Noor Abid: Using Biometrics (Gait) for Security Applications

okay so um in today's session we'll talk about using biometrics um gates for security applications so thank you everyone for spending your time with us this afternoon uh welcome this morning sorry uh welcome to this presentation on using gate for security applications um my name is noor and i'll be presenting for you today so here's some information about myself i'm a cyber security instructor at bovale college i have my master's degree from the university of calgary and i have the ibm mastery awards for application security engineer and security intelligence engineer so in atlanta valley college we teach uh this program cyber security post diploma certificate and this program has two uh semesters so it's um like two terms

so the first terms we in the first term we are covering uh some of the topics such as information security endpoint security network security cryptography and so on and in term two we will be covering vulnerability management advanced network security security exploits and network defense um introduction to cloud security and so on so if we look at the job market place for cyber security we can see that a great way to enter that marketplace is by acquiring all these certificates so through our program we'll try to cover most of the topics for these certificates uh the courses in the program will prepare you for the responsibilities you will have to take as a cyber security professional

so as i said these certificates are essential tools for it professionals in the job marketplace nowadays so these are just few of them of course there are um lots of certificates but we are just covering these um some of the topics most of the topics of these certificates in our program so in this slide we have the objective of our session so we'll go through authentication authentication credentials biometrics and gate analysis authentication so our first topic will be authentication information security authentication is the process of ensuring that the person or assistant desiring access to resources is authentic and is not an imposter authentication is an essential element of i.t security and can never be taken slightly

in information technology i.t these five elements are known as the authentication credentials although there are many different authentication credentials that can be presented to an iit system to verify if the user is genuine all credentials can be classified into one of these five categories we can see these credentials here from this slides what you know for example a password what you have um an example of that would be a token or maybe your cell phone um or the smart card what you have um what you are sorry uh what you are for example biometrics like the phase biometric the iris and what you are for example the geo location and what you do the behavioral biometrics for example

date before we talk about these five authentication credentials let's talk a bit about multi-factor authentication and single factor authentication so when a user is using more than one type of authentication credentials we call this a multi-factor authentication for example what a user knows like a password and what a user has for example the token could be used together for authentication single factor authentication is just using one type of authentication so of course we should go with multi-factor authentication using more than one type of credent authentication credentials what do you know as an example of that we talked about the password so we said password password is a secret combination of letters numbers and or character characters that only

user should have knowledge of passwords are by far the most common type of authentication used today based on something you know that no one else knows so when the user log into our system uh the system will ask the user to iden to identify the user will identify using the uh username and then the user will be asked to authenticate by using a password weakness of passwords is linked to human memory so humans can memorize only a limited number of items long complex passwords are most effective but most difficult to memorize each account password should be unique users must remember passwords for many different many different accounts security also security policies mandate password must expire

so here are some tips for using a password never use the same password across accounts even more importantly never reuse personal account passwords on work accounts or devices consider using a password manager try to create a passive phrase rather than a single word or a number series and also do not use work devices for personal business so we are done with what you know um let's talk about what you have and we said an example of that are the tokens the um smart cards um the cell phones so let's talk about um the tokens another type of authentication credential is based on the approved user having a specific item in his position so something you

have such items are often used in conjunction with passwords an example of that would be that token so used uh the token are used to create a one-time password they call it otp one-time password authentication code that can be used only once or for a limited period of time this code will be generated from an algorithm and will be changed every 30 to 60 seconds token code changes it frequently attacker would have to crowd code within the time limit user may know if a password has been stolen if token is a stolen it becomes obvious and steps could be taken to disable account we can also use smart cards so instead of tokens we can use smart cards

and these smart cards just like smart cards contains integrated circuit chip that holds information or we can use a cell phone so cell phones are increasingly replacing tokens and cards nowaday a code can be sent to a user cell phone through an application on the device

what you are biometrics uses a person unique physical characteristics for authentication for example face or hand or eye characteristics we use special scanners for these characteristics for example iris scanner so the iris scanner which can use a standard computer webcam uses the unique characteristics of the iris which is a thin circular structure in the eye the iris is responsible for controlling the diameter and the size of pupils to regulate the amount of light reaching the retina iris recognition identifies the unique random patterns in an iris 4 authentication a biometric authentication that is becoming increasingly popular on smartphones is facial recognition so nowadays facial recognition is widely used every person's face has several distinguishable landmarks that make up their face

features where you are geolocation it's the identification of the location of a person or object using technology authentication through geolocation is increasingly being used for mobile devices but as with laptops and desktop computers it is often used to exclude imposters or raise an alert about a potential unauthorized user as opposed to authenticating a user based exclusively on location what you do an example of that is the behavioral biometrics such as the gate so behavioral biometrics authenticates by normal actions views are performed another example would be the keystroke so keystroke dynamics attempts to recognize users typing rhythm all users type at a different space it will provide up to 98 percent accuracy we talked about also we mentioned gate

so in the next few slides we will focus on gate as a behavioral biometric biometrics biometrics is the field of study concerning measurement and analysis of the human body and its physical and behavioral characteristics biometrics include physical psychological uh physiological features such as face appearance fingerprint iris measurements as well as behavioral features such as signature voice and gait and in this session we will focus on gate gate analysis human gait is a significant indicator of the health of an individual we can use gate to detect and classify gate abnormalities for example asymmetry or we could also determine the level of severity of any detected abnormalities gates can be categorized as soft biometric other examples of soft biometrics

include facial expression age or gender gait is defined as an individual's local motion pattern their manner of walking so observing an individual's gait is not a novel concept it has been already studied and applied in the field of medicine and also in the field of in border control the most relevant application of biometrics has been for the identification of individuals for security or forensic purposes biometrics has also been applied in the healthcare's healthcare sector and has shown a great potential for accurate pathology diagnosis monitoring the health status of patients and detecting intoxication biometrics work in the healthcare sector involves acquiring and verifying measurements related to the area of concern and analyzing these measurements to detect deviations

from the normal range of patterns using biometric traits to identify and diagnose patients is becoming increasingly more relevant in the healthcare field some of the traits that can be measured are the face as we said before the fingerprints iris gate and the voice they are used as a tool to reduce the chance of falsely identifying someone for example in the border control gate is one of the biometrics that can be utilized to distinguish individuals based on human walking style from large distance and without the users cooperation an example here if you can see from this slide biometrics we can use biometrics for health applications we could use it as well for border crossings check biometrics or gates for health

applications so as we said before human gait is a significant indicator of the health of an individual gay data can be used for diagnosis monitoring and rehabilitation gait analysis aims at detecting the individual's gait features and can be used to determine gate type and diagnostic pathology for example stopage or a gait in healthcare applications changes in gates provide key information needed for the detection of health deterioration in the elderly or symptoms of very various diseases including for example neurological diseases for example multiple sclerosis or parkinson's diseases and systemic diseases such as um cardiopathies cardio pathos sorry monitoring and evaluation of the gait characteristics over time may enable early diagnosis of such diseases and help prevent

future health problems how about for border crossings for applications such as border crossings one important function is to search against an existing database or watch list so for example in the airport there should be a database or a watch list contemporary watchlist screening technology uses alphanumeric data such as name date and place of birth which are not reliable records as they can be forged or obtained using fraudulent reader documents to mitigate this problem watch list use in forensic applications may be used they include records about soft biometrics and when we said so when we say like soft biometrics we mean for example the gender the height uh the weight or the gait characteristics so assuming that facial data is recorded

during a travel traveler's passage through border control or a less controlled environment will result in a law matching the score but when traveler's gate data is also compared against an existing database the rate of correct identification increases greatly so let's discover the general method to detect and analyze gate abnormality so during my master research at the university of calgary we examined the following so we have um this approach and we we have used this approach uh it's the gauge recognition approach so first we acquire the data we get the data from a camera which is a connect camera and this um in this image here and then we process the data we extract the features and then we do

the classification

so to protect the privacy of a participant we chose to go with these skeleton frames if you can see from this slide here this is samples of the frames provided by the connect camera that we have used so we've got rgb um frames depth and also a skeleton so for to protect the privacy of our participant we have chosen to go with these skeleton frames so we got the input data as you can see from this image here so the gate depth data was provided by um no marker gate data acquisition using the microsoft connect so from the skeleton frames we got these vectors here so for example for each joint uh we have the foot joint position

so for e joint we will get the x y and z coordinates and we will deal with just numbers to protect the privacy of our participants we are we were just using numbers and analyzing these numbers or vectors so as you can see here um this is for the left foot uh the same thing will be for the right foot for the left ankle right ankle and so on for all the joints after we got the data we processed the data um we were just smoothing the erratic values from the data and then before we started to extract other features we extracted the gate cycle so we have used two methods to extract um a gate cycle

these two methods are um as you can see in this slide joint relative angle jra and joint relative distance jrd so two methods of gait cycle detection were used and the first method the joint relative angle this one here so the joint relative angles jra of the subject's ankles were used to observe the events between two consecutive heal strikes of the same foot the first heel strike is the beginning of a gate cycle and the second heel strike is its its end so we call this a heel to try here um the first image and then this is food flat and this here is a toro so the gate cycle will start with the first heel strike and then we'll end

with the second heel to try so as you can see the three there are eight phases but the three major phases are here so here's the tried foot flat and toe so the ankle angle is a measurement of the anchor relative to the vertical plane of the leg and not the angle between the arch and the shin in the second method the distance between the left and the right ankles was calculated for each frame also known as the joint relative distance jrd and the gay cycle was found by determining three consecutive consecutive local maxima when the subjects feet are furthest apart the mean maximum jrd was 0.2 meters however this means this mean was subject to a high

variation between individual subjects after we got the gait cycle we were able to extract other features for example these static feature extractions such as height the arm length leg length we were able to extract dynamic features such as knee and shoulder movements cadence and the tried length in this slide we have uh the shoulder joint positions and knee angles for normal and abnormal gait and we'll talk about these figures in the coming slides we have used different types of classifiers um such as the lda svm mb knn so many algorithms have been used for classification so let's start with the experimental procedures and results in the first experiment we examined the feasibility of using the

lower body joint data for example the knee angles and the ankle angles to classify gate type so we have get the images like from the user when they are walking for example in the airport so we get the images um the rgb depth camera um we'll go through the gate straight analyzer semantic form and then it will be compared against a database so let's say in the airport they have a database of face um fingerprint um and other characteristics there is inference engine here and we will have the decision at the end so as we uh mentioned before the input data here we we were dealing with just um the vectors like the x y and z for

example here for the left foot left knee um right right knee uh left ankle and so on so we do some processing we smooth the data and then we do the feature extraction then we use the classifier to distinguish if this is a normal or abnormal gate

so by using v knee angles we were able to distinguish between a normal and abnormal gait so after plotting the data we find out that for a person with not with a normal walking motion the knee moved in a predictable range from straight 180 degree to well below 150 degree as you can see here this is a normal gait so from 180 to well below 150. for persons with abnormalities in walking motion one of the knees could not bend below 150 as you can see here in this figure okay and had a range of movement that was considerably different from the other healthy knee so we were able to distinguish between a normal gait and abnormal gait using

the knee angles we have used many classifiers as i mentioned before um these are the accuracy rates of the uh classifiers so in summary the proposed gate trait analyzer was able to detect and declassify gate abnormalities now we find out that the knn classifier was the best of all traditional classifiers so after we finished with the upper joint body we moved to the uh sorry after we finish with the lower body joint uh data we moved to the upper body joint um data for example the shoulder movements so after determining if the person have a normal or abnormal gait if the person has abnormal gait let's check the severity of the abnormalities so we have used the uh shoulder movement

for that if you can see here from this figure we got the input data we processed the same procedure we extracted the features and then we have used the classifiers to determine if we have a moderate gate abnormality or extreme gate abnormality we theorize that having a lymph would cause abnormalities in the upper body movement such as an abnormal shoulder movement pattern so three categories are used to define the results normal motion moderate abnormality and extreme abnormality we can see the difference here so for example the y-coordinate of the left shoulder and right shoulder joints for a normal gait it's like that but for abnormal gait you can see the difference here so you can't see the y coordinates of

the left and right shoulder joints there is a difference between here are the classifiers that we have used and the accuracy right so in summary the proposed framework was generally successful in identifying gate abnormality and also detecting the determining the severity of this abnormality the novelty included usage of the upper body features to determine severity of gait abnormality and usage of a dynamic bayesian networks as a classifier the accuracy rate was uh 82.19 percent of the dbm classifier the third experiment or as you can see here um is kind of different so with this one here we use the fusion i'm sorry there's a typo here so it's the third experiment we have used the fusion of gate characteristics

with the facial scores okay and height measures to recognize an individual's identity so um we can use this at the airports for example so this system function by comparing pre-selected facial features obtained from an image or maybe a video frame with a database of facial images to look for common commonalities and identify that individual so we can see here for example if a person that's going to the airport his height is 170 and his gate type is normal um so this will be compared uh with a database so here we have a database that has the height gate type face uh data and the face characteristic as well so uh first for example we'll check the

height okay so this person height is 170 if we have like for example two people with uh 170 then um we are we just have two so from this list here we just uh continue with these two and then we check so the gate type is normal we go to the gate type so this 170 here um is normal this one 70 here is abnormal so of course we'll go with the normal one and then we will have the face scores with all these information we will be able to identify the person so we were able to improve the recognition rate of facial recognition system by fusing it with gate and height so in conclusions after all these

experiments we find out that derived gate features can be used to distinguish between different gate types um gates can be also fused with other modalities to increase performance of biometric recognition

okay so that's all with me i would like to thank you all for spending your time um with us this morning i hope you enjoyed the session um thanks to all the people who supported the conference as well so let's open it for i would like to open it for any questions okay let's see here uh yeah so i see from christopher the health diagnostics applications are cool would be interesting to have a smart watch of course we could use the smartwatch but these are wearable devices so in this um research here we didn't we just used the connect camera so it's we didn't want to have anything on the um participants so we didn't

use any wearable devices but of course there are many research um that have used the uh wearable devices what if a bad actor is on the list was something in heel or foot with uh something in here so with the connect camera that we have used it will just um [Music] we will just get the joint position so even if someone is wearing like a heel then we just get the um it just will capture the joints the joint location have you considered the impact of devices such as overloader braces and others that would change an abnormal day to a normal date we haven't considered the impact of these devices these are like wearable devices

thank you so much we enjoyed a lot but only in one foot no so we are capturing the data on so for example foot left foot foot right um left ankle left ankle right ankle left knee right knee okay so we uh got all the joint positions from the camera and then uh for the lower body we have used the knee angles to um determine if the person has a normal or abnormal gait and then after that we added the uh shoulder movements to determine the severity of uh of a person that's having abnormal gait any more questions

do you see practical applications for physical security delta and gate and facial package between entry and exit of a facility force prevention that scenario as others so for now um you can see the impact of the various braces as they are very from fitting and not easy seen anymore yeah yeah i agree and so in our research we just try to um uh see the feasibility if we can use like these um characteristics um in addition so right now um for example in the airport they are using already the uh facial recognition but we wanted to add other features uh to help identify uh people so we were checking the feasibility of adding for example gate characteristics

and the height as well of a person but of course we could use other characteristics as well okay so thank you everyone