Example: Data Mining for the NBA - The University of Texas at Dallas

Download Report

Transcript Example: Data Mining for the NBA - The University of Texas at Dallas 

Introduction to Biometrics
Dr. Bhavani Thuraisingham
The University of Texas at Dallas
Lecture #4
Introduction to Biometrics
August 31, 2005
Outline
 Introduction to Biometrics
- What is Biometrics?
- What is the Process?
- Why Biometrics?
 Biometrics Resources
 What is Secure Biometrics
 Revisiting Topics to be covered
 Some exploratory research areas
 Some useful reference books
What is Biometrics?
 Biometrics are automated methods of recognizing a person
based on a physiological or behavioral characteristic
 Features measured: Face, Fingerprints, Hand geometry,
handwriting, Iris, Retinal, Vein and Voice
 Identification and personal certification solutions for highly
secure applications
 Numerous applications: medical, financial, child care,
computer access etc.
What is the Process?
 Three-steps: Capture-Process-Verification
 Capture: A raw biometric is captured by a sensing device
such as fingerprint scanner or video camera
 Process: The distinguishing characteristics are extracted
from the raw biometrics sample and converted into a
processed biometric identifier record
Called biometric sample or template
 Verification and Identification
- Matching the enrolled biometric sample against a single
record; is the person really what he claims to be?
Matching a biometric sample against a database of
identifiers
-
Why Biometrics?
 Biometrics replaces Traditional Authentication Methods
 Provides better security
 More convenient
 Better accountability
 Applications on Fraud detection and Fraud deterrence
 Dual purpose
- Cyber Security and National Security
Why Biometrics? (Continued)
 Authentication mechanisms often used are User ID and
Passwords
 However password mechanisms have vulnerabilities
- Stealing passwords etc.
 Biometrics systems are less prone to attacks
 Need sophisticated techniques for attacks
- Cannot steal facial features and fingerprints
- Need sophisticated image processing techniques for
modifying facial features
Why Biometrics? (Continued)
 Biometrics systems are more convenient
 Need not have multiple passwords or difficult passwords
- E.g., characters, numbers and special symbols
- Need not remember passwords
 Need not carry any cards or tokens
 Better accountability
- Can determine who accessed the system with less
complexity
Why Biometrics? (Concluded)
 Dual Purpose
- Cyber Security and National Security
 Access to computer systems and networks
 Fraud detection
- Who has intruded the system?
- Who has entered the building
- Surveillance and monitoring
 Fraud Deterrence
- Because of biometrics systems, people are nervous to
-
commit crimes
Stealing from supermarkets and shops, etc.
Biometrics Resources
 Biometrics Consortium is the major resource
- www.biometrics.org
 Another Resource
- http://www.biometricsinfo.org/
 Has Information on
- Who is doing what
 Academia,
-
Industry and Government
White papers on Biometrics technologies
 Fingerprint detection, facial recognition, Iris scanning,
----
Biometrics Resources: What is academia doing?
 Michigan State University
- Developing algorithms for fingerprint detection, etc.
 West Virginia University
- Forensic identification initiative
 San Jose State University
- Mathematical concepts
Biometrics Resources: What is Industry doing?
 Focus is on building faster and cheaper devices
 More accuracy, less false positives and negatives
 Incorporating biometrics into mobile devices, Smartcards
 Biometrics in healthcare: delivering medication to correct
patients
 Biometrics in child care: Children are picked up by those
authorized
 Protecting digital content
- Ensuring that voice and video are not altered
Vendors: http://www.biometricsinfo.org/vendors.htm
Biometrics Resources: What is Government
doing?
 NSA (National Security Agency)
- Research on protecting critical information systems
 DoD (Department of Defense)
- Biometrics Management Office
- Provide Armed forces access to Biometrics systems for
combat operations
 INS/DHS (Department of Homeland Security; Immigration and
Nationalization Service)
- Biometrics technologies at Airports
 NIST (National Institute of Standards and Technologies)
Major player in Biometrics
-
Activities of NIST
 Measurements, Testing and Standards is NIST’s mission
 Focus on Biometrics Standards
 Activities
- Biometrics Consortium
- Common Biometric Exchange File Format
- Biometric Interoperability, Performance and Assurance
-
Working Group
BioAPI Consortium
Various Standards
Activities of NIST (Continued)
 Biometrics Consortium is the Government focal point for
research, development and testing of Biometric products and
technologies
 Common Biometric Exchange File Format is a product of the
consortium to develop common fingerprint template formats
 Biometrics Interoperability working group promotes common
definitions and concepts for exchanging information between
national and international partners
 BioAPI consortium develops common Application
Programming Interfaces for biometrics technologies
Activities of NIST (Concluded)
 NIST is developing standards for the following:
- Finger image format for data Interchange
- Face image format for data interchange
- Iris image format for data interchange
- Signature image format for data interchange
 NIST is working with International standards organizations for
joint standards
- ISO (International Standards Organization)
What is Secure Biometrics?
 Study the attacks of biometrics systems
- Modifying fingerprints
- Modifying facial features
 Develop a security policy and model for the system
- Application independent and Application specific policies
- Enforce Security constraints
 Entire
face is classified but the nose can be displayed
- Develop a formal model
- Formalize the policy
 Design the system and identify security critical components
- Reference monitor for biometrics systems
Security Vulnerabilities
 Type 1 attack: present fake biometric such a synthetic
biometric
 Type 2 attack: Submit a previously intercepted biometric data:
replay
 Type 3 attack: Compromising the feature extractor module to
give results desired by attacker
 Type 4 attack: Replace the genuine feature values produced
by the system by fake values desired by attacker
 Type 5 attack: Produce a high number of matching results
 Type 6 attack: Attack the template database: add templates,
modify templates etc.
Security and Privacy for Biometrics
 Privacy of the Individuals have to be protected
 CNN News Release: August 29, 2005
- Distorting Biometrics Enhances Security and Privacy
- Biometric data converted to numerical strings by
-
mathematical algorithm for later use
If the mathematical templates are stolen could be
dangerous
Researchers have developed method to alter the images
in a defined and repeated way
Hackers steal the distortion not the original face or
fingerprint
Revisiting Topics Covered
 Unit #1: Biometrics and Other Emerging Topics in Information
Security (Lecture 1)
 Part I: Supporting Technologies (not included in Exam)
- Material from book Database and Applications Security,
CRC Press, Thuraisingham, May 2005
- Unit #2: Information Security (Lecture 2)
- Unit #3: Information Management (Lecture 3)
 Included a demo of suspicious event detection by Gal
Lavee; example of behavioral biometrics
Revisiting Topics Covered
 Part II: Introduction to Biometrics
- Unit #4: What is Biometrics? Why Biometrics? (Lecture 4)
 Chapter
-
1 of text book + material from
www.biometrics.org
Unit #5: Designing Biometrics Systems (Lecture 5)
 Chapters 2 and 3 of book + additional reference
material
Outline of the Course (Continued)
 Part III: Biometrics Technologies
- Chapters 4 – 9 + Reference material
- Unit #6: Finger Scan
- Unit #7: Facial Scan
- Unit #8: Iris Scan
- Unit #9: Voice Scan
- Unit #10: Physiological Biometrics
- Unit #11: Behavioral Biometrics
Outline of the Course (Continued)
 Part IV: Biometrics Application
- Chapters 10 – 14 + reference material
- Unit #12: Types of Applications
- Unit #13: Citizen Facing Applications
- Unit #14: Employee Facing Applications
- Unit #15: Customer Facing Applications
- Unit #16: Biometrics Markets
 Part V: Privacy and Standards
- Chapters 15 – 17 + Reference material, NIST activities
- Unit #17: Risks to Privacy
- Unit #18: Privacy Enhanced Biometrics Systems
- Unit #19: Biometrics Standards
Outline of the Course (Continued)
 Part VI: Securing Biometrics Systems
- Reference material
- Unit #20: Attacks to Biometric Systems
- Unit #21: Designing Secure Biometrics Systems
 Part VII: Prototypes and Products
- Reference material
- Unit #22: Overview of Prototypes and Products
- Unit #23: USVISIT and Other Biometrics Systems
Outline of the Course (Concluded)
 Unit #24 Conclusion to the Course
- Summarize what we have learnt and provide directions
 Appendix: Special Topics and Guest Lectures (Not included in
exams)
Data Mining for Biometrics Applications
 Towards end of the course given by me
- Privacy preserving data mining
 September 26, 2005 (tentative)
- Other special topics
 E.g., Image processing, October 24, 2005 (Tentative)
-
Some Exploratory Research Areas not covered
 DNA
 Ear shape
 Odor (human scent)
 Vein-scan (in back of hand or beneath palm)
 Finger geometry (shape and structure of finger or fingers)
 Nailbed identification (ridges in fingernails)
 Gait recognition (manner of walking)
Some Useful Reference Books
 Biometrics by John D. Woodward Jr., Nicholas M. Orlans,
Peter T. Higgins
- Paperback: 416 pages
- Publisher: McGraw-Hill Osborne Media; 1st edition
(December 19, 2002)
- ISBN: 0072222271
 Biometric Systems : Technology, Design and Performance
Evaluation by James Wayman (Editor), Anil Jain (Editor),
David Maltoni (Editor), Dario Maio (Editor)
Hardcover: 370 pages
- Publisher: Springer; 1st edition (December 16, 2004)
- ISBN: 1852335963
-