Sage Journals: Discover world-class research

Abstract

Biometric verification has been included in remote user authentication schemes recently. In this paper, we have proposed the use of heartbeat biometrics for its liveness property as a possible defense against spoof attacks in remote authentication. Sensor embedded mobile computing devices such as smart phones could be used to capture biometric signals and to replace the use of traditional smart cards. For the remote authentication, we have adopted the state-of-the-art scheme. We have described the biometric verification method instead of using cryptographic hash function for feature matching. We have used the piecewise aligned morphology (PAM) of heartbeat signal as a biometric feature. The biometric verification method was tested with ECG records of 100 individuals and 1.34% of equal error rate (EER) was obtained. This feature could be computed and transmitted efficiently using mobile computing devices. The proposed scheme offers more security and convenience to users. Additionally, it becomes robust against noisy biometric input. The proposed scheme should be feasible for remote authentication using sensor embedded computing devices in many practical applications such as remote healthcare.

1. Introduction

Remote authentication is becoming increasingly important with the growing popularity of cloud and mobile computing. For example, in the remote healthcare service, information is collected over sensor-enabled smart phones [1]. Hence, user authentication plays an important role to ensure that the right person is getting the right services. It can be envisaged that in the near future biomedical signal captured from a sensor network could be used for authentication in addition to providing diagnostic information. In other words, sensors will be attached to mobile computing devices, creating a sensor network used for remote authentication.

Different types of biomedical signals are used for diagnosis of a patient. Heartbeat signal is one of the commonly used signals. In this paper, we have investigated the potential use of heartbeat signal for remote authentication. In fact, a heartbeat signal can be proposed as a biometric modality in remote authentication for several inherent qualities. First, the heartbeat signal holds a unique signature for each person and is stable over a long period of time [2–4]. Second, every living person must have a heartbeat signal and it can be captured from the hands for biometric applications [4–7]. Third, liveness is an inherent property of this modality [8–10], as it cannot be captured from deceased body parts or false modalities, such as a gummy finger or a high-resolution video image. Finally, unlike fingerprint, iris, or face signals, it is difficult to steal or mimic a heartbeat signal [9, 11].

Traditional password and ID based remote authentication schemes [12] were supplemented by a smart card [13] to avoid dictionary attacks. In the latest attempt, biometric verification [14–17] is also suggested together with password, ID, and smart card to prevent several other attacks such as stolen mobile device attacks, replay attacks, and man-in-the-middle attacks. Different types of biometrics such as fingerprints, faces, and irises are considered as potential modality. However, we have noticed that the use of these biometrics in these remote authentication schemes has several limitations: (i) vulnerable to spoof attacks, (ii) sensitivity of hash function for biometric matching, and (iii) inconvenience to users as multifactor (password, smart card, and biometrics) authentication requiring additional hardware (card reader and biometric device) which incurs the risk of being lost and stolen.

For remote authentication, a sensor (attached to a mobile computing device), used to capture a biometric signal, should be available for all users. This unattended situation will provoke imposters for spoof attacks with fake biometric samples for obtaining undue access to the genuine users account. Existing biometric modalities, such as fingerprint, iris, and face, are vulnerable [18] in such unattended scenarios, as an imposter will have sufficient opportunity to spoof a target client. For example, it has been shown that it is possible to spoof varieties of fingerprint technology by gummy fingers [19]. In face and iris recognition systems, the use of high-resolution still images or videos is sufficient to fool the systems [20, 21].

In previous works [14, 15, 22], cryptographic hash function is used for biometric matching. However, this one-way hash function is very sensitive to small perturbations of inputs. Biometric inputs can be considered as noisy in the sense that there may be differences between the input biometrics each time. Hence, legal users will be unable to pass biometric verification. In fact, because of the sensitivity of hash functions, it is hard to use it straightforwardly in biometric matching.

In this paper, we have proposed a remote authentication scheme using sensor embedded computing devices (SECD) which is capable to capture heartbeat signals. The feasibility of this scheme lies in the fact that mobile computing devices (e.g., smartphone) are becoming popular with additional computing power day by day. Hence, the smart card could be replaced by a SECD and hence the card reader will not be required. During the registration phase, SECD will store the feature computed from the heartbeat signal together with other information. During the login or password change phase, the captured data from the sensor will be used to match with the stored feature. In order to avoid the use of hash function for biometric matching [14, 22], we use the feature extraction and matching method for biometric verification. The process will be helpful to avoid the limitation of the hash function applied to the biometric feature. For remote authentication, we have adopted the scheme described by Li et al. [14] and improved by Das [22]. This scheme possesses many security features such as security of secret key, security of session key, resists stolen device attacks, proper mutual authentication, resists replay attacks, and resists man-in-the-middle attacks. Moreover, due to the use of heartbeat signal, it will be possible to avoid spoof attack as it cannot be captured from deceased body parts or false modalities and it is difficult to steal or mimic a heartbeat signal [9, 11].

The rest of this paper is organized as follows. In Section 2, we discuss different phases of the remote authentication scheme. In Section 3, we describe the steps of biometric verification method using heartbeat signal. Section 4 concludes the paper with an outline of our possible future work.

2. Remote Authentication Scheme

In this scheme, a sensor embedded computing device ( ${S E C D}_{i}$ ) communicates with the remote authentication manager through a communication engine as shown in remote authentication scenario in Figure 1. The authentication manager ( $S_{i}$ ) could be a remote server or an agent providing authentication service for cloud-based applications which ensures the authentic access of the various resources managed by the resource manager. At the initial stage, a SECD is registered through a trusted registration center (R). The schemes described by Li et al. [14] and Das [22] do not suggest any particular biometric modality and matching method. In this paper, we have used biometric features extracted from a heartbeat signal for user verification (Section 3). Instead of applying the hash function directly on the biometric feature, we associate a secret random number (z) with the feature on which the hash function is applied. Hence, the perturbation in biometric signal does not affect the hash function. In this section, we have described the four phases of this improved remote authentication scheme: (i) registration, (ii) login, (iii) authentication, and (iv) password change.

Figure 1

Remote authentication scenario.

2.1. Registration Phase

In the initial stage, the user ( $C_{i}$ ) and the registration center (R) perform the following steps. (1)

$C_{i}$ enters a random number N into the ${S E C D}_{i}$ which computes $R P W_{i} = h (N ∥ P W_{i})$ based on the users password $P W_{i}$ , where h is the hash function and ∥ is the concatenation operation. Then $C_{i}$ inputs the heartbeat signal ( $B_{i}$ ) on the ${S E C D}_{i}$ and provides the masked password $R P W_{i}$ and ${I D}_{i}$ to R via a secure channel.

(2)

R computes the biometric feature $f_{i}$ from $B_{i}$ and associates a secret number z with $f_{i}$ . Then it computes $f_{i}^{'} = h (z)$ , $r_{i} = h (R P W_{i} ∥ f_{i}^{'})$ and $e_{i} = h ({I D}_{i} ∥ X_{S}) \oplus r_{i}$ , where $X_{S}$ is a master secret key and ⊕ is exclusive or operation.

(3)

R stores $(h (\cdot), r_{i}, f_{i}, e_{i}, y, z)$ on ${S E C D}_{i}$ and sends it to $C_{i}$ via a secure channel, where y is a secret number maintained by $S_{i}$ .

2.2. Login Phase

In order to login $S_{i}$ , $C_{i}$ must perform the following steps. (1)

$C_{i}$ inserts the heartbeat signal $B_{i}$ using ${S E C D}_{i}$ . Then ${S E C D}_{i}$ extracts biometric feature from $B_{i}$ and verifies it with the already stored feature as discussed in Section 3. If $C_{i}$ passes the biometric verification, it performs the following steps.

(2)

$C_{i}$ inputs the ${I D}_{i}$ and ${P W}_{i}$ . Then ${S E C D}_{i}$ computes $R P W_{i} = h (N ∥ {P W}_{i})$ , $r_{i}^{'} = h (R P W_{i} ∥ z)$ and then checks whether $r_{i} = r_{i}^{'}$ . If this verification does not hold the used is notified with incorrect error message and the scheme is terminated.

(3)

Otherwise if $r_{i} = r_{i}^{'}$ then ${S E C D}_{i}$ computes $M_{1} = e_{i} \oplus r_{i}^{'}$ , $M_{2} = M_{1} \oplus R_{C}$ , $M_{3} = h (y ∥ R_{C})$ , $M_{4} = {R P W}_{i} \oplus M_{3}$ , and $M_{5} = h (M_{2} ∥ M_{3} ∥ M_{4})$ , where $R_{C}$ is a random number chosen by $C_{i}$ .

(4)

Finally, the message ( ${I D}_{i}$ , $M_{2}$ , $M_{4}$ , $M_{5}$ ) is sent to $S_{i}$ .

2.3. Authentication Phase

After receiving the login message ( ${I D}_{i}$ , $M_{2}$ , $M_{4}$ , and $M_{5}$ ) the remote server $S_{i}$ and the user $C_{i}$ perform mutual authentication. In fact, in this step no biometric verification is required. Hence, we have adopted the scheme described in [14] and the steps are briefly discussed in the following. (1)

$S_{i}$ checks the validity of the format of ${I D}_{i}$ . If it is not valid, $S_{i}$ rejects the login request and terminates the session. Otherwise it performs the following steps.

(2)

$S_{i}$ computes $M_{6} = h ({I D}_{i} ∥ X_{S})$ , $M_{7} = M_{2} \oplus M_{6} = R_{C}$ , and $M_{8} = h (y ∥ M_{7})$ and verifies whether $M_{5} = h (M_{2} ∥ M_{8} ∥ M_{4})$ . If they are equal, $S_{i}$ stores ( ${I D}_{i}$ , $M_{7}$ ) in the database. When $S_{i}$ receives $C_{i}$ 's next login request, $S_{i}$ computes $M_{7}^{'}$ and compare it with $M_{7}$ . If these values are same, $S_{i}$ rejects it as a replay message. Otherwise, $S_{i}$ replaces $M_{7}$ by $M_{7}^{'}$ .

(3)

Now, $S_{i}$ computes $M_{9} = M_{4} \oplus M_{8}$ , $M_{10} = h (M_{9} ∥ S I D_{i} ∥ y) \oplus M_{8} \oplus R_{s}$ , and $M_{11} = h (M_{6} ∥ M_{9} ∥ y ∥ R_{s})$ where $R_{s}$ is a random number chosen by $S_{i}$ .

(4)

$S_{i}$ sends the authentication message ( $M_{10}$ , $M_{11}$ ) to $C_{i}$ .

(5)

After receiving the message, $C_{i}$ computes $M_{12} = h (R P W_{i} ∥ {S I D}_{i} ∥ y) \oplus M_{3} \oplus M_{10}$ and verifies whether $M_{11} = h (M_{1} ∥ R P W_{i} ∥ y ∥ M_{12})$ .

(6)

If it holds, the validity of $S_{i}$ is authenticated by $C_{i}$ . Otherwise, $C_{i}$ terminates the scheme. After the mutual authentication phase, $C_{i}$ and $S_{i}$ compute the session keys $h ({R P W}_{i} ∥ M_{3} ∥ M_{12} ∥ {S I D}_{i})$ and $h (M_{9} ∥ M_{8} ∥ R_{S} ∥ S I D_{i})$ , respectively.

2.4. Password Change Phase

If $C_{i}$ wants to change password $P W_{i}$ with a new password ${P W}_{i}^{n e w}$ , $C_{i}$ inputs his biometric $B_{i}$ using ${S E C D}_{i}$ for verification. If $C_{i}$ passes the biometric verification, $C_{i}$ inputs the new password ${P W}_{i}^{n e w}$ and the old password ${P W}_{i}$ . Then, ${S E C D}_{i}$ computes ${R P W}^{'} = h (N ∥ {P W}_{i})$ , $r_{i}^{'} = h ({R P W}^{'} ∥ z)$ . If $r_{i} \neq r_{i}^{'}$ then the password change phase is terminated. Otherwise, ${S E C D}_{i}$ computes $e_{i}^{'} = e_{i} \oplus r_{i}^{'}$ , ${R P W}_{i}^{n e w} = h (N ∥ {P W}_{i}^{n e w})$ , $r_{i}^{''} = h ({R P W}_{i}^{n e w} ∥ z)$ , and $e_{i}^{n e w} = e_{i}^{'} \oplus r_{i}^{''}$ . Finally, $e_{i}$ and $r_{i}$ stored in the ${S E C D}_{i}$ are replaced by $e_{i}^{n e w}$ and $r_{i}^{''}$ , respectively.

3. Biometric Verification

In this section, we describe the biometric verification method using heartbeat signal required for different steps of the remote authentication process discussed in the previous section. The heartbeat signal is the reflection of the heart's electrical activity measured on the body's surface. A signal consists of a sequence of heartbeats. Durations of an individual's heartbeats may vary within a short period of time due to heart-rate variability (HRV) [23], making the heartbeat signal semiperiodic. For authentication purposes, different types of biometric features [3, 8, 9, 24] are extracted from the morphology of a heartbeat signal. In several methods, the signal is first segmented into heartbeats and each of them is then resampled to yield an equal number of samples [8, 9, 24]. Resampling has also been found helpful to improve verification performance [25]. However, uniform resampling of all parts of a heartbeat may cause morphology deformation [26, 27], yielding inferior verification performance. Fatemian and Hatzinakos [9] and Fatemian [28] have investigated a nonuniform resampling technique for morphology regularization. In this method, resampling frequency of heart-rate dependent (i.e., the T wave) and independent (i.e., the P-wave and QRS complex) segments may become nonuniform in different heartbeats. In our previous work [26, 27], we found that piecewise-uniform resampling of different segments of a heartbeat improves the morphology alignment significantly with respect to other uniform and nonuniform resampling methods.

In this work, we use the Piecewise-Aligned Morphology (PAM) of heartbeat signal as a biometric feature. The PAM feature is computed from a given signal in four steps. These steps are shown in the block diagram in Figure 2. In the first step, the heartbeat signal is preprocessed, as discussed in Section 3.1. A preprocessed signal is then segmented into heartbeats, as discussed in Section 3.2. The morphology alignment method is discussed in Section 3.3. The feature is then formed by averaging the morphology of a few consecutive heartbeats that were captured in a reasonably short period of time. The feature formation method is discussed in Section 3.4. In Section 3.5, we describe the feature matching method. This feature is evaluated by a simple verification method using heartbeat records of 100 individuals obtained from a publicly available database known as the PTB diagnostic ECG database or “ptbdb” [29]. In Section 3.6, we describe the experimental results.

Figure 2

Block diagram of the feature extraction method.

3.1. Preprocessing

The heartbeat signal is often contaminated with different types of noise, such as power-line interface, baseline wander, and patient-electrode motion artefacts [11, 23]. In the preprocessing step, noise is removed by a band-pass Butterworth filter [11, 30] of order four with cut-off frequencies of 0.25 to 40 Hz.

3.2. Heartbeat Segmentation

To extract the PAM feature, we use a preprocessed heartbeat signal with several regular heartbeats. Such a regular heartbeat contains six segments, such as the P wave, P-R segment, QRS complex, S-T segment, T wave, and T-P segment, as shown in sequential order in Figure 3. The first three of these segments (P-wave, P-R segments, and QRS complex) are less affected by heart-rate variability [23, 28]. These segments together are named as the stable segment. The heart-rate variability strongly affects the duration of T wave and T-P segment. Moreover, the S-T segment is often deformed by different cardiac conditions. These three segments together are named as the flexible segment. Considering the difficulties in identifying the onset of P-wave and offset of QRS complex [23], we defined [26] P-S as the stable segment and S-P as the flexible segment of a P-P heartbeat, as shown in Figure 3.

Figure 3

Six segments of regular P-P heartbeats and stable (P-S) and flexible (S-P) segments.

We first detect the QRS complex by a curvature-based method [7, 31] which requires linear computational time. R is detected as the peak of this complex. Then, Q-peak and S-peak are detected as the minima before and after, respectively, within a window of 75 milliseconds from the R-peak. Finally, P-peak is located before the Q-peak as the maximum within a window of 170 milliseconds. We obtain a P-P heartbeat by concatenating the consecutive P-S and S-P segments. Figure 4 shows the result of the heartbeat delineation process of a ten-second heartbeat signal obtained from “ptbdb.”

Figure 4

Result of heartbeat delineation of a ten-second heartbeat signal obtained from the patient007_s0026lre record of “ptbdb.”

3.3. Heartbeat Alignment

It is observed that the change of a heartbeat due to the heart rate variability (HRV) is not uniform all over a heartbeat [26]. The flexible segment is more affected than the stable segment. Thus, in the piecewise-uniform alignment method [26], stable and flexible segments of the heartbeat are resampled with two different rates such that the resampling rate becomes uniform for the same segments in all heartbeats. We obtain resampling rates $r_{p s}$ and $r_{s p}$ by dividing a predefined resampling rate r of a regular P-P heartbeat proportionally to the average length of the P-S and S-P segments, respectively, as shown in

\begin{matrix} r_{p s} = ⌊\frac{d_{p s}}{d_{p p}} r⌋, \\ r_{s p} = r - r_{p s}, \end{matrix}

(1)

where

⌊\cdot⌋

indicate the floor operation and

d_{p p}

d_{p s}

, and

d_{s p}

are the average length of P-P heartbeats, P-S segments, and S-P segments, respectively, under rest conditions. Average length of P-P, P-S, and S-P segments are assumed to be 800, 250, and 550 ms, respectively [26]. After concatenation of the resampled segments, we obtain an equal number of samples r in each of the aligned heartbeats.

Srikanth et al. [32] investigated different time and frequency domain resampling methods. It was found that polynomial interpolation is preferable to the FIR filter-based method in terms of simplicity, speed, and accuracy. This method is especially suitable for the piecewise alignment method, as we further divide a heartbeat into smaller segments. This is because polynomial interpolation does not distort the waveform at the start and end of the signal, as does a FIR filter. The resampling of a heartbeat segment with n samples can be carried out by determining a unique polynomial of degree $m < n$ , as shown in the following:

\begin{matrix} p_{m} (t) = a_{0} + a_{1} t + \dots + a_{m} t^{m} . \end{matrix}

(2)

We prefer to use a lower-order polynomial as it depends on the smaller neighborhood of the interpolating point. In fact, in different biometric applications, the cubic (i.e., $m = 3$ in (2)) spline interpolation method is widely used [24, 25]. For spline interpolation, we need to determine $n - 1$ cubic polynomials. Thus, we need to determine the $4 (n - 1)$ coefficients $a_{0}$ , $a_{1}$ , $a_{2}$ , and $a_{3}$ . These can be computed by solving a tridiagonal system in linear time [24], that is, $O (n)$ .

3.4. Morphology Averaging

After segmentation and alignment, we obtain a sequence of isolated heartbeats, each with an equal number of samples (i.e., r samples). The amplitude of each of the heartbeats $e (i)$ is then normalized to remove the baseline shift such that $0 \leq e (i) \leq 1$ ; $i = 1, \dots, r$ . A PAM feature is formed by averaging q aligned and the amplitude normalized heartbeats as follows:

\begin{matrix} f (i) = \frac{1}{q} \sum_{j = 1}^{q} e_{j} (i); i = 1, \dots, r . \end{matrix}

(3)

In this way, the dimensionality of a feature becomes equal to the resampling rate r for any length of the heartbeat signal. We also extract features from heartbeats aligned by two other methods (such as uniform and nonuniform), so that we can compare their performance in biometric verification experiments.

3.5. Matching

Suppose that we have p persons for a verification system. For each person in the system, we construct a gallery feature ${}^{G}{f_{j} (i)}; j = 1, \dots, p$ , from the given gallery signal as in (3). Therefore, the storage requirement for the whole gallery set is linear to the number of persons; that is, $O (p)$ as the dimension of the feature (r) is constant. The computational time of such a feature depends on the number of heartbeats in a given signal. Suppose a signal contains q heartbeats and η is the average number of samples in a heartbeat. Then for the curvature based method, the segmentation process requires $O (q \times η)$ time. After the resampling process, we obtain equal number of samples (r) in each heartbeat. As the resampling can be performed in linear time to the number of samples of a signal, the computational time of a feature is

\begin{matrix} O (q \times η) ≃ O (q \times r) = O (q) . \end{matrix}

(4)

In the testing phase, a single probe feature ${}^{P}{f_{*} (i)}$ is constructed from the captured probe signal. The human verification processes depend on the distance d between a gallery feature and the probe feature. Different types of distance metrics, such as Euclidean or $χ^{2}$ distance, could be used. To verify the identity of the jth person, we simply use the threshold t. This person is accepted if the distance of the probe and gallery feature is less than the threshold; that is,

\begin{matrix} d ({}^{G}{f_{i}}, {}^{P}{f_{*}}) < t; \end{matrix}

(5)

otherwise, it is rejected. The threshold t is obtained from receiver operating characteristic (ROC) analysis for the equal error rate (EER) of false acceptance and false rejection. This verification can be performed in constant time.

3.6. Experimental Results

We tested the biometric verification method on digital heartbeat signals obtained from “ptbdb” [29]. This database contains ECG records of persons in the age range of 17–87. We used 100 records [26] of sixty seconds in which most of the heartbeats are regular in the sense that they contain all six segments. The sampling frequency of the ECG records is 1000 Hz. In our experiment, each of these records was divided into five signals of twelve seconds. Each signal was segmented into heartbeats that were aligned with three methods: uniform, nonuniform, and piecewise-uniform. The resampling rate for alignment is a predefined constant (integer) which should be in the range of 60%–70% of the original sampling rate to keep the root-mean-squared (RSM) error at a minimum level [26]. In all three methods, we used the resampling rate $r = 600$ samples. For the uniform alignment method, we concatenated consecutive P-S and S-P segments to obtain the P-P heartbeat and then resampled it with the predefined rate r. For the nonuniform alignment method, we first resampled the S-P segment (instead of the T-wave as in [9]) with a rate proportional to 350 ms, then concatenated it with the P-S segments, and finally resampled the complete heartbeat with the predefined rate r. For piecewise-uniform alignment, we resampled the P-S and S-P segments with a rate of 188 and 412 samples, respectively, proportional to 250 and 550 ms. We used cubic-spline interpolation method for the resampling.

In order to evaluate the performance the proposed feature, we repeatedly tested the verification method with five different gallery sets. We selected one of the five signals as the gallery signal and the remaining four as probe signals for each person, and we computed the EER. The experiment was repeated five times for a given number of heartbeats (e.g., $q = 1, \dots, 9$ in (3)). Then for the particular value of q, we computed the average EER for 100 persons. The average EERs are shown in Figure 5. We have also tested the verification performance for increasing number of heartbeats from 1 to 9.

Figure 5

Average verification EER with different number of heartbeats.

We also compared performance of PAM feature with those of two other morphological features: (i) autocorrelation of morphology (ACM) [10, 33] and (ii) heartbeat shape (HBS) [24]. In this work, we considered the autocorrelation of the piecewise-aligned heartbeats for use in verification. Normalized autocorrelation of a heartbeat is defined as

\begin{matrix} a [k] = \frac{\sum_{i = 0}^{r - |k| - 1} e [k] e [i + k]}{a [0]}, \end{matrix}

(6)

where k is the index of feature vector,

k = 0, \dots, r - 1

, and

a [0]

represents the energy of the signal. We computed the autocorrelation of piecewise-aligned heartbeats with a dimension of 600 which is equal to the resampling rate r. Then, we took the average of nine consecutive heartbeats to compute the ACM feature.

The thirty-dimensional HBS feature [24] was computed from nine consecutive piecewise-aligned heartbeats. The resampling step of the HBS feature computation method was replaced by the piecewise-uniform resampling method. The steps to compute the features from piecewise-aligned and normalized morphology were as follows. (i)

We computed the second derivative of the heartbeats and smoothed it with a Gaussian kernel.

(ii)

We computed the average of smooth derivative for nine consecutive heartbeats.

(iii)

We formed a thirty-dimensional feature vector by dividing r samples into thirty bins according to the amplitude of the average of smooth derivative.

We used the Euclidean distance for the PAM and ACM features and the $χ^{2}$ distance for the HBS feature. Table 1 compares the verification EER for these three features as applied to the dataset for 100 persons.

Table 1

Comparison of performance with two other state-of-the-art features.

Feature	Feature dimension	Average EER (%)
ACM	600	3.92
HBS	30	4.63
PAM	600	1.34

4. Discussion and Conclusion

Remote authentication is important for many applications such as distance health care services. Inclusion of biometric verification in the remote authentication scheme has introduced the vulnerability to spoof attacks by fake biometric samples. In this work, we proposed the use of heartbeat signal for remote authentication as a possible defense against such spoof attacks. A distributed network of sensor embedded mobile computing devices is considered for capturing and processing biometric signals. Such a device can also reduce the requirement of a traditionally used smart card which has very limited computing power. So the authentication process becomes more convenient for the users. For the remote authentication, we have adopted the state-of-the-art scheme having many security features. Hence the proposed method offers additional security. Moreover, we have described the biometric matching method for user verification instead of just using cryptographic hash function for feature matching. So this method becomes more robust against noisy biometric input.

We considered the use of heartbeat signal as a biometric modality for its liveness property as it cannot be captured from fake biometric modalities or deceased body parts. A piecewise-aligned morphology of the heartbeat signal is used as a biometric feature. This feature was tested for verification of 100 users whose records were obtained from a publicly available database. It can be observed from Figure 5 that the piecewise alignment improves verification performance significantly compared to uniform and nonuniform methods. This is because in the piecewise alignment method, the resampling of one part is not affected by the nonuniform change in other part and hence it helps to preserve the intraindividual similarity of different heart beats. We have also tested the verification performance for increasing number of heartbeats. It can be observed that with nine regular heartbeats, we obtained credible verification EER. We also compared the verification performance for two other existing features on the same dataset. The verification performance of the proposed PAM feature outperforms those two features as shown in Table 1. Due to the use of the curvature based segmentation (Section 3.2) and cubic polynomial interpolation (Section 3.3), this feature becomes efficient enough to be computed by mobile devices. Due to the use of the average heartbeat (Section 3.4), the data size for the gallery and probe feature is also sufficiently small to be stored in mobile devices and transmitted via wireless media.

As a future work, we consider setting up a test-bed to evaluate the proposed remote authentication scheme for its robustness against spoof attacks and noisy biometric inputs. Using this test-bed, it will be also possible to compare the performance of heartbeat biometrics with traditional biometric modalities. In this work, we tested the proposed biometric verification method on selected ECG records with regular heartbeats. However, morphological irregularities can occur due to different cardiac conditions. In future, we also plan to extract robust features from heartbeat signals captured in different cardiac conditions.

Footnotes

Conflict of Interests

The author declares that there is no conflict of interests regarding the publication of this paper.

Acknowledgment

This work has been supported by the Research Center, College of Computer and Information Sciences, King Saud University, Riyadh, Saudi Arabia. The author is grateful for this support.

References

Hossain

M. S.

Muhammad

Cloud-based collaborative media service framework for healthcare

International Journal of Distributed Sensor Networks 2014 2014 11

858712

10.1155/2014/858712

2-s2.0-84899530265

Biel

Pettersson

Philipson

Wide

ECG analysis: a new approach in human identification

IEEE Transactions on Instrumentation and Measurement 2001 50 3 808 812

2-s2.0-0035364148

10.1109/19.930458

Wübbeler

Stavridis

Kreiseler

Bousseljot

R.-D.

Elster

Verification of humans using the electrocardiogram

Pattern Recognition Letters 2007 28 10 1172 1175

10.1016/j.patrec.2007.01.014

2-s2.0-34248163867

Chan

A. D. C.

Hamdy

M. M.

Badre

Badee

Wavelet distance measure for person identification using electrocardiograms

IEEE Transactions on Instrumentation and Measurement 2008 57 2 248 253

10.1109/TIM.2007.909996

2-s2.0-39449110375

Lourenço

Silva

Fred

Unveiling the biometric potential of finger-based ECG signals

Computational Intelligence and Neuroscience 2011 2011 8

720971

10.1155/2011/720971

2-s2.0-80053535013

Alajlan

Islam

M. S.

Ammour

Fusion of fingerprint and heartbeat biometrics using fuzzy adaptive genetic algorithm

Proceedings of the World Congress on Internet Security (WorldCIS ′13)

December 2013

London, UK

76 81

10.1109/worldcis.2013.6751021

2-s2.0-84898439172

Islam

M. S.

Alajlan

Augmented-Hilbert transform for detecting peaks of a Finger-ECG signal

Proceedings of the IEEE Conference on Biomedical Engineering and Sciences

2014

Miri, Malaysia

836 839

Irvine

J. M.

Israel

S. A.

Todd Scruggs

Worek

W. J.

eigenPulse: robust human identification from cardiovascular function

Pattern Recognition 2008 41 11 3427 3435

10.1016/j.patcog.2008.04.015

2-s2.0-48149115210

Fatemian

S. Z.

Hatzinakos

A new ECG feature extractor for biometric recognition

Proceedings of the 16th International Conference on Digital Signal Processing (DSP ′09)

July 2009

1 6

10.1109/icdsp.2009.5201143

2-s2.0-70449589070

10.

Agrafioti

Hatzinakos

Signal validation for cardiac biometrics

Proceedings of the IEEE International Conference on Acoustics, Speech, and Signal Processing (ICASSP ′10)

2010

1734 1737

10.1109/icassp.2010.5495461

2-s2.0-78049374377

11.

Agrafioti

Hatzinakos

ECG biometric analysis in cardiac irregularity conditions

Signal, Image and Video Processing 2009 3 4 329 343

10.1007/s11760-008-0073-4

2-s2.0-70350621371

12.

Lamport

Password authentication with insecure communication

Communications of the ACM 1981 24 11 770 772

10.1145/358790.358797

2-s2.0-0019634370

13.

Hwang

M.-S.

L.-H.

A new remote user authentication scheme using smart cards

IEEE Transactions on Consumer Electronics 2000 46 1 28 30

2-s2.0-0034140374

10.1109/30.826377

14.

Niu

J.-W.

Wang

W.-D.

Liu

C.-L.

Cryptanalysis and improvement of a biometrics-based remote user authentication scheme using smart cards

Journal of Network and Computer Applications 2011 34 1 73 79

2-s2.0-78649335192

10.1016/j.jnca.2010.09.003

15.

C.-T.

Hwang

M.-S.

An efficient biometrics-based remote user authentication scheme using smart cards

Journal of Network and Computer Applications 2010 33 1 1 5

2-s2.0-70349792182

10.1016/j.jnca.2009.08.001

16.

Lin

C.-H.

Lai

Y.-Y.

A flexible biometrics remote user authentication scheme

Computer Standards and Interfaces 2004 27 1 19 23

10.1016/j.csi.2004.03.003

2-s2.0-4043139259

17.

Khan

M. K.

Zhang

Improving the security of “a flexible biometrics remote user authentication scheme”

Computer Standards and Interfaces 2007 29 1 82 85

10.1016/j.csi.2006.01.002

2-s2.0-33751167604

18.

Singh

Y. N.

Singh

S. K.

Gupta

Fusion of electrocardiogram with unobtrusive biometrics: an efficient individual authentication system

Pattern Recognition Letters 2012 33 14 1932 1941

10.1016/j.patrec.2012.03.010

2-s2.0-84865577334

19.

Matsumoto

Yamada

Hoshino

Impact of artificial ‘gummy’ fingers on fingerprint systems

4677

Optical Security and Counterfeit Deterrence Techniques IV

January 2002

275 289 Proceedings of SPIE

10.1117/12.462719

2-s2.0-0036030112

20.

Ruiz-Albacete

Tome-Gonzalez

Alonso-Fernandez

Galbally

Fierrez

Ortega-Garcia

Direct attacks using fake images in iris verification

Biometrics and Identity Management: 1st European Workshop on Biometrics and Identity Management (BIOID ′08), Roskilde, Denmark, May 7–9, 2008 2008 5372

Berlin, Germany

Springer

181 190 Lecture Notes in Computer Science

10.1007/978-3-540-89991-4_19

21.

Bao

Jiang

A liveness detection method for face recognition based on optical flow field

Proceedings of the International Conference on Image Analysis and Signal Processing (IASP ′09)

2009

233 236

10.1109/iasp.2009.5054589

2-s2.0-70349923415

22.

Das

A. K.

Cryptanalysis and further improvement of a biometric-based remote user authentication scheme using smart cards

International Journal of Network Security & Its Applications 2011 3 2 13 28

10.5121/ijnsa.2011.3202

23.

Sörnmo

Laguna

Bioelectrical Signal Processing in Cardiac and Neurological Applications 2005

Burlington, Mass, USA

Elsevier Academic Press

24.

Islam

M. S.

Alajlan

Bazi

Hichri

H. S.

HBS: a novel biometric feature based on heartbeat morphology

IEEE Transactions on Information Technology in Biomedicine 2012 16 3 445 453

10.1109/titb.2012.2188535

2-s2.0-84860682663

25.

Sidek

Sufi

Khalil

Al-Shammary

An efficient method of biometric matching using interpolated ECG data

Proceedings of the IEEE EMBS Conference on Biomedical Engineering and Sciences (IECBES ′10)

December 2010

330 335

10.1109/iecbes.2010.5742255

2-s2.0-79955368603

26.

Islam

M. S.

Alajlan

A morphology alignment method for resampled heartbeat signals

Biomedical Signal Processing and Control 2013 8 3 315 324

2-s2.0-84875760283

10.1016/j.bspc.2012.11.006

27.

Islam

M. S.

Alajlan

Malik

Resampling of ECG signal for improved morphology alignment

Electronics Letters 2012 48 8 427 429

10.1049/el.2012.0421

2-s2.0-84861615350

28.

Fatemian

S. Z.

A wavelet-based approach to electrocardiogram (ECG) and phonocardiogram (PCG) subject recognition [Masters of Applied Science] 2009

Graduate Department of Electrical and Computer Engineering, University of Toronto

29.

PTB diagnostic ECG database, http://physionet.org/physiobank/database/ptbdb/

30.

Fang

S.-C.

Chan

H.-L.

Human identification by quantifying similarity and dissimilarity in electrocardiogram phase space

Pattern Recognition 2009 42 9 1824 1831

10.1016/j.patcog.2008.11.020

2-s2.0-67349239359

31.

Islam

M. S.

Alajlan

An efficient QRS detection method for ECG signal captured from fingers

Proceedings of the IEEE International Conference on Multimedia and Expo Workshops (ICMEW ′13)

July 2013

San Jose, Calif, USA

2-s2.0-84888265378

10.1109/icmew.2013.6618388

32.

Srikanth

Napper

S. A.

Assessment of resampling methodologies of electrocardiogram signals for feature extraction, statistical and neural networks applications

Proceedings of the Computers in Cardiology Conference

1998

Cleveland, Ohio, USA

537 540

10.1109/CIC.1998.731921

33.

Agrafioti

Hatzinakos

ECG based recognition using second order statistics

Proceedings of the 6th Annual Communication Networks and Services Research Conference (CNSR ′08)

May 2008

82 87

10.1109/cnsr.2008.38

2-s2.0-49649093077

Heartbeat Biometrics for Remote Authentication Using Sensor Embedded Computing Devices

Abstract

1. Introduction

2. Remote Authentication Scheme

2.1. Registration Phase

2.2. Login Phase

2.3. Authentication Phase

2.4. Password Change Phase

3. Biometric Verification

3.1. Preprocessing

3.2. Heartbeat Segmentation

3.3. Heartbeat Alignment

3.4. Morphology Averaging

3.5. Matching

3.6. Experimental Results

4. Discussion and Conclusion

Footnotes

Conflict of Interests

Acknowledgment

References