Multibiometric Secure System Based on Deep Learning

by   Veeru Talreja, et al.

In this paper, we propose a secure multibiometric system that uses deep neural networks and error-correction coding. We present a feature-level fusion framework to generate a secure multibiometric template from each user's multiple biometrics. Two fusion architectures, fully connected architecture and bilinear architecture, are implemented to develop a robust multibiometric shared representation. The shared representation is used to generate a cancelable biometric template that involves the selection of a different set of reliable and discriminative features for each user. This cancelable template is a binary vector and is passed through an appropriate error-correcting decoder to find a closest codeword and this codeword is hashed to generate the final secure template. The efficacy of the proposed approach is shown using a multimodal database where we achieve state-of-the-art matching performance, along with cancelability and security.



page 1

page 2

page 3

page 4


Deep Hashing for Secure Multimodal Biometrics

When compared to unimodal systems, multimodal biometric systems have sev...

Deep Secure Encoding: An Application to Face Recognition

In this paper we present Deep Secure Encoding: a framework for secure cl...

Maximum Entropy Binary Encoding for Face Template Protection

In this paper we present a framework for secure identification using dee...

Zero-Shot Deep Hashing and Neural Network Based Error Correction for Face Template Protection

In this paper, we present a novel architecture that integrates a deep ha...

FDFNet : A Secure Cancelable Deep Finger Dorsal Template Generation Network Secured via. Bio-Hashing

Present world has already been consistently exploring the fine edges of ...

Securing CNN Model and Biometric Template using Blockchain

Blockchain has emerged as a leading technology that ensures security in ...

Vector Quantized Contrastive Predictive Coding for Template-based Music Generation

In this work, we propose a flexible method for generating variations of ...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.

1 Introduction

Multibiometric systems offer several advantages when compared to unibiometric systems, including better recognition accuracy, security, flexibility, population coverage and user convenience [1]. However, multibiometric systems have an increased demand for integrity and privacy because the system stores multiple biometric traits of each user.

There has recently been a significant amount of research in secure biometrics, which can be grouped into two categories: biometric cryptosystem and transformation based methods [2]. Fuzzy commitment and secure sketch are biometric cryptosystem methods and are usually implemented using error correcting codes and provide information-theoretic guarantees of security and privacy (e.g., [3, 4, 5, 6, 7, 8, 9]). Cancelable biometrics use revocable and non-invertible user-specific transformations for distorting the enrollment biometric (e.g., [10, 11, 12, 13]), with the matching typically performed in the transformed domain.

One important issue of a multibiometric secure system is that biometric traits being combined may not follow the same feature-level representation, and it is difficult to characterize multiple biometric traits using compatible feature-level representations, as required by a template protection scheme [14]. To counter this issue there have been many fusion techniques for combining multiple biometrics in the past [15, 1, 14]. One of the possible techniques is to apply a separate template protection scheme for each trait followed by decision-level fusion. But such an approach may not be highly secure, since it is limited by the security of the individual traits.

Motivated by the drawbacks of systems that protect biometric traits separately, we propose in this paper a multibiometric secure scheme

for face and iris biometrics. This scheme is based on cancelable biometrics and forward error control (FEC) codes where the feature extraction for individual modalities and joint feature-level fusion are performed using a Deep Neural Network (DNN). The proposed approach involves the following steps:

1) The face and iris biometrics are converted into a common feature space by extracting domain-specific features using dedicated Convolutional Neural Networks (CNNs). These features are then fused with the help of a joint representation layer (fully connected layer or bilinear layer).

2) The final fused feature vector is reduced in dimension to generate a multibiometric cancelable template by applying a feature selection process.

3) The cancelable template is a binary vector that is within a certain distance from a codeword of an error-correcting code, which for purposes of illustration we assume is a Reed Solomon code. By passing the template through an appropriate decoder, the closest codeword is found, and that codeword is hashed to generate the final secure template.

2 Multibiometric Secure Scheme

The block diagram for the proposed framework is shown in Fig. 1. There are two important blocks for this framework: Cancelable Template Block (CTB) and Secure Sketch Template Block (SSTB) which will be explained in this section.

Figure 1: Enrollment and Authentication Block Diagram.

2.1 Cancelable Template Block (CTB)

The CTB contains the DNN based feature extraction and fusion components followed by the binarizing and reliable bit extraction stages, which generate a cancelable multibiometric template. The architecture for the DNN is shown in Fig.

2. The domain-specific layer of the DNN consists of a CNN for encoding the face (”Face-CNN”) and a CNN for encoding the iris (”Iris-CNN”). For each CNN, we use VGG-19 [16]

pre-trained on ImageNet

[17] as our starting points followed by fine-tuning on different datasets (section 3.1).

The output feature vectors of the Face-CNN and Iris-CNN are fused in the joint representation layer. We have implemented two different architectures for the joint representation layer: Fully Connected architecture (FCA) and Bilinear architecture (BLA). In FCA (Fig.2), the outputs of the Face-CNN and Iris-CNN are concatenated vertically and passed through a fully connected layer to fuse the iris and face features. In BLA, the outputs of the Face-CNN and Iris-CNN are combined using the matrix outer product of the face and iris feature vectors. For training the joint representation layer we adopt a two-step training procedure where we first train only the joint representation layer greedily with softmax for classification followed by fine tuning the entire model end-to-end using back-propagation at a relatively small learning rate.

Figure 2: Proposed Deep Neural Network (DNN) Fully Connected Architecture.

The output of the joint representation layer is a real valued shared multimodal feature vector for face and iris biometrics. This shared representation vector is binarized and user-specific reliable bits are extracted using a method that is similar to the method used by Kevenaar in [18]. This user-specific reliable bit vector forms the cancelable template.

2.2 Secure Sketch Template Block (SSTB)

The SSTB contains the forward error correction (FEC) decoding stage followed by the hashing stage. The FEC decoding implemented in our framework is the equivalent of the secure-sketch template protection scheme. In the secure-sketch scheme, error control coding is applied on the biometric feature vector to generate a sketch which is stored as the template. In our work, the cancelable template generated from the CTB is considered to be the noisy codeword of symbols. This noisy codeword is decoded with a FEC decoder and the output of the decoder is the multibiometric sketch that corresponds to the codeword closest to the cancelable template. This multibiometric sketch

is hashed and stored in the database. The authentication is also performed using FEC decoding with the same parameters to give an estimate of the multibiometric sketch

which is hashed and access is granted only if the hash matches the enrolled hash. We have implemented Reed-Solomon (RS) decoder for FEC decoding because we can exploit the maximum distance seperable (MDS) property of RS codes to manage the intra-class variability of the joint template.

This error control coding method can be explained in the context of standard-array decoding. A standard array is a two-dimensional array where the first row contains the codewords and every other row is coset of the code, which is found by adding an unused vector (error pattern) to all the codewords of the code. Decoding using the standard array is performed by decoding the received vector r to the codeword at the top of the column that contains r. The decoding region for a codeword is the column headed by that codeword. In our framework, the output of the CTB in both enrollment and authentication is considered to be the received vector, which is decoded to the codeword at the top of the column. We assume the enrollment and the probe vector in a genuine authentication to belong to the same column of the standard array which implies that they would decode to the same codeword at the top of the column in which case the hashes would match and access would be granted. Another important observation is that the enrollment and probe vector would have a different error pattern when compared to the codeword at the top of the column. This observation is important with regard to the noise included in the biometric during acquisition or processing and makes the system robust. The benefit of our approach is that we do not have to present any other side information to the decoder like a syndrome or a saved message key [3, 4].

Our error control coding scheme can also be described in the context of fuzzy commitment. In fuzzy commitment, a random message is generated and encoded to give a n-tuple codeword which is combined (added) with the enrollment feature vector. The result of this combination is stored as a secure template. During authentication, the probe feature vector is combined with the stored template and decoded to get the estimate of the random message which is compared with the random message used during enrollment for authentication. In a standard-array context, the random message and its encoded codeword belong to the same column of the standard array. The enrolled biometric template is the coset-leader or the error pattern and when added to the codeword (of random message) and the probe, we get a template which when decoded gives us the estimate of the random message. For comparison purpose, we have also implemented our framework in the context of a fuzzy commitment scheme using RS codes and it gives the same result as with a secure sketch scheme.

2.3 Enrollment and Authentication Procedure

The output of the DNN is the joint feature vector e. During enrollment, user-specific reliable components are selected from this vector e and the indices of these components form the user-specific key g . The feature vector e is binarized to generate a binary vector a. A new user-specific reliable bits vector is formed by selecting the bits from the binary vector a at the corresponding location or indices as specified by a key g. Reed-Solomon decoding is applied only on the reliable bits vector to generate the multibiometric sketch . The hash of this sketch () is stored as a secure template in the database. The key g is securely stored in a location that is local to the matcher (i.e., it could be stored in the secure memory of a smartphone, or stored in the cloud if the matching is performed in the cloud).

During authentication, the probe user presents the biometrics (face and iris) and the key l where l could be same as the enrollment key g in the case of genuine probe or it could be a different key for an impostor probe. Using the biometrics and the key l, the probe reliable bits vector is generated and decoded using a same RS code as in enrollment to generate an estimate of the enrolled multibiometric sketch . If the hash of the enrolled sketch (s) matches the hash of the decoded estimate (), then the access is granted. In case hashes do not match, access is denied.

3 Experiments and Results

In this section we will dicsuss the datasets and the experimental results.

Figure 3: GAR vs Security curve for FCA (left) and BLA (right) using different symbol sizes.

3.1 Datasets

The Face-CNN has been fine-tuned on Casia-Webface [19] which contains 494,414 facial images corresponding to 10,575 subjects. The Iris-CNN has been fine tuned on the combination of CASIA-Iris-Thousand111 and ND-Iris-0405 [20] with about 84,000 images corresponding to 1355 subjects. The Face-CNN and Iris-CNN are also fine tuned on the 2013 face and iris subsets of the WVU-Multimodal 2012-2013 datasets222 respectively. The WVU-Multimodal dataset for the year 2012 and 2013 together contains a total of 119,700 facial images and 257,800 iris images corresponding to 2263 subjects with 294 common subjects.

3.2 Experimental Set Up and Results

The parameters used for fine-tuning the CNNs are similar to [16], except that we have used a smaller batch size of 40. For testing, we have used 50 subjects from WVU-Multimodal 2012 dataset and these 50 subjects have never been used in the training set. We randomly select 20 face and iris image pairs with no repetitions for each of these 50 testing subjects. These 1000 pairs are forward passed through the DNN and 4096-dimensional 1000 fused feature vectors are extracted.

We then use the binarizing and reliable-bit extraction method from [18] to generate the cancelable multibiometric template. The number of reliable components selected from the fused feature vector depends on the number of bits per codeword in the RS code. The RS codes use symbols of length . The codeword is of length in symbols, which means the number of bits per codeword is . For example, if the then and . In this case the number of reliable components chosen would be 378. This 378-dimensional vector is decoded to generate a multibiometric sketch whose length equals bits, where can be varied depending on the error correcting capability required for the code and also signifies the security of the system in bits. In our experiments we have taken which means respectively.

An important metric to assess the performance of a biometric system is False Accept Rate (FAR) which is defined as the rate at which the system allows access to an unauthorized user. Considering the concept of standard array, it can be observed that the False Accept Rate (FAR) depends on the length of the multibiometric sketch . Cnsider a message length of bits, then the standard array has columns (one for each codeword). Empirically, it has been observed that

due to the binarization process, a impostor template will have bits that are equally likely to be 0’s and 1’s and therefore they are equally likely to be in any column of the standard array. The probability (FAR) that they are in the same column as the enrollment template is thus

or . We evaluate the trade-off between the recognition performance and the security of the proposed multibiometric protection scheme by using GAR-Security (G-S) curves. GAR is the Genuine Accept Rate and is defined as the rate at which the system allows access to an authorized or a genuine user. The G-S curve is obtained by varying the error correction capacity or the rate of the code (varying for the RS code with symbol size ).

Fig. 3 gives the G-S curves for FCA and BLA for different symbol size . As we can observe from the plots, for both FCA and BLA, the best recognition performance is given for symbol size = 5 or 6 and we can get a GAR of at least for a security of 100 bits. We can also observe from Fig. 3 that when we use a symbol size of 7 we can still get a good GAR of above 90% for a security level of 400 bits. Table 1 summarizes the GAR of FCA and BLA for different symbol sizes at a minimum security level of 53 bits, which is equivalent to the guessing entropy of an 8-character password randomly chosen from a 94-character alphabet [21]. From the table we can observe that BLA gives much better performance than FCA architecture for any symbol size.

An important observation here is that the number of reliable components chosen from the output of the DNN depends on the number of bits per codeword , however, the security of the system is controlled by the error correcting capability or the rate of the code. For example, for a symbol size = 5 and = 155, to have a security () of 100 bits we need to use a RS code of rate .

Symbol Size Security GAR
() () FCA BLA
5 155 53 0.34 99.65% 99.85%
80 0.52 98.86% 99.7%
100 0.65 98% 99.68%
6 378 53 0.14 94.55% 99.99%
80 0.21 93% 99.75%
100 0.26 92.5% 99.7%
7 889 53 0.06 79.5% 98.9%
80 0.09 77.5% 98.9%
100 0.11 76.2% 98.5%
Table 1: Genuine Accept Rates of FCA and BLA for a security level of 53, 80 and 100 bits using different symbol size.

4 Security analysis

We can measure the security of a biometric secure scheme in terms of privacy leakage for various scenarios of data exposure. The privacy leakage is quantified using mutual information as , where represents the loss of information and x is the enrolled binary feature vector. The information can be lost when the key g and/or the sketch is compromised. H(x) quantifies the number of bits required to specify x and quantifies the remaining uncertainty about x given knowledge of , the mutual information is the reduction in uncertainty about x given [2].

The dimension of the binary feature vector is 4096 which means the uncertainty because the bits of the binary feature vector are independent and identically distributed with maximum entropy due to the binarization process [18]. If the adversary gains access to the key or the multibiometric sketch or both, the maximum reduction in uncertainty is given by as the adversary has access to at most components (bits per codeword) using the key g but not all the components of the feature vector x. Even if we consider , it would still mean an uncertainty of bits which is computationally infeasible to crack with brute force attack. The security analysis shows that the generated multibiometric sketch is secure as the key is revocable and the error control coding and hashing provides the non-invertibility.

5 Conclusion

The feature extraction capability of deep neural networks has been utilized to generate a shared joint representation by implementing two different fusion architectures, fully connected architecture and bilinear architecture. We have utilized the error correcting capabilities of a Reed-Solomon code to provide security in the form of a multibiometric sketch. In our experiments, the multibiometric secure scheme has been tested using Reed Solomon codes of various symbol sizes. Symbol size m=6 gives the best performance with a GAR as high for a security of 100 bits, which is computationally infeasible to crack with brute force. We have shown that the classification performance can be improved for multiple modalities while maintaining good security and robustness.


  • [1] K. Nandakumar and A. K. Jain, “Multibiometric template security using fuzzy vault,” in IEEE International Conference on Biometrics: Theory, Applications and Systems (BTAS), Sept 2008, pp. 1–6.
  • [2] S. Rane, Y. Wang, S. C. Draper, and P. Ishwar, “Secure biometrics: Concepts, authentication architectures, and challenges,” IEEE Signal Processing Magazine, vol. 30, no. 5, pp. 51–64, Sept 2013.
  • [3] Y. Sutcu, S. Rane, J. S. Yedidia, S. C. Draper, and A. Vetro, “Feature extraction for a Slepian-Wolf biometric system using LDPC codes,” in IEEE International Symposium on Information Theory, July 2008, pp. 2297–2301.
  • [4] Y. Sutcu, S. Rane, J. S. Yedidia, S. C. Draper, and A. Vetro, “Feature transformation of biometric templates for secure biometric systems based on error correcting codes,” in

    2008 IEEE Computer Society Conference on Computer Vision and Pattern Recognition Workshops

    , June 2008, pp. 1–6.
  • [5] Y. Sutcu, Q. Li, and N. Memon, “Protecting biometric templates with sketch: Theory and practice,” IEEE Transactions on Information Forensics and Security, vol. 2, no. 3, pp. 503–512, Sept 2007.
  • [6] A. Juels and M. Wattenberg, “A fuzzy commitment scheme,” in Proceedings of the 6th ACM conference on Computer and communications security. ACM, 1999, pp. 28–36.
  • [7] A. Juels and M. Sudan, “A fuzzy vault scheme,” in Proceedings IEEE International Symposium on Information Theory, July 2002, p. 408.
  • [8] K. Nandakumar, A. K. Jain, and S. Pankanti, “Fingerprint-based fuzzy vault: Implementation and performance,” IEEE Transactions on Information Forensics and Security, vol. 2, no. 4, pp. 744–757, Dec 2007.
  • [9] A. Nagar, K. Nandakumar, and A. K. Jain, “Securing fingerprint template: Fuzzy vault with minutiae descriptors,” in 2008 19th International Conference on Pattern Recognition, Dec 2008, pp. 1–4.
  • [10] N. K. Ratha, S. Chikkerur, J. H. Connell, and R. M. Bolle, “Generating cancelable fingerprint templates,” IEEE Transactions on Pattern Analysis and Machine Intelligence, vol. 29, no. 4, pp. 561–572, April 2007.
  • [11] A. Kong, K. Cheung, D. Zhang, M. Kamel, and J. You, “An analysis of biohashing and its variants,” Pattern Recognition, vol. 39, no. 7, pp. 1359–1368, 2006.
  • [12] J. Zuo, N. K. Ratha, and J. H. Connell, “Cancelable iris biometric,” in IEEE International Conference on Pattern Recognition (ICPR), Dec 2008, pp. 1–4.
  • [13] A. B. Teoh, Y. W. Kuan, and S. Lee, “Cancellable biometrics and annotations on biohash,” Pattern Recognition, vol. 41, no. 6, pp. 2034–2044, 2008.
  • [14] A. Nagar, K. Nandakumar, and A. K. Jain, “Multibiometric cryptosystems based on feature-level fusion,” IEEE Transactions on Information Forensics and Security, vol. 7, no. 1, pp. 255–268, Feb 2012.
  • [15] Y. Sutcu, Q. Li, and N. Memon, “Secure biometric templates from fingerprint-face features,” in IEEE Conference on Computer Vision and Pattern Recognition (CVPR), June 2007, pp. 1–6.
  • [16] K. Simonyan and A. Zisserman, “Very deep convolutional networks for large-scale image recognition,” arXiv preprint arXiv:1409.1556, 2014.
  • [17] J. Deng, W. Dong, R. Socher, L. Li, K. Li, and L. Fei-Fei, “Imagenet: A large-scale hierarchical image database,” in IEEE Conference on Computer Vision and Pattern Recognition (CVPR), June 2009, pp. 248–255.
  • [18] T. A. Kevenaar, G. J. Schrijen, m. van der Veen, A. HM. Akkermans, and F. Zuo,

    Face recognition with renewable and privacy preserving binary templates,”

    in IEEE Workshop on Automatic Identification Advanced Technologies, Oct 2005, pp. 21–26.
  • [19] D. Yi, Z. Lei, S. Liao, and S. Z. Li, “Learning face representation from scratch,” arXiv preprint arXiv:1411.7923, 2014.
  • [20] K. W. Bowyer and P. J. Flynn, “The ND-IRIS-0405 iris image dataset,” CVRL, Dept. Comp. Sci. Eng., Univ Notre Dame, 2010.
  • [21] W. E. Burr, D. F. Dodson, and W. T. Polk, Electronic authentication guideline, US Department of Commerce, Technology Administration, National Institute of Standards and Technology, 2004.