preparatory phase for feature extraction and classification

purposes.

Feature classification: fact is that all fingerprints show certain global similarities, which allow

for rough classification into three principal finger classes. However classification is a rather

difficult process both for algorithm based decisions as well as for man-made decisions since

some fingerprints cannot be clearly allocated to concrete finger class.

Feature extraction: in this phase the location of the minutiae (ridge bifurcations and ridge

endings) in the fingerprint is detected and extracted. In practise, scanned images show differing

qualities.

Verification phase: in this two feature vectors are being compared. The algorithm performance

strongly depends on the quality of the extracted minutiae and comparision process.

3.1 Fingerprint scanning

Depending on whether the scanning process is carried out on or off line, the fingerprint image

can be either be a color image, e.g. on paper or an image of a life finger obtained through a

sensor. In case of a color print rolling the finger on a surface generates the images of the ridges,

e.g. on paper after that the finger is moistened with ink. In case of life image of a finger is a

comprehensive term for images that are obtained directly by placing the finger on a suitable

sensor. There are a vast number of various methods, which can be used for the scanning ridges.

They include: optical sensor, electrical field sensor, polymer TFT sensor, thermal sensors,

capacitive sensors, contactless3d-sensors, ultrasound sensors.

A biometric sensor is the hardware component of a biometric system, which initially supplies biometric measurements. Depending on the biometric method in use, there are different kinds of sensors. Optical sensors use light for obtaining fingerprint images [5]. Electrical field sensor measure local variations of the electrical field, which is generate the finger surface relief upon the emission of a small electrical signal. Polymer tft sensors measure the light, which is emitted upon contact when the finger is laid on the polymer substrate. Thermal sensors register the thermal finger images. In capacitive sensors, the sensor and the finger surfaces together from a capacitor.

3.2 Algorithm

There are two main algorithms to recognize fingerprints: Minutia matching compares specific details within the fingerprint ridges. At registration (enrollment), the minutia points are located, together with their relative positions to each other and their directions. At the matching stage, the fingerprints image is processed to extract its minutia points, which are compared with the registration complete [4].



Pattern matching compares the overall characteristics of the fingerprints, not only individual

points. Fingerprint characteristics can include sub-areas of certain interest including ridge

thickness, curvatures, or density. During enrollment small sections of the fingerprint and their

relative distances are extracted from the fingerprint.

4. AUTHENTICATION

It involves confirming your identity and the biometric systems have to match your data with only

one, single record [6].The accuracy of any biometric system is measured in terms of FAR and

FRR.

Far (False Acceptance Rates)

Where an imposer is accepted as a match. It is a probability of falsely accepting a metric as a

match.

FRR (False Rejection Rates)

Where a legal match is denied. Where the system sails to recognize an authentic Biosignature.

As FRR increases, the FAR goes down and vice versa.

Almost all biometric systems can be adjusted to varying levels of strictness to create a variation

in FAR and FRR. For a system to be successful, both have to be within acceptable low limits

[10].

There are three ways to authenticate

• Something you know, like a password, pass phrase, pins, secret handshakes

• Something you have, like a token: storage and dynamic tokens

• something you are, measurable a trait

Figure 3: Basic Authentication Process.

Steps for fingerprint Authentication:

Step 1: User Registration

In any secure system, to enroll as a legitimate user in a service, a user must beforehand register

with the service provider by establishing his/her identity with the provider. For this, the user

provides his/her fingerprint through a finger scanner. The finger print image thus obtained

undergoes a series of enhancement steps. This is followed by a Finger print hardening protocol

with servers to obtain a hardened finger print FP which is stored into the server’s database.



Step 2: Fingerprint Enhancement

A fingerprint is made of a series of ridges and furrows on the surface of the finger. The

uniqueness of a fingerprint can be determined by the pattern of ridges and furrows. Minutiae

points are local ridge characteristics that occur at either a ridge bifurcation or a ridge ending. A

ridge termination is defined as the point where a ridge ends abruptly. A ridge bifurcation is

defined as the point where a ridge forks or diverges into branch ridges.The quality of the ridge

structures in a fingerprint image is an important characteristic, as the ridges carry the information

of characteristic features required for minutiae extraction.

Figure.4: Basic block diagram of fingerprint enhancement

5. CANCELABLE BIOMETRICS

One advantage of knowledge- and possession-based authenticators over biometrics is that they can be re-issued. If a token or a password is lost or stolen, it can be cancelled and replaced by a newer version, an option not readily available for biometrics. Cancellable biometrics perform an intentional and repeatable distortion of the original biometric signal by applying a chosen noninvertible transform, which is applied in the same way during the enrollment and authentication process. Every biometric application may use a different transform to render cross-matching of biometrics impossible. If one variant of transformed biometric is compromised, this representation can be “cancelled” and replaced by a biometric generated with a new transform. The original biometric remains secret and cannot be reconstructed from compromised representations [8].

Figure.5: Authentication Process Based on Cancellable Biometrics

6. ATTACKS AGAINST BIOMETRIC SYSTEMS



Biometrics-based personal authentication systems that use physiological (e.g., finger print, face,

iris) or behavioural (e.g., speech, handwriting) traits are being increasingly utilized in many

applications to enhance the security of physical and logical access systems [3]. Even though

biometric systems over several advantages over traditional token (e.g., key) or knowledge (e.g.,

password) based authentication schemes (e.g., increased user convenience and robustness against

imposter users), they are still vulnerable to attacks. Fig 6 shows the locations of these attacks in a

generic biometric system. A Type1 attack involves presenting a fake biometric (e.g., finger made

from silicon, face mask, lens including fake iris texture) to the sensor. The second type of attack

is called a replay attack, because an intercepted biometric (with or without the cooperation of

14the genuine user) data is submitted to the feature extractor, bypassing the sensor. In the third

type of attack, the feature extractor module is replaced with a Trojan horse program that

functions according to its designer's specifications (henceforth, these users that try to break into

systems protected by biometric authentication will be collectively called \Trudy"). In the fourth

type of attack, genuine feature values are replaced with values (synthetic or real) selected by the

attacker. In the fifth type of attack, the matcher is replaced with a Trojan horse program. The

attacks on the template database (e.g., addition, modification, or removal of templates) constitute

the sixth type of attack. In the seventh type of attack, the templates are tampered with (stolen,

replaced, or altered) in the transmission medium between the template database and matcher.

Lastly, the matcher result (accept or reject) can be overridden by the attacker.

• Attack on the biometric sensor with mockups or dummies. A reproduction of a biometric trait

is presented as input to the system.

• Replay attack. A recorded signal (containing a previously intercepted signal) is replayed to

the system, bypassing the biometric sensor.

• Attack on the feature extractor. The feature extractor is forced, e.g., by Trojan horse, to

oppress single features of a biometric trait, or to produce altered values than those read by the

biometric sensor.

Figure.6: Attack points in biometric systems

Tampered feature representation. Features extracted from the sensor input are replaced by a

(fraudulent) feature set. The stages of feature extraction and matching are often inseparable, and

the attack is complex. However, if the extracted feature set is sent to a remote matcher, e.g., over

the Internet, the threat is real.



• Attack on the matcher. The matcher is forced, e.g., by Trojan horse, to produce high or low

matching score, in order to allow or deny access to an individual.

• Attack on stored biometric templates. Templates stored in a biometric database (local,

remote, distributed) are added, modified or deleted.

• Tampered template representation.

• Attack on the decision end point. If the final matching decision is manipulated by the

attacker, the authentication system is disabled. By overriding the final matching decision, the

biometric system is rendered useless and the biometrics.

7. SECURITY

With the proliferation of large-scale computer networks (e.g., Internet), the increasing number of

applications making use of such networks (e.g., e-commerce, e-learning),and the growing

concern for identity theft problems, the design of appropriate personal authentication systems is

becoming more and more important. Systems that have the ability to authenticate persons (i)

accurately, (ii) rapidly, (iii) reliably, (iv)without invading privacy rights, (v) cost effectively, (vi)

in a user-friendly manner, and (vii) without drastic changes to the existing infrastructures are

desired. Note that some of these requirements conflict with the others. The traditional personal

authentication systems that make use of either a (secret) piece of knowledge (e.g., password)

and/or a physical token (e.g., ID card) that are assumed to be utilized only by the legitimate users

of the system are not able to meet all of these requirements [7] .

8. TEMPLATE PROTECTION

The template is a defining element of a biometric technology and systems, and is critical to

understanding how the biometrics operates. A template is a small file that derived from the

distinctive features of a user’s biometric data, used to perform biometric matches. Biometric

systems store and compare biometric templates, not biometric data.

There are a number of important facts about biometric templates:

• Most templates occupy less than 1 kilobyte and some technology’s templates are as small as 9

bytes; template sizes also differ from vendor to vendor.

• Templates are proprietary to each vendor and each technology. There is no common biometric

template format.

• Biometric data such as finger prints and facial images cannot be reconstructed from biometric

templates. Templates are not merely compressions of biometric data, but extractions of

distinctive features. These features are not alone adequate to reconstruct the full biometric image

or data.

• One of the most interesting facts about biometric technologies is that unique templates are

generated every time a user presents a biometric data. Two immediately successive placements

of a finger on a biometric device generate entirely different templates. These templates, when

processed by a vendor’s algorithm are recognizable as being from the same person, but not

identical.



• Depending on when they are generated, templates can be referred to as enrolment templates or

match templates. Enrolment templates are created upon the user’s initial interaction with a

biometric system and are stored for usage in future biometric comparisons.

9. APPLICATIONS

Fingerprint sensors are best for devices such as cell phones, usb flash drives, notebook computer,

and other applications where price, size, cost, and low power are key requirements.

Fingerprint biometric systems are used for law enforcement, background searches to screen job

applicants, health care and welfare. Accurate identification of a person could deter crime and

fraud, streamline business processes, and save critical resources. Here are a few mind boggling

numbers: about one billion dollars in welfare benefits in the United States are annually claimed

by “double dipping” welfare recipients with fraudulent multiple identities. MasterCard estimates

the credit card fraud at $450 million per annum which includes charges made on lost and stolen

credit cards: unobtrusive positive personal identification of the legitimate ownership of a credit

card at the point of sale would greatly reduce the credit card fraud; about 1 billion dollars worth

of cellular telephone calls are made by the cellular bandwidth thieves – many of which are made

from stolen PINS and/or cellular telephones. Again, an identification of the legitimate ownership

of the cellular telephones would prevent cellular telephone thieves from stealing the bandwidth.

A reliable method of authenticating legitimate owner of an ATM card would greatly reduce

ATM related fraud worth approximately $3 billion annually. A positive method of identifying

the rightful check payee would also reduce billions of dollars that are misappropriated through

fraudulent encashment of checks each year. A method of positive authentication of each system

login would eliminate illegal break-ins into traditionally secure (even federal government)

computers. The United States Immigration and Naturalization service stipulates that it could each

day detect/deter about 3,000 illegal immigrants crossing the Mexican border without delaying

legitimate persons entering the United States if it had a quick way of establishing positive

personal identification.

High speed computer networks offer interesting opportunities for electronic commerce and

electronic purse applications. Accurate authentication of identities over networks is expected to

become one of the important application of biometric-based authentication. Miniaturization and

mass-scale production of relatively inexpensive biometric sensors (e.g., solid state fingerprint

sensors) will facilitate the use of biometric-based authentication in asset protection.

10. ADVANTAGES OR DISADVANTAGES

Advantage: widely accepted by public law enforcement communities as reliable identification.

Disadvantage: requires close physical contact with scanning device, residue on finger may cause

recognition problems; has criminal overtones etc.

11. FUTURE OF BIOMETRICS

As future is near biometric will be a key instrument in our society. With the use of biometrics

increasing from day to day and the need to stop fraud, it seems that the future shows hope. Well

there be a central database to contain the digital templates from everyone eyes, finger or voices.



The future of this technology is just starting to bloom. Many issues are arising from this

technology and “PRIVACY” is the main concern. Even if we are told that the government will

not use the data or release the data to anyone, how can that be proven? It is your right as an

individual and person to protect your privacy about yourself and the direction of this technology

seems to spell “D-I-S-A-S-T-E-R” FOR everyone “PRIVACY”.

12. IMPLEMENTATION WORK

Source Code clear;

clc;

close all;

% 1--> add database

% 0--> recognition

%ok=0;

chos=0;

Possibility=5;

while chos~=possibility,

chos=menu('Fingerprint Authentication System','Select image and add to database','Select image for fingerprint

authentication','Delete database',...

'Fingerprint image: visualization','Exit');

%--------------------------------------------------------------------------

%--------------------------------------------------------------------------

%--------------------------------------------------------------------------

% Calculate FingerCode and Add to Database

if chos==1

clc;

close all;

selezionato=0;

while selezionato==0

[namefile,pathname]=uigetfile({'*.bmp;*.tif;*.tiff;*.jpg;*.jpeg;*.gif','IMAGE Files

(*.bmp,*.tif,*.tiff,*.jpg,*.jpeg,*.gif)'},'Chose GrayScale Image');

if namefile~=0

[img,map]=imread(strcat(pathname,namefile));

selezionato=1;

else

disp('Select a grayscale image');

end

if (any(namefile~=0) && (~isgray(img)))


selezionato=0;

end

end

immagine=double(img);



if isa(img,'uint8')

graylevmax=2^8-1;

end

if isa(img,'uint16')

graylevmax=2^16-1;

end


graylevmax=2^32-1;

end

[oimg,fimg,bwimg,eimg,enhimg] = fft_enhance_cubs(immagine);

fingerprint = enhimg;

%N=h_lato;

[BinarizedPrint,XofCenter,YofCenter]=centralizing(fingerprint,0);

[CroppedPrint]=cropping_64(XofCenter,YofCenter,fingerprint);

%[NormalizedPrint,vector]=sector_norm(CroppedPrint,0);

finger_code_inv=invmoments(CroppedPrint);

% FingerCode added to database

if (exist('fp_database.dat')==2)

load('fp_database.dat','-mat');

fp_number=fp_number+1;

data{fp_number}=finger_code_inv;

save('fp_database.dat','data','fp_number','-append');

else

fp_number=1;

data{fp_number}=finger_code_inv;

save('fp_database.dat','data','fp_number');

end

message=strcat('FingerCode was succesfully added to database. Fingerprint no. ',num2str(fp_number));

msgbox(message,'FingerCode DataBase','help');

end

%--------------------------------------------------------------------------

%--------------------------------------------------------------------------

%--------------------------------------------------------------------------

% Fingerprint recognition

if chos==2

clc;

close all;

selezionato=0;




if namefile~=0




selezionato=1;

else


end



selezionato=0;

end

end

immagine=double(img);

if isa(img,'uint8')

graylevmax=2^8-1;

end


graylevmax=2^16-1;

end


graylevmax=2^32-1;

end

[oimg,fimg,bwimg,eimg,enhimg] = fft_enhance_cubs(immagine);

fingerprint = enhimg;

%N=h_lato;

[BinarizedPrint,XofCenter,YofCenter]=centralizing(fingerprint,0);

[CroppedPrint]=cropping_64(XofCenter,YofCenter,fingerprint);

%[NormalizedPrint,vector]=sector_norm(CroppedPrint,0);

%input vector

vettore_in=invmoments(CroppedPrint);

% FingerCode of input fingerprint has just been calculated.

% Checking with DataBase


load('fp_database.dat','-mat');

%---- alloco memoria -----------------------------------

%template vector

Vector_Lenth=7;

vettore_tem=zeros(Vector_Lenth,1);

best_matching=zeros(fp_number,1);

%valori_rotazione=zeros(n_arcs,1);

% start checking ---------------------------------------

for scanning=1:fp_number

fcode1=data{scanning};



vettore_tem=fcode1;

%NORM(X) is the largest singular value of X, max(svd(X)).

d1=norm(vettore_tem-vettore_in);

val_minimo=d1;

best_matching(scanning)=val_minimo;

end

%[Y,I] = MIN(X) returns the indices of the minimum values in vector I.

[distanza_minima,posizione_minimo]=min(best_matching);

if distanza_minima==0

msgbox('fingerprint is matched with database');

else

msgbox('finger print is not matched with database');

end

%beep;

%message=strcat('The nearest fingerprint present in DataBase which matchs input fingerprint is :

',num2str(posizione_minimo),...

% ' with a distance of : ',num2str(distanza_minima));

%msgbox(message,'DataBase Info','help');

else

message='DataBase is empty. No check is possible.';

msgbox(message,'FingerCode DataBase Error','warn');

end

end % fine caso 2

if chos==3

clc;

close all;


button = questdlg('Do you really want to remove the Database?');

if strcmp(button,'Yes')

delete('fp_database.dat');

msgbox('Database was succesfully removed from the current directory.','Database removed','help');

end

else

warndlg('Database is empty.',' Warning ')

end

end % fine caso 3

if chos==4

clc;

close all;

Selezionato=0;




if namefile~=0




selezionato=1;

else


end



selezionato=0;

end

end

figure('Name','Selected image');

imshow (img);

end % fine caso 4

end % fine while

13. RESULTS

Snapshots

1. Basic output display

2. The below snapshot shows the fingerprint image is selected from data base

3. The below snapshot shows the fingerprint image is matched with the data base.



4. Visualization image will be displayed nothing but input image.

5. The below snapshot shows another fingerprint image is selected from database

6. The below snapshot shows the fingerprint image is not matched with the database.

7. The below snapshot shows the code will be exit

14. CONCLUSION

In this project we have analysed the vulnerabilities of fingerprint recognition systems to have

different direct attack and indirect attacks. In this system, we have reused ideas in the areas of



image processing technique to extract the minutiae from biometric image. Therefore it can be

directly applied to fortify existing standard single biometric based security applications.

In this project we conclude that providing the authentication using fingerprints of the persons.

Here there is two cases test and train. In train case we finally register the finger print of persons

to whom we wish to give authorization .So after register the persons into the data base of the

fingerprints .These are changed into templates of predefined .After making Templates the

database will be compared with the testing.In testing we just make verification after adding the

fingerprint of persons. It compares with that templates, which are available in database. If it is

already in database, it shows matched result else it gives not matched. Biometrics-based

authentication has many usability advantages over traditional systems such as passwords.

Specifically, users can never lose their biometrics, and the biometric signal is difficult to steal or

forge. We have shown that the intrinsic bit strength of a biometric signal can be quite good,

especially for fingerprints, when compared to conventional passwords. Within a fairly short

period of time, biometric recognition technology has found its way into many areas of everyday

life. Citizens of more than 50 countries hold machine-readable passports that store biometric

data–a facial image and in most cases a digital representation of fingerprints–on a tiny RFID

chip, to verify identity at the border. Law enforcement agencies have assembled biometric

databases with fingerprints, voice and DNA samples, which make their work more efficient and

manageable. Commercial applications use biometrics in local access control scenarios, but also

increasingly in remote telebiometric deployments, such as e-commerce and online banking, and

complement or replace traditional authentication schemes like PIN and passwords. Since

biometrics rely on highly sensitive personal information, the handling of biometric information

needs to be given special attention and protective measures need to be put in place to safeguard

privacy and avoid compromise of biometric data.

ACKNOWLEDGEMENTS

The authors would like to thank everyone, whoever remained a great source of help and

inspirations in this humble presentation. The authors would like to thank K.L. University

management for providing necessary facilities to carry out this work

REFERENCES

[1] Biometric consortium 2009, //http:www. Biometrics.org// (16january2012).

[2]//www.findbiometrics.com// (18january2012).

[3] Galbally J, Cappelli R. An evaluation of direct and indirect attacks using fake fingers

generated from ISO templates pattern recognition. 2009.

[4] Galbally J, Lumini A. Fake fingerprint generation from minutiae template. 2008.

[5] www. fingerprint.shtml/ networkusa.org (20 january2012).

[6] Design and implementation for secure embedded biometric authentication systems by

shenglin yang in 2007.

[7]www.biometricsecurity.com (26january2012).



[8] Enhancing security and privacy in biometric based authentication systems by N.K.Ratha in

2001.

[9]Biometrics organization Website http://www.miometrics.org//

[10] Yang YJ, Bao F, Deng RH. A New Architecture for Authentication and Key Exchange

Using Password for Federated Enterprises. Proc. 20th Int’l Federation for Information

Processing Int’l Information Security Conf. (SEC ’05), 2005.

[11] Yang YJ, Bao F, Deng RH. Deng “A Practical Password-based Two Server authentication

and Key Exchange System. IEEE Transactions on Dependable and Secure Computing 2006;

3(2).

IJESR/April 2012/ Volume-2/Issue-4/Article No-4/158 … 4.pdfIJESR/April 2012/...

Documents

Transcript of IJESR/April 2012/ Volume-2/Issue-4/Article No-4/158 … 4.pdfIJESR/April 2012/...