A Survey on Biometric Authentication: Toward Secure and Privacy-Preserving Identification

In order to overcome the difficulty of password management and improve the usability of authentication systems, biometric authentication has been widely studied and has attracted special attention in both academia and industry. Many biometric authentication systems have been researched and developed, especially for mobile devices. However, the existing biometric authentication systems still have defects. Some biological features have not been deeply investigated. The existing systems could be vulnerable to attacks, such as replay attack and suffer from user privacy intrusion, which seriously hinder their wide acceptance by end users. The literature still lacks a thorough review on the recent advances of biometric authentication for the purpose of secure and privacy-preserving identification. In this paper, we classify and thoroughly review the existing biometric authentication systems by focusing on the security and privacy solutions. We analyze the threats of biometric authentication and propose a number of criteria with regard to secure and privacy-preserving authentication. We further review the existing works of biometric authentication by analyzing their differences and summarizing the advantages and disadvantages of each based on the proposed criteria. In particular, we discuss the problems of aliveness detection and privacy protection in biometric authentication. Based on our survey, we figure out a number of open research issues and further specify a number of significant research directions that are worth special efforts in future research.

[1]  Mohammed Misbahuddin,et al.  DNA for information security: A Survey on DNA computing and a pseudo DNA method based on central dogma of molecular biology , 2014, International Conference on Computing and Communication Technologies.

[2]  Jianping Fan,et al.  iPrivacy: Image Privacy Protection by Identifying Sensitive Objects via Deep Multi-Task Learning , 2017, IEEE Transactions on Information Forensics and Security.

[3]  Bernhard Rinner,et al.  Security and Privacy Protection in Visual Sensor Networks , 2014, ACM Comput. Surv..

[4]  Ren Ping,et al.  Reputation and attribute based dynamic access control framework in cloud computing environment for privacy protection , 2016, 2016 12th International Conference on Natural Computation, Fuzzy Systems and Knowledge Discovery (ICNC-FSKD).

[5]  Alex ChiChung Kot,et al.  Privacy Protection of Fingerprint Database , 2011, IEEE Signal Processing Letters.

[6]  Hongliang Liang,et al.  Survey on Privacy Protection of Android Devices , 2015, 2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing.

[7]  Zheng Yan,et al.  A Usable Authentication System Based on Personal Voice Challenge , 2016, 2016 International Conference on Advanced Cloud and Big Data (CBD).

[8]  Changyou Zhang,et al.  Research on Hybrid-Cloud-Based User Privacy Protection of O2O Platform , 2016, 2016 IEEE 13th International Conference on e-Business Engineering (ICEBE).

[9]  Daniel González-Jiménez,et al.  Toward Pose-Invariant 2-D Face Recognition Through Point Distribution Models and Facial Symmetry , 2007, IEEE Transactions on Information Forensics and Security.

[10]  T. Santhanam,et al.  Keystroke dynamics for biometric authentication — A survey , 2013, 2013 International Conference on Pattern Recognition, Informatics and Mobile Engineering.

[11]  Ana L. N. Fred,et al.  ECG signals for biometric applications - are we there yet? , 2014, 2014 11th International Conference on Informatics in Control, Automation and Robotics (ICINCO).

[12]  Jiqiang Liu,et al.  Privacy Protection Scheme Based on Remote Anonymous Attestation for Trusted Smart Meters , 2018, IEEE Transactions on Smart Grid.

[13]  Jaydip Sen,et al.  Security and Privacy Issues in Wireless Mesh Networks: A Survey , 2013, Wireless Networks and Security.

[14]  Ajay Kumar,et al.  Personal Authentication Using Finger Knuckle Surface , 2009, IEEE Transactions on Information Forensics and Security.

[15]  Jie Xu,et al.  A survey of personal privacy protection in public service mashups , 2011, Proceedings of 2011 IEEE 6th International Symposium on Service Oriented System (SOSE).

[16]  Tudor B. Ionescu,et al.  The privacy case: Matching privacy-protection goals to human and organizational privacy concerns , 2016, 2016 Joint Workshop on Cyber- Physical Security and Resilience in Smart Grids (CPSR-SG).

[17]  Alex ChiChung Kot,et al.  Fingerprint Combination for Privacy Protection , 2013, IEEE Transactions on Information Forensics and Security.

[18]  Sanjay N. Talbar,et al.  Dynamic iris localisation: A novel approach suitable for fake iris detection , 2009, 2009 International Conference on Ultra Modern Telecommunications & Workshops.

[19]  Ana L. N. Fred,et al.  Harnessing the Power of Biosignals , 2014, Computer.

[20]  Jakub Galka,et al.  Voice authentication embedded solution for secured access control , 2014, IEEE Transactions on Consumer Electronics.

[21]  Sarineh Keshishzadeh,et al.  Single lead Electrocardiogram feature extraction for the human verification , 2015, 2015 5th International Conference on Computer and Knowledge Engineering (ICCKE).

[22]  P. Bhattarakosol,et al.  Authenticating User Using Keystroke Dynamics and Finger Pressure , 2009, 2009 6th IEEE Consumer Communications and Networking Conference.

[23]  V. K. Govindan,et al.  Palmprint authentication using fusion of wavelet and contourlet features , 2011, Secur. Commun. Networks.

[24]  Subba Reddy Borra,et al.  A broad survey on fingerprint recognition systems , 2016, 2016 International Conference on Wireless Communications, Signal Processing and Networking (WiSPNET).

[25]  Abbas Edalat,et al.  Computing Delaunay Triangulation with Imprecise Input Data , 2003, CCCG.

[26]  Konstantinos N. Plataniotis,et al.  A Comparative Survey on Biometric Identity Authentication Techniques Based on Neural Networks , 2010 .

[27]  Alexandru Drimbarean,et al.  Proof-of-concept and evaluation of a dual function visible/NIR camera for iris authentication in smartphones , 2015, IEEE Transactions on Consumer Electronics.

[28]  Ioannis Rigas,et al.  Eye movement-driven defense against iris print-attacks , 2015, Pattern Recognit. Lett..

[29]  S. Srinivasan,et al.  A survey on biometric based authentication in cloud computing , 2016, 2016 International Conference on Inventive Computation Technologies (ICICT).

[30]  Steven Furnell,et al.  Surveying the Development of Biometric User Authentication on Mobile Phones , 2015, IEEE Communications Surveys & Tutorials.

[31]  R. K. Selvakumar,et al.  Electronic transaction authentication — A survey on multimodal biometrics , 2014 .

[32]  Rama Chellappa,et al.  Secure and Robust Iris Recognition Using Random Projections and Sparse Representations , 2011, IEEE Transactions on Pattern Analysis and Machine Intelligence.

[33]  Nikola Pavesic,et al.  A multimodal hand-based verification system with an aliveness-detection module , 2007, Ann. des Télécommunications.

[34]  Dario Maio,et al.  Fake Fingerprint Detection by Odor Analysis , 2006, ICB.

[35]  Manuel Abellanas,et al.  Structural Tolerance and Delaunay Triangulation , 1999, Inf. Process. Lett..

[36]  Andrzej Pacut,et al.  Iris recognition with match-on-card , 2007, 2007 15th European Signal Processing Conference.

[37]  Yue Wang,et al.  Privacy protection based access control scheme in cloud-based services , 2016, 2016 IEEE/CIC International Conference on Communications in China (ICCC).

[38]  Ran Liu,et al.  Negative Survey-Based Privacy Protection of Cloud Data , 2015, ICSI.

[39]  Margit Antal,et al.  An Evaluation of One-Class and Two-Class Classification Algorithms for Keystroke Dynamics Authentication on Mobile Devices , 2015, 2015 20th International Conference on Control Systems and Computer Science.

[40]  Philip S. Yu,et al.  Privacy-preserving data publishing: A survey of recent developments , 2010, CSUR.

[41]  Chun Guo,et al.  Data privacy protection based on sensitive attributes dynamic update , 2016, 2016 4th International Conference on Cloud Computing and Intelligence Systems (CCIS).

[42]  Mrunali Jadhav,et al.  Implementation of an embedded hardware of FVRS on FPGA , 2015, 2015 International Conference on Information Processing (ICIP).

[43]  G.N. Kodagoda,et al.  VoizLock - Human Voice Authentication System using Hidden Markov Model , 2008, 2008 4th International Conference on Information and Automation for Sustainability.

[44]  Miguel Angel Ferrer-Ballester,et al.  An approach to SWIR hyperspectral hand biometrics , 2014, Inf. Sci..

[45]  Bernhard Rinner,et al.  Design space exploration for adaptive privacy protection in airborne images , 2016, 2016 13th IEEE International Conference on Advanced Video and Signal Based Surveillance (AVSS).

[46]  Juan E. Tapiador,et al.  A Survey of Wearable Biometric Recognition Systems , 2016, ACM Comput. Surv..

[47]  A. Pacut,et al.  Aliveness Detection for IRIS Biometrics , 2006, Proceedings 40th Annual 2006 International Carnahan Conference on Security Technology.

[48]  Himanshu S. Bhatt,et al.  Recognizing Surgically Altered Face Images Using Multiobjective Evolutionary Algorithm , 2013, IEEE Transactions on Information Forensics and Security.

[49]  Jianping Li,et al.  The survey of location privacy protection , 2012, 2012 International Conference on Wavelet Active Media Technology and Information Processing (ICWAMTIP).

[50]  Davide Maltoni,et al.  Fingerprint Synthesis and Spoof Detection , 2008 .

[51]  Zheng Yan,et al.  Privacy Protection in Mobile Recommender Systems: A Survey , 2016, SpaCCS.

[52]  D. Pishva Spectroscopic Approach for Aliveness Detection in Biometrics Authentication , 2007, 2007 41st Annual IEEE International Carnahan Conference on Security Technology.

[53]  Xiaohong Guan,et al.  Performance Analysis of Touch-Interaction Behavior for Active Smartphone Authentication , 2016, IEEE Transactions on Information Forensics and Security.

[54]  Peter Corcoran,et al.  Iris authentication in handheld devices - considerations for constraint-free acquisition , 2015, IEEE Transactions on Consumer Electronics.

[55]  Jian Weng,et al.  Privacy Protection Using a Rechargeable Battery for Energy Consumption in Smart Grids , 2017, IEEE Network.

[56]  Gunjan Pahuja,et al.  Biometric authentication & identification through behavioral biometrics: A survey , 2015, 2015 International Conference on Cognitive Computing and Information Processing(CCIP).

[57]  Maurício Pamplona Segundo,et al.  3D Face Recognition Using Simulated Annealing and the Surface Interpenetration Measure , 2010, IEEE Transactions on Pattern Analysis and Machine Intelligence.

[58]  Andrew Bud,et al.  Facing the future: the impact of Apple FaceID , 2018 .

[59]  Jiankun Hu,et al.  A Delaunay Quadrangle-Based Fingerprint Authentication System With Template Protection Using Topology Code for Local Registration and Security Enhancement , 2014, IEEE Transactions on Information Forensics and Security.