David Chek Ling Ngo

Random Multispace Quantization as an Analytic Mechanism for BioHashing of Biometric and Random Identity Inputs

Biometric analysis for identity verification is becoming a widespread reality. Such implementations necessitate large-scale capture and storage of biometric data, which raises serious issues in terms of data privacy and (if such data is compromised) identity theft. These problems stem from the essential permanence of biometric data, which (unlike secret passwords or physical tokens) cannot be refreshed or reissued if compromised. Our previously presented biometric-hash framework prescribes the integration of external (password or token-derived) randomness with user-specific biometrics, resulting in bitstring outputs with security characteristics (i.e., noninvertibility) comparable to cryptographic ciphers or hashes. The resultant BioHashes are hence cancellable, i.e., straightforwardly revoked and reissued (via refreshed password or reissued token) if compromised. BioHashing furthermore enhances recognition effectiveness, which is explained in this paper as arising from the random multispace quantization (RMQ) of biometric and external random inputs

Computation of cryptographic keys from face biometrics

We outline cryptographic key-computation from biometric data based on error-tolerant transformation of continuous-valued face eigenprojections to zero-error bitstrings suitable for cryptographic applicability. Bio-hashing is based on iterated inner-products between pseudorandom and user-specific eigenprojections, each of which extracts a single-bit from the face data. This discretisation is highly tolerant of data capture offsets, with same-user face data resulting in highly correlated bitstrings. The resultant user identification in terms of a small bitstring-set is then securely reduced to a single cryptographic key via Shamir secret-sharing. Generation of the pseudorandom eigenprojection sequence can be securely parameterised via incorporation of physical tokens. Tokenised bio-hashing is rigorously protective of the face data, with security comparable to cryptographic hashing of token and knowledge key-factors. Our methodology has several major advantages over conventional biometric analysis ie elimination of false accepts (FA) without unacceptable compromise in terms of more probable false rejects (FR), straightforward key-management, and cryptographically rigorous commitment of biometric data in conjunction with verification thereof.

PalmHashing: a novel approach for cancelable biometrics

We propose a novel cancelable biometric approach, known as PalmHashing, to solve the non-revocable biometric issue. The proposed method hashes palmprint templates with a set of pseudo-random keys to obtain a unique code called palmhash. The palmhash code can be stored in portable devices such tokens and smartcards for verification. Multiple sets of palmhash codes can be maintained in multiple applications. Thus the privacy and security of the applications can be greatly enhanced. When compromised, revocation can also be achieved via direct replacement of a new set of palmhash code. In addition, PalmHashing offers several advantages over contemporary biometric approaches such as clear separation of the genuine-imposter populations and zero EER occurrences. In this paper, we outline the implementation details of this method and also highlight its potentials in security-critical applications.

Review: Text mining for market prediction: A systematic review

The quality of the interpretation of the sentiment in the online buzz in the social media and the online news can determine the predictability of financial markets and cause huge gains or losses. That is why a number of researchers have turned their full attention to the different aspects of this problem lately. However, there is no well-rounded theoretical and technical framework for approaching the problem to the best of our knowledge. We believe the existing lack of such clarity on the topic is due to its interdisciplinary nature that involves at its core both behavioral-economic topics as well as artificial intelligence. We dive deeper into the interdisciplinary nature and contribute to the formation of a clear frame of discussion. We review the related works that are about market prediction based on online-text-mining and produce a picture of the generic components that they all have. We, furthermore, compare each system with the rest and identify their main differentiating factors. Our comparative analysis of the systems expands onto the theoretical and technical foundations behind each. This work should help the research community to structure this emerging field and identify the exact aspects which require further research and are of special significance.

Personalised cryptographic key generation based on FaceHashing

Among the various computer security techniques practice today, cryptography has been identified as one of the most important solutions in the integrated digital security system. Cryptographic techniques such as encryption can provide very long passwords that are not required to be remembered but are in turn protected by simple password, hence defecting their purpose. In this paper, we proposed a novel two-stage technique to generate personalized cryptographic keys from the face biometric, which offers the inextricably link to its owner. At the first stage, integral transform of biometric input is to discretise to produce a set of bit representation with a set of tokenised pseudo random number, coined as FaceHash. In the second stage, FaceHash is then securely reduced to a single cryptographic key via Shamir secret-sharing. Tokenised FaceHashing is rigorously protective of the face data, with security comparable to cryptographic hashing of token and knowledge key-factor. The key is constructed to resist cryptanalysis even against an adversary who captures the user device or the feature descriptor.

Biometric hash: high-confidence face recognition

In this paper, we describe a biometric hash algorithm for robust extraction of bits from face images. While a face-recognition system has high acceptability, its accuracy is low. The problem arises because of insufficient capability of representing features and variations in data. Thus, we use dimensionality reduction to improve the capability to represent features, error correction to improve robustness with respect to within-class variations, and random projection and orthogonalization to improve discrimination among classes. Specifically, we describe several dimensionality-reduction techniques with biometric hashing enhancement for various numbers of bits extracted. The theoretical results are evaluated on the FERET face database showing that the enhanced methods significantly outperform the corresponding raw methods when the number of extracted bits reaches 100. The improvements of the postprocessing stage for principal component analysis (PCA), Wavelet Transform with PCA, Fisher linear discriminant, Wavelet Transform, and Wavelet Transform with Fourier-Mellin Transform are 98.02%, 95.83%, 99.46%, 99.16%, and 100%, respectively. The proposed technique is quite general, and can be applied to other biometric templates. We anticipate that this algorithm will find applications in cryptographically secure biometric authentication schemes.

Cancellable biometerics featuring with tokenised random number

In this paper we introduce a novel cancellable biometric realisation approach based on the iterated inner products between the tokenised pseudo-random number and the face feature to produce a set of user-specific compact binary code, coined as FaceHash. This approach enables straightforward revocation of FaceHash via token replacement and there is no deterministic way to reveal FaceHash without having both tokenised random number and face feature, thus offers strong protection against biometrics fabrication. In addition, FaceHashing has significant functional advantages over contemporary biometrics like zero error rate and clean separation of the genuine and imposter populations.

PalmHashing: a novel approach for dual-factor authentication

Many systems require a reliable personal authentication infrastructure to recognise the identity of a claimant before granting access to him/her. Conventional secure measures include the possession of an identity card or special knowledge like password and personal identification numbers (PINs). These methods are insecure as they can be lost, forgotten and potentially be shared among a group of co-workers for a long time without change. The fact that biometric authentication is convenient and non-refutable makes it a popular approach for a personal identification system. Nevertheless, biometric methods suffer from some inherent limitations and security threats. A more practical approach is to combine two-factor or more authenticators to achieve a higher level of security. This paper proposes a novel dual-factor authenticator based on the iterated inner product between tokenised pseudo-random numbers and user-specific palmprint features. This process generates a set of user-specific compact code called PalmHash, which is highly tolerant of data offset. There is no deterministic way to get the user-specific code without having both PalmHash and the user palmprint feature. This offers strong protection against biometric fabrication. Furthermore, the proposed PalmHashing technique is able to produce zero equal error rate (EER) and yields clean separation of the genuine and imposter populations. Hence, the false acceptance rate (FAR) can be eliminated without suffering from the increased occurrence of the false rejection rate (FRR).

Secure Hashing of Dynamic Hand Signatures Using Wavelet-Fourier Compression with BioPhasor Mixing and

We introduce a novel method for secure computation of biometric hash on dynamic hand signatures using BioPhasor mixing and discretization. The use of BioPhasor as the mixing process provides a one-way transformation that precludes exact recovery of the biometric vector from compromised hashes and stolen tokens. In addition, our user-specific discretization acts both as an error correction step as well as a real-to-binary space converter. We also propose a new method of extracting compressed representation of dynamic hand signatures using discrete wavelet transform (DWT) and discrete fourier transform (DFT). Without the conventional use of dynamic time warping, the proposed method avoids storage of users hand signature template. This is an important consideration for protecting the privacy of the biometric owner. Our results show that the proposed method could produce stable and distinguishable bit strings with equal error rates (EERs) of and for random and skilled forgeries for stolen token (worst case) scenario, and for both forgeries in the genuine token (optimal) scenario.

Formal specification of design pattern combination using BPSL

Abstract Pattern users are faced with difficulties in understanding when and how to use the increasing number of available design patterns due the inherent ambiguity in the existing means (textual and graphical) of describing them. Since patterns are seldom used in isolation but are usually combined to solve complex problems, the above-mentioned difficulties have even worsen. Hence, there is an appealing need to introduce formalism to accurately describe patterns and pattern combination to allow rigorous reasoning about them. The main problem of existing formal specification languages for design patterns is lack of completeness. This is mainly due either because they were not originally conceived to specify design patterns and have been adapted to do so, or they tend to focus on specifying either the structural or behavioral aspect of design patterns but not both of them. Moreover, only few of them venture in specifying design pattern combination. We propose a simple yet Balanced Pattern Specification Language that is aimed to achieve equilibrium by specifying the structural as well as behavioral aspects of design patterns. This is achieved by combining two subsets of logic one from First Order Logic and one from Temporal Logic of Actions. Moreover it can be used to formally specify pattern combination.