securing fingerprint images using data hiding techniques · vaibhav bharatkumar joshi (135005)...
TRANSCRIPT
Securing Fingerprint Images Using Data Hiding Techniques
Synopsis
Submitted to
Ahmedabad University
For
The Degree of Doctor of Philosophy in
Information and Communication Technology
By
Vaibhav Bharatkumar Joshi (135005)
School of Engineering and Applied Science, Ahmedabad University,
Ahmedabad – 380009, India.
Under Supervision of
Dr. Mehul S. Raval
Associate Professor
School of Engineering and Applied Science,
Ahmedabad University.
[March – 2018]
1 Introduction
With growth in technology and digitization, personal data is available onthe Internet. A strong user authentication mechanism is required to preventillegal access to data. As a result, biometric-based authentication mecha-nism [10] became popular. However, biometric system suffers from 1) falseacceptance and 2) false rejection errors. They create leakages in The bio-metric system which opens the door for attack. Under adversary attack, thebiometric system is vulnerable at eight points [17] as shown in Figure 1.Therefore, next section describes alternatives available for its protection.
Figure 1: Vulnerable points in a biometric recognition system [17]
2 Biometric Template Protection Techniques
Biometric data protection is broadly divided into two categories; 1) cryp-tosystem based privacy protection and 2) watermarking based authenticationas shown in Figure 2.
Major goals of cryptosystem based privacy protection are; 1) Revocabilityand 2) Security. Biometric cryptography, fuzzy vault [22] and cancelablebiometrics [17] are three main methods for privacy protection but they areunable to detect tampering [18] in the database. This may lead to high falsenon-matching rate resulting into denial of service (DoS) attack and makingbiometric system prone to unauthorized template injection.
Biometric watermarking is broadly classified into ‘template embedding’and ‘sample watermarking’ [8]. In template embedding, features of a bio-metric modality are extracted and added as a watermark into either natural
1
Figure 2: Broad classification of biometric template protection techniques
image or another biometric image. Thus it is used for protecting biomet-ric template [7, 16]. Methods under this category rely on the robustnessof watermark and biometric authentication. Therefore, it needs an originaltemplate for authentication.
In sample watermarking, template-dependent signature or random data isused to watermark biometric template [1, 13] for its authentication. However,they are non-reversible in nature. Also due to watermarking recognitionaccuracy of biometric system changes.
2.1 Existing research gaps
Based on literature survey following are existing research gaps.
• Cryptosystem and template embedding provide privacy protection andrevocability but they fail to authenticate database.
• Watermark embedding in plain biometric traits authenticate databasebut it fails to provide privacy protection which compromises revocabil-ity.
• All the watermarking methods secure one or at most two vulnerablepoints [17] of a biometric system.
• Insertion of watermark changes template which impacts recognitionaccuracy of the biometric system [17].
• All the methods do not use watermarking in conjunction with encryp-tion to simultaneously provide privacy protection and authentication.
Among biometric traits like iris, palm print, retina, signature; fingerprinthas been the longest serving, most successful and popular trait for human
2
identification [10]. Hence in this research work fingerprint is used as a modal-ity to develop various algorithms.
2.2 Reversible data hiding techniques
Watermarking provides authentication and encryption delivers privacy pro-tection. Therefore, it is necessary to use them in conjunction to improvesecurity. It means that watermark must regain its original form after itsremoval. This necessitates the use of reversible data hiding (RDH).
In case of reversible data hiding a cover regains its original form afterremoval of the watermark. Reversible data hiding techniques are classifiedas follows: 1. difference expansion (DE) [21]; 2. histogram modification [15];and 3. lossless compression [2].
2.3 Research statement
Develop the reversible watermarking method for fingerprint images which iscommutative with symmetric key cryptography to provide privacy protectionand authentication without affecting biometric system’s accuracy.
3 Contributions
The work has following major contributions:
1. Initially, the author investigated several watermarking schemes for fin-gerprint authentication. Then developed the DWT and SVD basedmultiple semi-fragile watermarking technique which provides authen-tication at multiple vulnerable points (i.e., # 2, 6 and 7).
2. Secondly, the author analyzed effect of watermark embedding on na-tive fingerprint recognition accuracy. Based on analysis the authordeveloped the multiple reversible watermarking scheme for fingerprintimages. The method also provides authentication at many vulnerablepoints (i.e # 2, 6 and 7). The method is reversible in nature, there-fore after authentication, the original fingerprint image is recovered andnative fingerprint system accuracy is unaffected.
Up to this stage main focus was to develop an authentication mech-anism for fingerprint image without affecting accuracy of fingerprintsystem. Now, the flow moves in the direction of developing privacyprotection scheme which works in conjunction with reversible water-marking scheme developed earlier.
3
3. The pilot scheme is developed to provide commutativity between re-versible watermarking and simple seed based permutation i.e.,E(W (I,KW ), KE) = W (E(I,KE), KW ). where, W , E, KW and KE
are watermarking, encryption, watermarking key and encryption keyrespectively and I is the input image.
4. Analysis of the basic scheme showed that it is vulnerable to attackson database i.e., unauthorized embedding and watermark substitution.The scheme was made robust to these attacks. Also in place of simplepermutation, a symmetry-key based encryption was used.
5. Finally, the improved commutative scheme was made compression friendly.The scheme fills region of interest (ROI) in a fingerprint with uniformpixels. This step reduces the entropy. Reversible data hiding is usedfor ROI recovery and a hash of ROI and non-ROI region are used forauthentication.
4 Data Hiding Techniques for Fingerprint Au-
thentication
4.1 Multiple semi-fragile watermarking
In this work, we proposed semi-fragile technique using two watermark toprotect at sensor and database. Watermark W1 is used for database authen-tication and it is resistive to lossy compression. It is derived using block-basedsingular values (SVs) of a fingerprint image. W1 establish linkages betweenwatermark and fingerprint image making it robust against unauthorized tem-plate injection (copy attack). Watermark W2 is computed using second andthird order moments of the fingerprint image. W2 is resistive to mild affinetransformation and lossy compression.
Fingerprint images from FVC [4] databases have been used for experi-mentation. The filter bank based fingerprint matching system [11] is usedfor testing watermarking algorithm. Two watermarks perform authenticitychecks at database and sensor. Table 1 shows effect of different attacks onthe database. Table 2 shows effect of different attacks on query fingerprintat the sensor. In Table 1 and Table 2 CR represents compression ratio andBER shows bit error rate.
Watermark W1 is robust to JPEG2000 compression while sensitive to his-togram equalization (Hseq), Gaussian noise GN and copy attack. SimilarlyW2 which is derived from higher order moments are restive JPEG2000, mild
4
Table 1: Average BER for different attacks on W1
Attacks Average BER DecisionNo attack 0.0000 AuthenticJPEG2000 (CR = 5) 0.0066 AuthenticHseq 0.4602 UnauthenticGN (µ = 0, σ = 1) 0.5001 UnauthenticCopy attack 0.2053 Unauthentic
Table 2: Average BER for different attacks on W2
Attacks Average BER DecisionNo attack 0.0000 AuthenticJPEG2000 (CR = 5) 0.0004 AuthenticRotation of +5o 0.0360 AuthenticDown scaling by 2 0.0030 AuthenticGN (µ = 0, σ = 1) 0.4700 UnauthenticCopy attack 0.6300 Unauthentic
rotation up to ±5o and scale change. At the same time, W2 is very sensitiveto malicious attempts of noise addition and copy attack.
It is observed that watermark does change the structure of the fingerprintwhich affect native fingerprint recognition accuracy.
4.2 Reversible watermarking based fingerprint authen-tication
The method discussed in section 4.1 secure multiple vulnerable points butwatermark is irreversible and affect biometric accuracy. Therefore, as animprovement reversible watermarking based fingerprint authentication tech-nique is covered in this section. Image dependent watermarks W1 and W2
are inserted using; 1) histogram based reversible data hiding and 2) losslesscompression based data hiding. Table 3 shows effect of histogram equaliza-tion (Hseq) and copy attack on the database.
Due to reversible data hiding, fingerprint regains original form. Therefore,fingerprint recognition accuracy remains un-affected. Furthermore it haslower computational complexity as compared to semi-fragile watermarkingin section 4.1.
5
Table 3: BER under different attacks on fingerprints in the database (averageof 200 images) from [4, 5]Attacks Average
BER (W1)AverageBER (W2)
Reversibility Decision
No attack 0.00 0.00 Yes AuthenticHseq 0.45 0.47 No UnauthenticCopy attack 0.55 0.58 No Unauthentic
5 Reversible Data Hiding with Privacy Pro-
tection
The watermarking discussed in section 4.1 and 4.2 provide authenticationat multiple vulnerable points without affecting native fingerprint recognitionaccuracy. However, insertion of a watermark in the raw fingerprint imagedoes not have privacy protection. This encourages the method which providessimultaneous authentication and privacy protection.
5.1 Pilot commutative scheme
As an initial implementation a scheme with commutativity between reversiblewatermarking and random permutation has been proposed in this subsection.The biometric database consists of encrypted and watermarked fingerprintimages. After successful authentication, watermarking is inverted to get backthe plain fingerprint. The proposed scheme protects three vulnerable pointswithout changing recognition accuracy.
The 8-bit fingerprint images with 500 dpi resolution and size 512 × 512are selected for experimentation. The 28 × 1 multiplexer is used for imagepermutation and de-permutation. Hence random numbers are generated inthe range [0, 255] and thus the probability of brute force Pb is 1/(256!) whichis close to zero. Table 4 shows the sensitivity of watermark at differentvulnerable points to Hseq, Laplacian filtering (LC), average filtering (Avg)and Gaussian noise (GN) with µ = 0 and σ = 0.01. It shows that method issensitive to manipulation.
5.2 Improved reversible data hiding with privacy pro-tection technique
Method discussed in section 5.1 provide commutativity between reversiblewatermarking and encryption. However, it has poorly designed reversible
6
Table 4: BER at different vulnerable points
AttacksBER at
sensor (#1)BER at
database (#6)BER at
channel (#2)Hseq 0.47 0.48 0.48LC (α = 0.2) 0.50 0.53 0.52Avg (3 × 3) 0.49 0.52 0.48GN 0.49 0.48 0.48
watermarking subsystem as:
1. Watermarking method is non-blind in nature due to requirement of theoriginal watermark at receiver.
2. The probability of the watermark substitution increases when all fin-gerprints are marked using the same watermark. This probability canbe lowered by using unique watermark for each fingerprint but thanwatermark management becomes a major issue.
3. Watermark is embedded only in LSB planes of an image which cannotdetect tampering in MSB planes.
4. The key space is relatively small (28)! and may succumb to brute forcesearch.
High probability of watermark substitution leads to unauthorized datainsertion in database and MSB tampering can be used for DoS attack. Themethod in this subsection provides security against them.
Fingerprint images with 500 dots per inch (dpi) and size 512 × 512 areselected for experiments [5]. The even random integer during encryptionfalls in [0, 512) and therefore Pb is 1
2(2097152). Figure 3 show watermarked
fingerprints generated using integer wavelet transform (IWT). Figure 4 showsencrypted versions of the watermarked image.
(a) (b) (c) (d)
Figure 3: Watermarked image (a)wm img1 (b) wm img2 (c) wm img3 (d)wm img4.
7
(a) (b) (c) (d)
Figure 4: Encrypted watermarked image corresponding to Figure 3; (a)enc img1 (b) enc img2, (c) enc img3 (d) enc img4.
Table 5 shows that improved commutative method detects change in wa-termark structure and hence generate high BER against watermark substi-tution attack. Table 6 show the BER against MSB tampering. It should be
Table 5: BER against watermark substitutionImage Method in 5.1 Method Section 5.2img1 0 0.1956img2 0 0.2035img3 0 0.2215img4 0 0.2563
Average 0 0.1856
noted that method in 5.1 fails to capture MSB tampering while the methodin current section captures this manipulation.
Table 6: BER against MSB tamperingImage Method in section 5.1 Method in section 5.2img1 0 0.3412img2 0 0.3251img3 0 0.3178img4 0 0.3549Average 0 0.3059
6 Compression Friendly Reversible Data hid-
ing with Privacy Protection
Methods discussed in section 5 encrypt entire fingerprint image (EImg) forprivacy protection which enhance overall image entropy and increases file size
8
after lossless compression. It is not necessary to encrypt entire fingerprintimage but encrypting part with significant features is sufficient for privacyprotection.
The image is divided into two part 1) privacy sensitive region (PSR) and2) non-PSR. The 128 × 128 PSR is filled with a uniform valued pixels andthe original pixels are losslessly compressed and encrypted (ECPSR). Us-ing hash algorithm [19] signature of the non-PSR region is calculated andappended at the end of ECPSR to generate watermark (W). Finally, W is re-versibly embedded into the image and generate a watermarked image (WImg).The watermarked image is then losslessly compressed in Portable NetworkGraphics (PNG) [9] format.
(a) Original Image (b) ROC of Originalimages
(c) WImg (d) ROC of originaland WImg images
Figure 5: FAR and FRR for original and WImg images
The core delta part of the fingerprint image which contains significantfeatures is selected as PSR as shown in Figure 5. For experimentation fin-gerprint images shown in Figure 3 are used. The shape of PSR is fixed as asquare for simplicity as shown in Figure 6.
(a) (b) (c) (d)
Figure 6: Sample WImg
The method’s efficacy is demonstrated by comparing the file size of WImg
images with the compressed EImg images. Table 7 shows that the com-pressed WImg images have comparatively much lower file size compared tothe compressed EImg. At the same time, the proposed method provides pri-
9
Table 7: File size in kilo-bytes for EImg and WImg with PSR of 128 × 128with PNG compression
host file sizeimage Original EImg WImg
image 1 92 430 127image 2 142 425 139image 3 93 421 123image 4 103 423 141average 107.5 425.25 132.5
vacy preservation by corrupt most features of fingerprint image and also hashbased authentication
7 Conclusion
The central goal of this research work is to study and improve the securityof the conventional biometric system. The work reviewed eight vulnerablepoints and various alternatives to secure biometric system. It emerged thatwatermarking is useful for improving security and sealing vulnerable pointsin a biometric system.
Initially, semi-fragile technique covered in section 4.1 secured multiplepoints but its irreversibility affected recognition accuracy. This problem issolved by a reversible watermarking method in section 4.2. Moving ahead,section 5.1 covers pilot commutative method which provides simultaneousprivacy protection and authentication. However, security flaws of the pilotmethod and its improved version is discussed in section 5.2. Finally, themethod discussed in section 6 provides privacy protection, authenticationand, compression for fingerprint image.
Publications by the author
1. Joshi, Vaibhav B., M. V. Joshi, Mehul S. Raval,: “Multilevel semi-fragile watermarking technique for improving biometric fingerprint sys-tem security” book chapter in Intelligent Interactive Technologies andMultimedia Communications in Computer and Information Science,Springer Berlin Heidelberg 2013, vol. 276, pp. 272-283, 2013.
2. Joshi, Vaibhav B., Mehul S. Raval, Priti P Rege and S K Parulkar:“Multistage VQ based Exact Authentication for Biometric Images”,
10
Journal of Computing by Computer Society of India, Article 3, vol. 2,No. 1-2, 2013.
3. Joshi, V.B.; Raval, M.S.; Mitra, S.; Rege, P.P.; Parulkar, S.K., “Re-versible watermarking technique to enhance security of a biometric au-thentication system,” Computer Vision, Pattern Recognition, ImageProcessing and Graphics (NCVPRIPG), 2013 Fourth National Confer-ence on , vol., no., pp.1,4, 18-21 Dec. 2013.
4. Joshi, Vaibhav B., Dhruv Gupta, and Mehul S. Raval, “A Commuta-tive Encryption and Reversible Watermarking for Fingerprint Image.”International Workshop on Digital Watermarking. Springer, pp. 323-336, 2015.
5. Raval, Mehul S and Joshi, Vaibhav B and Gupta, Dhruv and Kher,Shubhalaxmi J, “Authenticating super-resolved image and Enhancingits PSNR using watermark”, Computational Intelligence, 2015 IEEESymposium Series on, pp 481-487, 2015.
6. Joshi, Vaibhav B., Raval, M. S., Gupta, D., Rege, P. P., and Parulkar,S. K., “A multiple reversible watermarking technique for fingerprintauthentication.” Multimedia Systems, vol. 22, no. 3, pp. 367-378,2016.
7. Joshi, Vaibhav B., Mehul S. Raval, Dhruv Gupta, and Priti P. Rege.“An invertible fuzzy scheme for securing a fragile watermark.” In-ternational Conference on Computing, Analytics and Security Trends(CAST), pp. 517-522. IEEE, 2016.
8. Joshi, Vaibhav B and Raval, Mehul S and Kuribayashi, Minoru, “Re-versible data hiding based compressible privacy preserving system forcolor image”,Multimedia Tools and Applications, Springer, pp 1-26,2017.
References
[1] Mohammed Alkhathami, Fengling Han, and Ron Van Schyndel. Fin-gerprint image watermarking approach using dtcwt without corruptingminutiae. In Image and Signal Processing (CISP), 2013 6th Interna-tional Congress on, volume 3, pages 1717–1723. IEEE, 2013.
11
[2] Mehmet Utku Celik, Gaurav Sharma, A Murat Tekalp, and Eli Saber.Lossless generalized-lsb data embedding. IEEE transactions on imageprocessing, 14(2):253–266, 2005.
[3] Dinu Coltuc. Improved embedding for prediction-based reversible wa-termarking. IEEE Transactions on Information Forensics and Security,6(3):873–882, 2011.
[4] FVC2002. Fingerprint database: Fvc2002. http://bias.csr.unibo.
it/fvc2002/databases.asp, 2002.
[5] FVC2004. Fingerprint database: Fvc2004. http://bias.csr.unibo.
it/fvc2004/databases.asp, 2004.
[6] FVC2006. Fingerprint verification competition: Fvc2006. http://
bias.csr.unibo.it/fvc2006/, 2006.
[7] Lamia Rzouga Haddada, Bernadette Dorizzi, and Najoua Essoukri BenAmara. A combined watermarking approach for securing biometric data.Signal Processing: Image Communication, 55:23–31, 2017.
[8] Jutta Hammerle-Uhl, Karl Raab, and Andreas Uhl. Watermarking as ameans to enhance biometric systems: A critical survey. In Informationhiding, pages 238–254. Springer, 2011.
[9] ISO/IEC 15948:2004. Information technology – computer graphics andimage processing – portable network graphics (PNG): Functional spec-ification. [accessed 24-October-2017].
[10] Anil Jain, Ruud Bolle, and Sharath Pankanti. Biometrics: personalidentification in networked society, volume 479. Springer Science & Busi-ness Media, 2006.
[11] Anil K Jain, Karthik Nandakumar, and Abhishek Nagar. Biometrictemplate security. EURASIP Journal on advances in signal processing,2008:113, 2008.
[12] Anil K Jain, Arun Ross, and Salil Prabhakar. An introduction to bio-metric recognition. IEEE Transactions on circuits and systems for videotechnology, 14(1):4–20, 2004.
[13] Chunlei Li, Yunhong Wang, Bin Ma, and Zhaoxiang Zhang. Multi-blockdependency based fragile watermarking scheme for fingerprint imagesprotection. Multimedia tools and applications., 64(3):757–776, 2013.
12
[14] Xiaolong Li, Bin Li, Bin Yang, and Tieyong Zeng. General frameworkto histogram-shifting-based reversible data hiding. IEEE Transactionson Image Processing, 22(6):2181–2191, 2013.
[15] Xiaolong Li, Weiming Zhang, Xinlu Gui, and Bin Yang. Efficient re-versible data hiding based on multiple histograms modification. IEEETransactions on Information Forensics and Security, 10(9):2016–2027,2015.
[16] Mita Paunwala and S Patnaik. Biometric template protection with dct-based watermarking. Machine vision and applications, 25(1):263–275,2014.
[17] Nalini K. Ratha, Jonathan H. Connell, and Ruud M. Bolle. Enhancingsecurity and privacy in biometrics-based authentication systems. IBMsystems Journal, 40(3):614–634, 2001.
[18] M Raval, M Joshi, P Rege, and S Parulkar. Image tampering detectionusing compressive sensing based watermarking scheme. Proceedings ofMVIP 2011, 2011.
[19] Taizo Shirai and Kyoji Shibutani. On the diffusion matrix employed inthe whirlpool hashing function. NESSIE public report, 2003.
[20] SourceAFIS. ingerprint recognition library for .net.
[21] Jun Tian. Reversible data embedding using a difference expansion. IEEETransactions on Circuits and Systems for Video Technology, 13(8):890–896, 2003.
[22] Umut Uludag, Sharath Pankanti, and Anil K Jain. Fuzzy vault forfingerprints. In International Conference on Audio-and Video-BasedBiometric Person Authentication, pages 310–319. Springer, 2005.
13