secure authentication in railway systems using image processing

8/2/2019 Secure Authentication in Railway Systems Using Image Processing

1/6


2/6

disrupt the whole system of the ATMS system.Traffic Management Systems have beenrecognized as a critical part of HomelandSecurity. "A prime example of sensitiveinformation disruption occurred when a teenage boy nicknamed "Jester" used his home

computer, a modem, and self-taught hackingskills to infiltrate the local telephone company'sswitching network at the airport in Worcester,Massachusetts. The subsequent breach insecurity caused a system crash that knocked outtelecommunications for six hours, disruptingcommunications to and from the airport controltower. During the ensuing investigation, airportofficials discovered that the boy had had littledifficulty infiltrating the switching systembecause the system lacked password protection"[3]. It is important that such systems to be

provided with advanced security technologies both to protect the driving public from theeffects of hackers and unintentional error, butalso to provide controls in the event of nationalemergencies.

In this paper, we propose a recognitionprocess, which is based on the secure biometricsystem for IRS subsystems than conventional password systems. Furthermore, a performanceevaluation model to measure the efficiency ofthe biometric system in IRS environment is also

deployed.

The rest of the paper is organized asfollows: in Section 2a, we briefly review thebiometric recognition process. The Section 2b presents the performance evaluation model ofthe biometric secured systems in IRS, andconclusion is given in Section 3.

2. PROPOSED METHOD:

Image Recognition

Process:

Biometrics refers to authentication techniquesthat rely on measurable physiological andindividual characteristics that can beautomatically verified [4][5][6][7]. In otherwords, we all have unique personal attributesthat can be used for distinctive identificationpurposes, including a fingerprint, the pattern of aretina, and voice characteristics. Although thefield of biometrics is still in its infancy, it isinevitable that biometric systems will play acritical role in the future of security. Strong ortwo-factor authentication identifying oneself bytwo of the three methods of something youknow (for example, a password), have (forexample, a swipe card), or is (for example, a

fingerprint) is becoming more of a de factostandard in secure computing environments.Some personal computers today can include afingerprint scanner where you place your indexfinger to provide authentication.

The single data representation of a biometric characteristic or measurementderived from an individual's fingerprint,hand, iris, retina or palm,which is capturedby a biometric device, is called a biometricsample. The information extracted from one

or more biometric samples is used to createa biometric template. An individual isauthenticated as a legitimate user when acurrent biometric sample is found equivalentto, or "matches," the biometric template.Both the biometric sample and the biometrictemplate are called biometric data, orbiometric information. An automated systemcapable of collecting, distributing, storingand processing biometric data, and returninga decision (match or non-match), is called a biometric system. A typical recognition

process for biometric authentication process[6] consists of the following basic steps asshown in Figure 1, and numerated below.

CAPTURI

NG

FEATURE

EXTRACTIO

N

FINGER INFORMATION DATABASE

COMPARISONC


3/6

RESULT

PRESENTING

RECORDING REFERRING

ENROLLMENT

VERIFICATION ORIDENTIFICATION

Figure 1. A typical image verification process

1. Capture the biometric data e.g.fingerprint or iris using a physicalscanner or device.2. Check the quality of thecaptured biometric data.3. Process the captured biometricdata to create a biometric sample.4. Match the biometric sample

with a previously enrolled template,or templates, to determine if a matchexists. This matching can be done asidentification or authentication.

Previously, the traffic assignment problems intransportation were solved by using static userequilibrium method which is a non-linearmathematical program based on the path-flowvariables between given origin-destination (O-D) pairs. Constrains ensure conservation offlow, i.e. that the sum of the path flows

between a given O-D pair should be equal to thedemand for the O-D pair, and the non-negativity.The formulation is:

xa

Minimize (z)= ta (w)dwa 0

Subject to frsk= qrs for all r,s,kKrs

fk 0

where:

xa= rsakfrsk, for all a= flow on linka(sum of path flows sharing link a)

r s kta(w)= cost (travel time) on link a for a flow ofw;fkrs= flow on path k connecting origin r and s;qrs= total traffic demand between r and s;Krs= set of paths with positive flow between rand s;andrsak =1 if path k from r to s includes link a; 0otherwise.

Performance:

Before deploying a biometric

system for IRS security, it is very importantto know all the parameters of its performance. During the verification of a person the classifier identify the featurevectors either it belongs to the valid user orimpostor [9]. The vectors that belong to thegenuine user are collectively called a sheeppopulation or a positive class. The vectorsthat do not belong to the user, i.e., theimpostors are collectively called a wolf


4/6

population or a negative class. In Figure 3, ascore of zero is attributed to a negative classwhile a score of one is attributed to a positive class. If each of the two sets ofvectors has its own probability of being

matched by a classifier with a normaldistribution, and that the score ranges fromzero to one, a well-trained classifier shouldgive a set of scores shown in Figure 3.

Wolf Distribution Sheep Distribution

Frequency

CrossoverFrequencey

0 Score 1

Figure 2. A Typical Wolf and Sheep Distribution

This analysis is called a Wolves- andSheep- Distribution Analysis. This analysis isuseful to check if a classifier has learnt or not.The area B in Figure 3 is proportional to theFalse Acceptance Rate or False Alarm Rate(FAR). FAR is also called a Type I Error and isdefined by following equation

FAR=Total False Acceptance

Total False Attempts

In the same way, the area 'A' in Figure 3is proportional to the False Rejection Rate(FRR) [6]. FRR is also called a Type II Errorand is defined by the following equation:

FRR=Total False Rejection

Total True Attempts

When T increases from zero to one, theFAR decreases from one to zero and the FRRincreases from zero to one. High FAR meansthat an impostor has a high tendency of beingaccepted as the true identity while a high FRRmeans that the genuine user has the tendency to

be rejected when if the identity claim is sincere.A high FRR will make users' loose confidence ina biometric-enabled system. On the other end, ahigh FAR can be catastrophic because animpostor can easily gain access to a biometric-enabled system illegally. The CrossoverFrequency is often expressed as 1 :X, whereX=1/EER and X is rounded to an integer.Crossover Frequency and EER are often used tocompare the quality of different classifiersand/or biometric data. EER can be used tocompare the results of two classifiers or twobiometric features, depending on the context ofcomparison. The classifier (or the biometricfeature) with the lower EER is the better one because it can discriminate better the twoclasses. Plotting a graph of FAR versus FRRgives a Receiver's Operating Characteristics(ROC) graph, which is shown in Figure 4.

The ROC graph owes its name to itsoriginal use in management. It is also calleddetection error trade-off curve by the NationalInstitute of Standards and Technology (NIST) or


5/6

more generally a performance curve. It isdesirable that forensic application has a highFAR so it can try to maximize the chance ofgetting a suspect. For example, in the iris codeapplication to track down a suspect, a criminaldatabase can be queried to return a list of

suspects that closely match the criminal sortedby score in decreasing order [8]. On the otherhand, for high security applications such as anATMS application, it is desirable to have anextremely low FAR because such applicationscannot tolerate to accept even a single impostor.

It is shown in Figure 5 shows that it isnot possible to minimize FAR and FRR at thesame time. However, a compromise can bereached where FAR=FRR, which is called anEER. This is desirable for civilian applicationwhere the compromise is reached. An example

is access to general information butidentityspecific computer terminal. The dottedline of the curve above shows a better qualitysystem than the one with a solid line. The closerthe curve is to the origin, the better the quality ofthe system.

Forensic Original CurveApplications Better Curve

FAR Civilian Application

High Security Application

ROC

ROC

FRRFigure 4. FAR versus FRR


6/6

3) CONCLUSION:

In this paper, we have proposed a secure IRS architecture by using state-of-the-art biometricsecurity model. First, we introduced a secure biometric verification architecture for IRS andhighlighted the need of tight security at the ATMS systems. Use of biometric not only increase the

security of the whole IRS system, it also reduces the risk of impersonation which is possible in thepassword-based authentication systems.

Furthermore, we also introduced a performance evaluation model which could help theintegrators, implementers, and developers of biometric systems in the IRS security. In conclusion, our

proposed biometric model can improve the overall security of the IRS system and minimizes the risksfound in password oriented IRS systems.

4) REFERENCES:

[1] Matt Sundeen, "The expanding role of Intelligent transportation systems" Transportation Review, September2002.

[2] Debra Lynn Shapiro et. al: "Biometric Security for Advanced Traffic Management Systems", 9th World

Congress Technical and Scientific Program Subject Area: Safety, Security, and Human Factors, Jan. 2002, pp. 3.

[3] www.Volpe Center Volpe Journal 30th Anniversary A Special Edition.htm.

[4] Muhammad Khurram Khan, Zhang Jiashu, "Securing Biometric Templates for Reliable IdentityAuthentication", International conference on intelligent computing'05, Lecture Notes in Computer Science, part

II, no. 3645, pp. 723-732, Springer-Verlag, August 2005.

[5] Muhammad Khurram Khan, Zhang Jiashu, "Enhancing the Security of Biometric Templates for Trust WorthyPerson Authentication", International Transaction on Computer Science & Engineering, vol. 6, no. 1, pp. 166-

176, May 2005.

[6] A. K. Jain. R. Bolle, and S. Pankanti, Biometrics: Personal Identification in Net-worked Society, kulwerAcademic, 1999.

[7] Muhammad Khurram Khan, Zhang Jiashu, Lei Tian, "Protecting Biometric Data for Personal Identification",

Sinobiometrics'04, Lecture Notes in Computer Science, Springer-erlnag Germany, pp. 629-638, vol. 3383, Dec.2004.

[8] Muhammad Khurram Khan, Zhang Jiashu, Shi-Jinn Horng, "An Effective Iris Recognition System for

Identification of Humans", IEEE IXI1C'04, pp.114-117, Lahore, Dec. 2004.

[9] J.L. Wayman, "A Scientific Approach to Evaluating Biometric Systems Using a Mathematical Methodology",Proc. CTST'97, pp. 477-492.

secure authentication in railway systems using image processing

Documents