Designing a Multi-Biometric System to Fuse Classification Output of Several Pace University Biometric Systems Leigh Anne Clevenger, Laura Davis, Paola Garcia Cardenas, Onenetta Labeach, Vinny Monaco and James Ng Seidenberg School of Computer Science and Information Systems Pace University, White Plains, NY Student/Faculty Research Day, May 2, 2014 1 Abstract • Some high-level biometric systems combine, or fuse, several biometrics to increase performance over that of an individual biometric system. This project investigates how to combine, at the classification output level, several Pace University biometric systems. 2 Overview • • • • • • • • Introduction Multi-Biometric Fusion Pace University Biometric Systems Methodology Proposed Fusion Approaches Summary of Results Conclusions Future Work 3 Introduction Enhancement of Security Systems • 2008 Higher Education Opportunity Act In order to verify the identity of students taking online tests, the U.S Government enacted this act requiring colleges and universities to implement stricter control technologies for online systems • There are different traits for biometric systems: • Physical traits Face, fingerprint, iris, retina, hand geometry, hand vein, palm print, DNA, and teeth. • Behavioral traits Voice, signature, gait, keyboard typing patterns, and mouse movements 4 Introduction Enhancement of Security Systems • Biometric security requirements from Jain et al. include: • • • • • • • Universality – each person has characteristic Distinctiveness – characteristic different between two persons Permanence – characteristic invariant over time Collectability – characteristic measurable Performance – analysis speed of biometric system Acceptability – people will tolerate use of system Circumvention – how easily can the system be fooled 5 Introduction Why a Multi-Biometric System is Needed • To enhance overall performance of multiple biometric traits over the performance of an individual trait • To identify online test takers authentication more efficiently • Usage of behavioral traits: • • • • Continuous authentication Non-Intrusive Cost-Effective Process authentication over networks 6 Multi-Biometric Fusion Literature Review Researchers have applied: • General vector fusing algorithms at the • Feature level • Score fusing algorithms at the • Classification level Feature classification data are vectors of biometric input data. These vectors are combined by a classifier to produce score output used for authentication. 7 Multi-Biometric Fusion Block diagram for a generic multi-biometric system using classification output level fusion 8 Pace University Biometric Systems • Pace University Biometric System (PBS) • Pace University Keystroke Biometric System (PKBS) • Pace University Systems used in Online Testing • Pace Classifier and Simulated Authentication Process 9 Methodology • We investigated many fusion approaches • An accepted fusion approach would: • Analyze our PBS score output data from online testing sessions • Work with data from sources other than online testing sessions, for example Android data • We narrowed the approaches down to just a few for our experimental purposes 10 Methodology Experimental Data • Four different biometric traits were collected by Pace University’s existing frontend system and backend classifier: • • • • Mouse Motion Click Scroll Keystroke • Outputs from online examinations • 14 subjects taking 10 examinations each with 10 questions and 20 minutes duration. Sample (m) data of keystroke, click, motion and scroll were actively accumulated from each session. 11 Methodology Classification Results • FAR of the click trait increases as the sample data (m) increases. FRR on the other hand, decreases as more samples are added 12 Methodology Classification Results • The keystroke FRR and FAR results are similar to the click results; however the FRR seem to be higher when there are 100 samples and only starts decreasing significantly when it is close to the 200 samples. 13 Methodology Classification Results FRR line • The motion error rate is one of the traits with the better results. When up to 50~60 samples are used, the FRR and FAR are very low. The FAR only starts increasing significantly after 200 samples. 14 Methodology Classification Results • This graph shows how the scroll trait is very inconsistent. It is believed that this phenomenon happens due to the fact that users do not always interact with the scrolling functionality, forcing the inconsistency of the graph. 15 Methodology Classification Results Motion ROC • In the ROC curve we can see the FAR and FRR percentages for all the four traits. Motion trait is the closest to zero. 16 Proposed Fusion Approaches Chair-Varshney Decision Fusion Rule • The local decisions (n) are combined to obtain a global decision; this combination is done by a decision fusion center (DFC): • When this rule was applied in “Decision Fusion for Multimodel Active Authentication,” using the parallel decision fusion architecture, the global decision returned better results (lower error rate) than that of an individual decision performing at its best on its own -which is exactly the type of results we are trying to obtain for this research. 17 Proposed Fusion Approaches Six Classifier Fusion Strategies • These six classifier fusion strategies are theoretically studied by L. Kuncheva, and they are as follows: • • • • • • Minimum Maximum Average Median Majority Vote Oracle 18 Summary of Results • Motion and keystroke biometric traits were the top two biometrics traits with the best performance in these studies • Simply concatenating the feature vectors from each biometric yielded an EER of 3.9%. This is worse than the single best performer, mouse motion 19 Conclusions • Motion data was the most accurate biometric trait / Scroll data was the most inaccurate due to different factors. • Proposed methods of examination for classification output level fusion: • The Chair-Varshney decision fusion rule approach • The six classifier fusion strategies (minimum, maximum, average, median, majority vote and oracle) 20 Future Work • Application of the proposed classification output fusion methods compared with the single measurement performances of the four individual biometric traits • Comparison to previous EER results • For any of these methods to be successful, we will need to yield an EER of no more than 1.139%, which is just 0.001% less than the EER of our most successful single biometric trait, motion 21 Questions? THANK YOU FOR YOUR ATTENTION! 22 Methodology Classification Results 23 Pace University Biometric Systems Pace University Biometric System (PBS) • PBS has a generic, robust backend system designed to accommodate various biometric frontend feature inputs like keystroke, mouse, stylometry and voice • PBS relies on databases of approved signature templates that were enrolled and stored earlier • PBS analyses the signature inputs against the approved data stored on the template database to verify identify and authenticate users 24 Pace University Biometric Systems Pace University Keystroke Biometric System (PKBS) • PKBS consists of two logging components and a single backend for extracting features and classification • Web-based loggers are loaded into any webpage and captures all keystroke and mouse movements, while buffering and transmitting them to a server • Cross-platform native logger is written in Java 25 Pace University Biometric Systems Pace University Systems used in Online Testing • A no-hurry system is used to authenticate user • All keystroke data from the online testing is used • To detect unauthorized users the system has to act in a minute or less before any harm is done • Keystroke data is captured using a Java applet that uses the PC Windows clock to record key press and release times in millisecond format 26 Pace University Biometric Systems Pace Classifier and Simulated Authentication Process Pace Classifier • Implements the kNN (k-Nearest Neighbor) classifier • Used to transform a multi-class (polychotomy) problem into a dichotomy model, this is, a problem that only involves two classes. These classes are: • within-person (authenticated) • between-person (not authenticated) Simulated Authentication Process • User’s keystroke sample requiring authentication is first converted into a feature vector. The difference between this feature vector and an earlier-obtained enrollment feature vector from this user is computed, and the resulting difference vector is classified as one of the two previous classes. 27