1 / 21

Biometrics Authentication

Biometrics Authentication. Bruce Maggs. Biometric Identifiers. Fingerprints, palm prints Palm veins Hand shape Facial image DNA Iris, retinal images Odor Etc. Fingerprints. https://en.wikipedia.org/wiki/Fingerprint#/media/File:Fingerprints_taken_by_William_James_Herschel_1859-1860.jpg.

traceyl
Download Presentation

Biometrics Authentication

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Biometrics Authentication Bruce Maggs

  2. Biometric Identifiers • Fingerprints, palm prints • Palm veins • Hand shape • Facial image • DNA • Iris, retinal images • Odor • Etc.

  3. Fingerprints https://en.wikipedia.org/wiki/Fingerprint#/media/File:Fingerprints_taken_by_William_James_Herschel_1859-1860.jpg

  4. Fingerprint Minutiae • Two classes of algorithms: minutaie matching and image comparison. https://www.fbi.gov/about-us/cjis/fingerprints_biometrics/biometric-center-of-excellence/files/fingerprint-recognition.pdf

  5. FBI Database • “Integrated Automated Fingerprint Identification System” • What is included in IAFIS: Not only fingerprints, but corresponding criminal histories; mug shots; scars and tattoo photos; physical characteristics like height, weight, and hair and eye color; and aliases. • https://www.fbi.gov/about-us/cjis/fingerprints_biometrics/iafis/iafis • Includes fingerprints for over 70 million criminals and 34 million other civilians. • 27 minute processing time for criminal inquiry, 72 minutes for civil

  6. Creating Fake Fingerprints • Relatively easy to do given access to a real fingerprint. • But in 2014 Jan Krissler demonstrated that he could create a fake fingerprint from a high-resolution photograph of Germany’s Federal Minister of Defense Ursula von der Leyen! http://www.ibtimes.com/hacker-demonstrates-how-fake-fingerprint-sensors-using-regular-photographs-1769408

  7. Retinal Scans • More difficult to collect than fingerprints. https://en.wikipedia.org/wiki/Retina#/media/File:Fundus_photograph_of_normal_left_eye.jpg

  8. Facial Recognition Algorithms based on many techniques, including principal component analysis (PCA), linear discriminant analysis (LDA), elastic bunch graph matching (EBGM), etc. Identification: compare a probe image to a gallery of images. Verification: are two photos of the same person? Accuracy can be as high as 95% in controlled situations (mugshots). But when gallery contains many unknown people and photographs taken in real-world poses and lighting, accuracy drops significantly. The MegaFace Benchmark: 1 Million Faces for Recognition at Scale, I. Kemelmacher-Shlizerman, S. M. Seitz, D. Miller, and E. Brossard, Proceedings of the 29th IEEE Conference on Computer Vision and Pattern Recognition, 2016.

  9. DNA • 99.9% of DNA is identical in every human! • Tests focus on loci where differences are likely to occur. • Original DNA is not compared directly: first, copies are made using Polymerase Chain Reaction (PCR) • FBI estimates probability of a coincidental match at 1 in 108 trillion, but other estimates are much lower. https://sasha949.files.wordpress.com/2010/05/3642508132_3f7c649f62_o.jpg http://www.nij.gov/topics/forensics/evidence/dna/basics/pages/analyzing.aspx

  10. Voice-Based Authentication • Compare a speaker’s voice with known characteristics of the voice, usually with the cooperation of the speaker. • Non-invasive biometric capture (microphones) • Barclay’s uses with high-end banking clients • Protocol must protect against replay attack http://www.paymentscardsandmobile.com/barclays-roll-voice-biometrics-12m-customers/

  11. Implanted Chips • RFID (Radio-Frequency Identification) chip https://en.wikipedia.org/wiki/Radio-frequency_identification#/media/File:Microchip_rfid_rice.jpg https://en.wikipedia.org/wiki/Microchip_implant_(human)#/media/File:RFID_hand_2.jpg

  12. RFID Technologies • When a changing magnetic field passes over an antenna (e.g., through a coil), a current is induced on the chip, which can provide power. • The chip can adjust its antenna, perturbing the magnetic field, which reader senses (up to about 10cm). http://rfid-handbook.de/downloads/images/hf-kommunikationsprinzip.png

  13. More on RFID Technology • Reflective backscatter: chip alters reflection of a radio wave. • Active RFID: batteries in the chip are used generate a radio signal, boosting transmission range, e.g., up to tens of meters.

  14. Inter-Technology Backscatter • Bluetooth device, e.g., smart watch, sends signal to passive wearable device, which reflects a standards-compliant WiFi signal at 1Mb/s! • “Inter-Technology Backscatter: Towards Internet Connectivity for Implanted Devices,” V. Iyer, V. Talla, B. Kellogg, S. Gollakota and J. R. Smith, SIGCOMM 2016.

  15. Monitoring Respiration and Pulse • WiFi signals can be used to monitor heart rate and respiration rate. • “Smart Homes that Monitor Breathing and Heart Rate,” F. Adib, H. Mao, Z. Kabelac, D. Katabi, R. C. Miller, CHI 2015.

  16. Thermal Scanning for Fever https://www.newscientist.com/article/dn3656-airports-scan-for-sars-victims-flushed-faces/ • Temperatures above 100.4 degrees Farenheit show up red. • Used to screen for potential carriers of SARS.

  17. Turing Test A test of a computer’s ability to behave in a way that is indistinguishable from a human being. Turing proposed natural language conversations.

  18. “Reverse” Turing Test or “CAPTCHA” • A test that can distinguish a human from a computer. • CAPTCHA: Completely Automated Public Turing test to tell Computers and Humans Apart

  19. “Captchas” http://www.captcha.net/ Easy to generate, difficult for a computer to solve. U.S. Patent 6195698: Method for selectively restricting access to computer systems. Mark D. Lillibridge, Martin Abadi, Krishna Bharat, Andrei Z. Broder. Filed April 13, 1998, published February 27, 2001. von Ahn, Luis; Blum, Manuel; Hopper, Nicholas J.; Langford, John (May 2003). CAPTCHA: Using Hard AI Problems for Security. EUROCRYPT 2003: International Conference on the Theory and Applications of Cryptographic Techniques

  20. Polygraph / Lie Detector • Measures physiological responses to questions, such as heart rate, blood pressure, perspiration http://abcnewspapers.com/2012/07/07/new-business-detects-between-truth-and-lies/

  21. Scientific Validity? • “CONCLUSION: Polygraph testing yields an unacceptable choice for DOE employee security screening between too many loyal employees falsely judged deceptive and too many major security threats left undetected. Its accuracy in distinguishing actual or potential security violators from innocent test takers is insufficient to justify reliance on its use in employee security screening in federal agencies.” • The Polygraph and Lie Detection, Committee to Review the Scientific Evidence on the Polygraph. Division of Behavioral and Social Sciences and Education. Washington, DC: The National Academies Press. 2003 • Not admissible in court. • But accuracy is better than chance when focused on specific incidents. • Subject’s belief in validity may lead to truthfulness.

More Related