Finger Print Identification Techniques From Abrading.docx

  • Uploaded by: Eminent Projects
  • 0
  • 0
  • May 2020
  • PDF

This document was uploaded by user and they confirmed that they have the permission to share it. If you are author or own the copyright of this book, please report to us by using this DMCA report form. Report DMCA


Overview

Download & View Finger Print Identification Techniques From Abrading.docx as PDF for free.

More details

  • Words: 8,592
  • Pages: 43
FINGER PRINT IDENTIFICATION TECHNIQUES FROM ABRADING, CUTTING, AND BURNING FINGERS Abstract The widespread deployment of Automated Fingerprint Identification Systems (AFIS) in law enforcement and border control applications has heightened the need for ensuring that these systems are not compromised. While several issues related to fingerprint system security have been investigated, including the use of fake fingerprints for masquerading identity, the problem of fingerprint alteration or obfuscation has received very little attention. Fingerprint obfuscation refers to the deliberate alteration of the fingerprint pattern by an individual for the purpose of masking his identity. Several cases of fingerprint obfuscation have been reported in the press. Fingerprint image quality assessment software (e.g., NFIQ) cannot always detect altered fingerprints since the implicit image quality due to alteration may not change significantly. In this work, case studies of incidents where individuals were found to have altered their fingerprints for circumventing AFIS are compiled and the impact of fingerprint alteration on the accuracy of a commercial fingerprint matcher is investigated. The alterations are classified into three major categories and possible countermeasures are suggested. A technique is developed to automatically detect altered fingerprints based on analyzing orientation field and minutiae distribution. The proposed technique and the NFIQ algorithm are evaluated on a large database of altered fingerprints provided by a law enforcement agency. Experimental results show the feasibility of the proposed approach in detecting altered fingerprints and highlight the need to further pursue this problem.

Eminent Technology Solutions

EMINENT TECHNOLOGY SOLUTION is one of the leading information technology companies. Through its Global Network Delivery Model, Innovation Network and Solution Accelerators, ETS focuses on helping global organizations address their business challenges effectively. ETS is an enterprise software company and it’s headquartering at Bangalore, regional Office at Madurai and having branch offices in all over Tamil Nadu. It possesses not only the latest technology gadgets but also the most knowledgeable and experienced hands to offer most user friendly customized solutions. ETS offers a unique, customer-centric model for delivering software products and services. The vision, ability to execute and financial resources to be a great business partner for your enterprise. Our offerings for application delivery, application management, and IT governance help customers maximize the business value of IT by optimizing application quality, performance, and availability as well as managing IT costs, risks, and compliance. ETS offers the following solutions to the IT industry:  Software Development  Web Development  High-End Training for Students & Professionals

Who we are

Eminent Technology Solutions is a Software Development, IT Solution, Academic Projects, Website Development and Professional Services providing Company. The company is located at the Silicon City of India, Bangalore. The company was founded by Vast Experienced Global IT Professional to meet the challenges of the present growing global technological environment with respect to the Information Technology Sector. Eminent Technology Solutions shall meet the global challenges with its pool of highly qualified Professionals. The company has competencies in Customized Software Development, Out-sourcing of manpower and consultancy in the areas of Information Systems, Analysis, Design, Development and Implementation.

Company's Mission Statement To develop cost effective better performing user-friendly computer based business solutions with quality and reliability within the time frame. In the process create satisfied customers and proud employees. Company's Values Trust each other with utmost respect. Continuous skill improvement with professional work environment.

CHAPTER I INTRODUCTION Biometrics is a method of recognizing a person based on physiological and behavioral characteristics such as face, fingerprints, hand geometry, handwriting, iris, palm print, voice. Among all biometric modality fingerprint is the most popular biometric identification technique. Fingerprints are unique even twins does not have same fingerprint patterns. A fingerprint contains many features as termination, bifurcation (fig-1), loops, island, whorls, core, delta but the most widely used feature of fingerprint is ridges and valleys. Ridges are the dark area and valleys are the white area on fingerprint.

Figure.1 Typical fingerprint with its features and Figure.2 Typical termination and bifurcation Fingerprint recognition has been successfully used by law enforcement agencies to identify suspects and victims for almost 100 years. Recent advances in automated fingerprint identification technology, coupled with the growing need for reliable person identification, have resulted in an increased use of fingerprints in both government and civilian applications such as border control, employment background checks, and secure facility access. The success of fingerprint recognition systems in accurately identifying individuals has prompted some individuals to engage in extreme measures for the purpose of circumventing these systems. The primary purpose of fingerprint alteration is to evade identification using techniques varying from abrading, cutting, and burning fingers to perform plastic surgery.

The use of altered fingerprints to mask one’s identity constitutes a serious “attack” against a border control biometric system since it defeats the very purpose for which the system was deployed in the first place, i.e., to identify individuals in a watch list. It should be

noted that altered fingerprints are different from fake fingerprints. The use of fake fingers made of glue, latex, or silicone is a well-publicized method to circumvent fingerprint systems. Altered fingerprints, however, are real fingers that are used to conceal one’s identity in order to evade identification by a biometric system. While fake fingers are typically used by individuals to adopt another person’s identity, altered fingers are used to mask one’s own identity. In order to detect attacks based on fake fingers, many software and hardware solutions have been proposed. However, the problem of altered fingerprints has hitherto not been studied in the literature and there are no reported techniques to identify them. Furthermore, the lack of public databases comprised of altered fingerprint images has stymied research in this area. One of the goals of this paper is to highlight the importance of the problem, analyze altered fingerprints, and propose an automatic detection algorithm for them. TYPES OF ALTERED FINGERPRINTS The altered fingerprints into three categories based on the changes in ridge pattern due to alteration. This categorization will assist us in following manner: 1) Getting a better understanding of the nature of alterations that can be encountered, 2) detecting altered fingerprints by modeling well-defined subcategories, and 3) developing methods for altered fingerprint restoration. Obliteration Friction ridge patterns on fingertips can be obliterated by abrading, cutting, burning, applying strong chemicals, and transplanting smooth skin. Further factors such as skin disease (such as leprosy) and side effects of a cancer drug can also obliterate fingerprints. Friction ridge structure is barely visible within the obliterated region. Obliteration appears to be the most popular form of alteration. This may be because obliteration, which completely destroys ridge structures, is much simpler to perform than distortion/imitation, which requires a surgical procedure. Furthermore, detecting distorted or imitated fingerprints is much more difficult for human examiners than obliterated fingerprints. Obliterated fingerprints can evade fingerprint quality control software, depending on the area of the damage. If the affected finger area is small, the existing fingerprint quality assessment software may fail to detect it as an altered fingerprint,

but AFIS is likely to successfully match the damaged fingerprint to the original mated fingerprint. But, if the altered area is sufficiently large, fingerprint quality control software can easily detect the damage. To identify individuals with severely obliterated fingerprints, it may be necessary to treat these fingerprints as latent images, perform AFIS search using manually marked features, and adopt an appropriate fusion scheme for tenprint search. In rare cases, even if the finger surface is completely damaged, the dermal papillary surface, which contains the same pattern as the epidermal pattern, may be used for identification. Distortion Friction ridge patterns on fingertips can be turned into unnatural ridge patterns by removing portions of skin from a fingertip and either grafting them back in different positions or replacing them with friction ridge skin from the palm or sole. Distorted fingerprints have unusual ridge patterns which are not found in natural fingerprints. These abnormalities include abnormal spatial distribution of singular points or abrupt changes in orientation field along the scars. Distorted fingerprints can also successfully pass the fingerprint quality test since their local ridge structure remains similar to natural fingerprints while their global ridge pattern is abnormal. Fingerprints altered by “Z” cut are of special interest since they retain their original ridge structure, enabling reconstruction of the original fingerprint before alteration. Therefore, it is imperative to upgrade current fingerprint quality control software to detect the distorted fingerprints. Once detected, the following operations may be performed to assist AFIS: 1) identify unaltered regions of the fingerprint and manually mark the features in these regions and 2) reconstruct the original fingerprint as in the “Z” cut case. Imitation Friction ridge patterns on fingertips can still preserve fingerprint-like pattern after an elaborate procedure of fingerprint alteration: 1) a portion of skin is removed and the remaining skin is pulled and stitched together, 2) friction ridge skin from other parts of the body is used to fill the removed part of the fingertip to reconcile with the remaining ridge structure, or 3) transplantation of the entire fingertip. Imitated fingerprints can not only successfully pass the fingerprint quality assessment software, they can also confound human examiners. To match altered fingerprints, matching algorithms that are robust to distortion and inconsistency are to be developed. In the case where fingerprints from different fingers are swapped, fingerprint matching without using finger position information.

CHAPTER II Existing System Fingerprint alteration has even been performed at a much larger scale involving a group of individuals. It has been reported that hundreds of asylum seekers had cut, abraded, and burned their fingertips to prevent identification by EURODAC, a European Union-wide fingerprint system for identifying asylum seekers. Although the number of publicly disclosed cases of altered fingerprints is not very large, it is extremely difficult to estimate the actual number of individuals who have successfully evaded identification by fingerprint systems as a result of fingerprint alteration. Almost all the people identified as having altered their fingerprints were not detected by AFIS, but by some other means. Since existing fingerprint quality assessment algorithms are designed to examine if an image contains sufficient information (say, minutiae) for matching, they have limited capability in determining if an image is a natural fingerprint or an altered fingerprint. Obliterated fingerprints can evade fingerprint quality control software, depending on the area of the damage. If the affected finger area is small, the existing fingerprint quality assessment software may fail to detect it as an altered fingerprint. The quality assessment software of existing system cannot detect the altered fingerprint. Hence, it cannot detect it as altered fingerprint if the altered areas are small.

CHAPTER III Proposed System Developing an automatic solution to detect altered fingerprints is the first step in defeating fingerprint alteration. Fingerprint quality assessment routines used in most fingerprint identification systems, such as the open source NIST Fingerprint Image Quality (NIFQ) software, may be useful in detecting altered fingerprints if the corresponding images are indeed of poor quality. But, not all altered fingerprint images have poor quality. Since existing fingerprint quality assessment algorithms are designed to examine if an image contains sufficient information (say, minutiae) for matching, they have limited capability in determining if an image is a natural fingerprint or an altered fingerprint. The proposed system was evaluated at two levels: finger level and subject level. At the finger level, we evaluate the performance of distinguishing between natural and altered fingerprints. At the subject level, we evaluate the performance of distinguishing between subjects with natural fingerprints and those with altered fingerprints. The main contributions of this work are: 1) Compiling case studies of incidents where individuals are found to have altered their fingerprints for circumventing AFIS. 2) Investigating the impact of fingerprint alteration on the accuracy of a commercial fingerprint matcher. 3) Classifying the alterations into three major categories and suggesting possible countermeasures. 4) Developing a technique to automatically detect altered fingerprints based on analyzing orientation field and minutiae distribution, and 5) Evaluating the proposed technique and the NFIQ algorithm on a large database of altered fingerprints provided by a law enforcement agency. Experimental results show the feasibility of the proposed approach in detecting altered fingerprints and highlight the need to further pursue this problem.

System Architecture

The proposed algorithm based on the features extracted from the orientation field and minutiae satisfy the three essential requirements for alteration detection algorithm: 1) Fast operational time, 2) High true positive rate at low false positive rate, and 3) Ease of integration into AFIS.

Data Flow Diagram

Modules 1. Detection of Altered Fingerprints a. Normalization b. Orientation field estimation c. Orientation field approximation d. Feature extraction 2. Analysis of Minutiae Distribution

Modules Description 1. DETECTION OF ALTERED FINGERPRINTS A. NORMALIZATION An input fingerprint image is normalized by cropping a rectangular region of the fingerprint, which is located at the center of the fingerprint and aligned along the longitudinal direction of the finger, using the NIST Biometric Image Software (NBIS). This step ensures that the features extracted in the subsequent steps are invariant with respect to translation and rotation of finger. B. ORIENTATION FIELD ESTIMATION The orientation field of the fingerprint is computed using the gradient-based method. The initial orientation field is smoothed averaging filter, followed by averaging the orientations in pixel blocks. A foreground mask is obtained by measuring the dynamic range of gray values of the fingerprint image in local blocks and morphological process for filling holes and removing isolated blocks is performed. C. ORIENTATION FIELD APPROXIMATION The orientation field is approximated by a polynomial model to obtain. D. FEATURE EXTRACTION The error map is computed as the absolute difference between and used to construct the feature vector. 2. ANALYSIS OF MINUTIAE DISTRIBUTION In this module, a minutia in the fingerprint indicates ridge characteristics such as ridge ending or ridge bifurcation. Almost all fingerprint recognition systems use minutiae for matching. In addition to the abnormality observed in orientation field, we also noted that minutiae distribution of altered fingerprints often differs from that of natural fingerprints. Based on the minutiae extracted from a fingerprint by the open source minutiae extractor in

NBIS, a minutiae density map is constructed by using the Parzen window method with uniform kernel function. ER Diagram

SYSTEM REQUIREMENT HARDWARE REQUIREMENTS 

System

:

Pentium IV 2.4 GHz.



Hard Disk

:

80 GB.



Monitor

:

15 VGA Color.



Mouse

:

Logitech.



Ram

:

512 MB.

SOFTWARE REQUIREMENTS 

Operating system

:

Windows 7 Ultimate



Front End

:

Visual Studio 2010



Coding Language

:

C#.NET



Database

:

SQL Server 2008

CHAPTER IV Feasibility Study The feasibility study is an evaluation of proposed system regarding its workability, organizational ability to meet user needs and effective use of resources. When a new application is proposed, it should go through the feasibility study before it is approved for the development. There are three aspects of feasibility study. 1. Technical Feasibility 2. Economic Feasibility 3. Operational Feasibility Technical Feasibility The consideration that is normally associated with the technical feasibility includes where the project is to be developed and implemented. The proposed software should have the security for data and should be very fast in processing the data efficiently. A basic knowledge to operate a computer is sufficient to handle the system, since the system is designed to provide user-friendly access. Economic Feasibility Economic justification is generally the “Bottom Line” consideration for most systems. It includes a broad range of concerns that include the Cost-benefit analysis. The cost-benefit analysis delineates costs for project development and weights then against tangible and development of the system. Hence, there are tangible and intangible benefits the project development. Operational Feasibility The new system must be accepted by the user. In this system, the administrator is one of the users. As users are responsible for initiating the development of a new system, this is rooted out. Cost-benefit analysis (CBA) is an analytical tool for assessing and the pros and cons of moving forward with a business proposal.

A formal CBA tallies all of the planned project costs, quantifies each of the tangible benefits and calculates key financial performance metrics such as return on investment (ROI), net present value (NPV), internal rate of return (IRR) and payback period. The costs associated with taking action are then subtracted from the benefits that would be gained. As a general rule, the costs should be less than 50 percent of the benefits and the payback period shouldn't exceed 12 months.

A CBA is considered to be a subjective (as opposed to objective) assessment tool because cost and benefit calculations can be influenced by the choice of supporting data and estimation methodologies. Sometimes its most valuable use when assessing the value of a business proposal is to serve as a vehicle for discussion. Cost-benefit analysis is sometimes called benefit-cost analysis (BCA).The CBAM consists of the following steps: 1. Choosing scenarios and architectural strategies 2. Assessing quality attribute benefits 3. Quantifying the benefits of architectural strategies 4. Quantifying the costs and schedule implications of architectural strategies 5. Calculating desirability and making decisions

CHAPTER V System Design System design concentrates on moving from problem domain to solution domain. This important phase is composed of several steps. It provides the understanding and procedural details necessary for implementing the system recommended in the feasibility study. Emphasis is on translating the performance requirements into design specification.

The design of any software involves mapping of the software requirements into Functional modules. Developing a real time application or any system utilities involves two processes. The first process is to design the system to implement it. The second is to construct the executable code.

Software design has evolved from an intuitive art dependent on experience to a science, which provides systematic techniques for the software definition. Software design is a first step in the development phase of the software life cycle.

Before design the system user requirements have been identified, information has been gathered to verify the problem and evaluate the existing system. A feasibility study has been conducted to review alternative solution and provide cost and benefit justification. To overcome this proposed system is recommended. At this point the design phase begins.

The process of design involves conceiving and planning out in the mind and making a drawing. In software design, there are three distinct activities: External design, Architectural design and detailed design. Architectural design and detailed design are collectively referred to as internal design. External design of software involves conceiving and planning out and specifying the externally observable characteristics of a software product.

Input Design: Systems design is the process of defining the architecture, components, modules, interfaces, and data for a system to satisfy specified requirements. Systems design could be seen as the application of systems theory to product development. There is some overlap with the disciplines of systems analysis, systems architecture and systems engineering. Input Design is the process of converting a user oriented description of the inputs to a computer-based business system into a programmer-oriented specification. •

Input data were found to be available for establishing and maintaining master and transaction files and for creating output records



The most suitable types of input media, for either off-line or on-line devices, where selected after a study of alternative data capture techniques.

Input Design Consideration •

The field length must be documented.



The sequence of fields should match the sequence of the fields on the source document.



The data format must be identified to the data entry operator.

Design input requirements must be comprehensive.

Product complexity and the risk

associated with its use dictate the amount of detail •

These specify what the product does, focusing on its operational capabilities and the processing of inputs and resultant outputs.



These specify how much or how well the product must perform, addressing such issues as speed, strength, response times, accuracy, limits of operation, etc.

Output Design: A quality output is one, which meets the requirements of the end user and presents the information clearly. In any system results of processing are communicated to the users and to other system through outputs. In output design it is determined how the information is to be displaced for immediate need and also the hard copy output. It is the most important and direct source information to the user. Efficient and intelligent output design improves the system’s relationship to help user decision-making. 1. Designing computer output should proceed in an organized, well thought out manner; the right output must be developed while ensuring that each output element is designed so that people will find the system can use easily and effectively. When analysis design computer output, they should Identify the specific output that is needed to meet the requirements. 2. Select methods for presenting information. 3. Create document, report, or other formats that contain information produced by the system. The output form of an information system should accomplish one or more of the following objectives. •

Convey information about past activities, current status or projections of the



Future.



Signal important events, opportunities, problems, or warnings.



Trigger an action.



Confirm an action.

CHAPTER VI Literature Survey S. No 1.

Title Fast

Year

fingerprint 2014

identification

for

Methodology A

distributed Due to the higher number

framework

large databases

Disadvantage

for of minutiae of the rolled

fingerprint matching to fingerprints, the matching tackle large databases process

is

more

in a reasonable time is computationally complex. proposed.

2.

A knowledge-based 2015

A

decision

adaptive

support

user-centric

and High

framework complexity.

system for adaptive

that

fingerprint

knowledge

of

fingerprint

examiners

identification uses

that

relevance

computational

allows

tacit

to be captured and re-

feedback

used to enhance their future

decisions

is

presented. 3.

Towards contactless,

2013 low-

A new representation of The matching accuracy is 3D

finger

surface low.

cost and accurate 3d

features using Finger

fingerprint

Surface

identification

developed.

Codes

is

4.

Hierarchical

2013

A novel

hierarchical The

Minutiae Matching

minutiae

for Fingerprint

algorithm

for

and

fingerprint

and

Palmprint

Identification

time

required

for

matching searching is high.

palmprint identification systems is proposed.

5.

A new RBFN with 2016

A

modified

optimal

Function

clustering algorithm

(RBFN)

for

Modified

clear

and

Radial

Basis Low accuracy and high Network learning time.

based

on

Optimal

occluded fingerprint

Clustering

Algorithm

identification

(MOCA) is developed for clear and occluded fingerprint identification.

Software Description A programming infrastructure

created

by Microsoft for

building,

deploying,

and

running applications and services that use .NET technologies, such as desktop applications and Web services. The .NET Framework contains three major parts: 

the Common Language Runtime



the Framework Class Library



ASP.NET.

Microsoft started development of the .NET Framework in the late 1990s, originally under the name of Next Generation Windows Services (NGWS). By late 2000 the first beta versions of .NET 1.0 were released. The .NET Framework (pronounced dot net) is a software framework developed by Microsoft that runs primarily on Microsoft Windows. It includes a large library and provides language interoperability (each language can use code written in other languages) across several programming languages. Programs written for the .NET Framework execute in a software environment (as contrasted to hardware environment), known as the Common Language Runtime (CLR), an application virtual machine that provides services such as security, memory management, and exception handling. The class library and the CLR together constitute the .NET Framework. An application software platform from Microsoft introduced in 2002 and commonly called .NET ("dot net"). The .NET platform is similar in purpose to the Java EE platform, and like Java's JVM runtime engine, .NET's runtime engine must be installed in the computer in order to run .NET applications. .NET Programming Languages .NET is similar to Java because it uses an intermediate bytecode language that can be executed on any hardware platform that has a runtime engine. It is also unlike Java, as it provides support for multiple programming languages. Microsoft languages are C# (C Sharp), J# (J Sharp), Managed C++, JScript.NET and Visual Basic.NET. Other languages have been reengineered in the European version of .NET, called the Common Language Infrastructure .NET Versions

.

.NET Framework 1.0 introduced the Common Language Runtime (CLR) and .NET Framework 2.0 added enhancements. .NET Framework 3.0 included the Windows programming interface (API) originally known as "WinFX," which is backward compatible with the Win32 API. .NET Framework 3.0 added the following four subsystems and was installed with Windows, starting with Vista. .NET Framework 3.5 added enhancements and introduced a client-only version (see .NET Framework Client Profile). .NET Framework 4.0 added parallel processing and language enhancements. TheUserInterface(WPF) Windows Presentation Foundation (WPF) provides the user interface. It takes advantage of advanced 3D graphics found in many computers to display a transparent, glass-like appearance. Messaging (WCF) Windows Communication Foundation (WCF) enables applications to communicate with each other locally and remotely, integrating local messaging with Web services.. Workflow (WWF) Windows Workflow Foundation (WWF) is used to integrate applications and automate tasks. Workflow structures can be defined in the XML Application Markup Language. User Identity (WCS) Windows CardSpace (WCS) provides an authentication system for logging into a Web site and transferring personal information.

DESIGN FEATURES Interoperability Because computer systems commonly require interaction between newer and older applications, the .NET Framework provides means to access functionality implemented in newer and older programs that execute outside the .NET environment. Access to COM components

is

provided

in

the

System

.Runtime.

InteropServices

and

System.Enterprise Services namespaces of the framework; access to other functionality is achieved using the P/Invoke feature. Common Language Runtime engine The Common Language Runtime (CLR) serves as the execution engine of the .NET Framework. All .NET programs execute under the supervision of the CLR, guaranteeing certain properties and behaviors in the areas of memory management, security, and exception handling. Language independence The .NET Framework introduces a Common Type System, or CTS. The CTS specification defines all possible data types and programming constructs supported by the CLR and how they may or may not interact with each other conforming to the Common Language Infrastructure (CLI) specification. Because of this feature, the .NET Framework supports the exchange of types and object instances between libraries and applications written using any conforming .NET language. Base Class Library The Base Class Library (BCL), part of the Framework Class Library (FCL), is a library of functionality available to all languages using the .NET Framework. The BCL provides classes that encapsulate a number of common functions, including file reading and writing, graphic rendering, database interaction, XML document manipulation, and so on. It consists of classes, interfaces of reusable types that integrates with CLR(Common Language Runtime).

Simplified deployment The .NET Framework includes design features and tools which help manage the installation of computer software to ensure it does not interfere with previously installed software, and it conforms to security requirements. Security The design addresses some of the vulnerabilities, such as buffer overflows, which have been exploited by malicious software. Additionally, .NET provides a common security model for all applications. Portability While Microsoft has never implemented the full framework on any system except Microsoft Windows, it has engineered the framework to be platform-agnostic and crossplatform implementations are available for other operating systems (see Silverlight and the Alternative implementations section below). Microsoft submitted the specifications for the Common Language Infrastructure (which includes the core class libraries, Common Type System, and the Common Intermediate Language), the C# language and the C++/CLI language[8] to both ECMAand the ISO, making them available as official standards. This makes it possible for third parties to create compatible implementations of the framework and its languages on other platforms.

ARCHITECTURE:

Overview of the Common Language Infrastructure Common Language Infrastructure (CLI) The purpose of the Common Language Infrastructure (CLI) is to provide a languageneutral platform for application development and execution, including functions for exception handling, garbage collection, security, and interoperability. By implementing the core aspects of the .NET Framework within the scope of the CLI, this functionality will not be tied to a single language but will be available across the many languages supported by the framework. Microsoft's implementation of the CLI is called the Common Language Runtime, or CLR.

Security .NET has its own security mechanism with two general features: Code Access Security (CAS), and validation and verification. Code Access Security is based on evidence that is associated with a specific assembly. Typically the evidence is the source of the assembly (whether it is installed on the local machine or has been downloaded from the intranet or Internet). Code Access Security uses evidence to determine the permissions granted to the code. Other code can demand that calling code is granted a specified permission. The demand causes the CLR to perform a call stack walk: every assembly of each method in the call stack is checked for the required permission; if any assembly is not granted the permission a security exception is thrown. Class library Namespaces in the BCL[9] System System.Diagnostics System.Globalization System.Resources System.Text System.Runtime.Serialization System.Data

The .NET Framework includes a set of standard class libraries. The class library is organized in a hierarchy of namespaces. Most of the built-in APIs are part of either System.* or Microsoft.* namespaces. These class libraries implement a large number of common functions, such as file reading and writing, graphic rendering, database

interaction, and XML document manipulation, among others. The .NET class libraries are available to all CLI compliant languages. Memory management The .NET Framework CLR frees the developer from the burden of managing memory (allocating and freeing up when done); it handles memory management itself by detecting when memory can be safely freed. Instantiations of .NET types (objects) are allocated from the managed heap; a pool of memory managed by the CLR.. When there is no reference to an object, and it cannot be reached or used, it becomes garbage, eligible for collection. NET Framework includes a garbage collector which runs periodically, on a separate thread from the application's thread, that enumerates all the unusable objects and reclaims the memory allocated to them. VB.NET VB.NET uses statements to specify actions. The most common statement is an expression statement, consisting of an expression to be evaluated, on a single line. As part of that evaluation, functions or subroutines may be called and variables may be assigned new values. To modify the normal sequential execution of statements, VB.NET provides several controlflow statements identified by reserved keywords. Structured programming is supported by several

constructs

including

two

conditional

execution

constructs

( If … Then … Else … End If and Select Case ... Case ... End Select ) and three iterative execution

(loop)

constructs

( Do … Loop , For … To ,

and For

Each )

.

The For … To statement has separate initialization and testing sections, both of which must be present. (See examples below.) The For Each statement steps through each value in a list. In addition, in Visual Basic .NET: 

There is no unified way of defining blocks of statements. Instead, certain keywords, such as "If … Then" or "Sub" are interpreted as starters of sub-blocks of code and have matching termination keywords such as "End If" or "End Sub".



Statements are terminated either with a colon (":") or with the end of line. Multiple line statements in Visual Basic .NET are enabled with " _" at the end of each such line. The need for the underscore continuation character was largely removed in version 10 and later versions.[2]



The equals sign ("=") is used in both assigning values to variable and in comparison.



Round brackets (parentheses) are used with arrays, both to declare them and to get a value at a given index in one of them. Visual Basic .NET uses round brackets to define the parameters of subroutines or functions.



A single quotation mark ('), placed at the beginning of a line or after any number of space or tab characters at the beginning of a line, or after other code on a line, indicates that the (remainder of the) line is a comment.

CHAPTER VII System Testing Software Testing Software testing is an investigation conducted to provide stakeholders with information about the quality of the product or service under test. Software testing can also provide an objective, independent view of the software to allow the business to appreciate and understand the risks of software implementation. Test techniques include, but are not limited to the process of executing a program or application with the intent of finding software bugs (errors or other defects). The purpose of testing is to discover errors. Testing is the process of trying to discover every conceivable fault or weakness in a work product. It provides a way to check the functionality of components, sub-assemblies, assemblies and/or a finished product. It is the process of exercising the software with the intent of ensuring that the software system meets its requirements and user expectations and does not fail in an unacceptable manner. There are various types of tests. Each test type addresses a specific testing requirement. Software testing is the process of evaluation a software item to detect differences between given input and expected output. Also the feature of a software item is assessed. Testing assesses the quality of the product. Software testing is a process that should be done during the development process. In other words software testing is a verification and validation process. Types of testing There are different levels during the process of Testing .Levels of testing include the different methodologies that can be used while conducting Software Testing. Following are the main levels of Software Testing: 

Functional Testing.



Non-Functional Testing.

Functional Testing

Functional Testing of the software is conducted on a complete, integrated system to evaluate the system's compliance with its specified requirements. There are five steps that are involved when testing an application for functionality. Steps Description

I

The determination of the functionality that the intended application is meant to perform.

II

The creation of test data based on the specifications of the application.

III

The output based on the test data and the specifications of the application.

IV

The writing of Test Scenarios and the execution of test cases.

V

The comparison of actual and expected results based on the executed test cases.

An effective testing practice will see the above steps applied to the testing policies of every organization and hence it will make sure that the organization maintains the strictest of standards when it comes to software quality. Unit Testing This type of testing is performed by the developers before the setup is handed over to the testing team to formally execute the test cases. Unit testing is performed by the respective developers on the individual units of source code assigned areas. The developers use test data that is separate from the test data of the quality assurance team. The goal of unit testing is to isolate each part of the program and show that individual parts are correct in terms of requirements and functionality.

Limitations of Unit Testing Testing cannot catch each and every bug in an application. It is impossible to evaluate every execution path in every software application. The same is the case with unit testing. There is a limit to the number of scenarios and test data that the developer can use to verify the source code. So after he has exhausted all options there is no choice but to stop unit testing and merge the code segment with other units. Integration Testing The testing of combined parts of an application to determine if they function correctly together is Integration testing. There are two methods of Integration Testing 

Bottom-up Integration testing



Top- Down Integration testing

S.No. 1

Integration Testing Method Bottom-up integration This testing begins with unit testing, followed by tests of progressively higher-level combinations of units called modules or builds.

2

Top-Down integration This testing, the highest-level modules are tested first and progressively lower-level modules are tested after that.

In a comprehensive software development environment, bottom-up testing is usually done first, followed by top-down testing. The process concludes with multiple tests of the complete application, preferably in scenarios designed to mimic those it will encounter in customers' computers, systems and network.

System Testing This is the next level in the testing and tests the system as a whole. Once all the components are integrated, the application as a whole is tested rigorously to see that it meets Quality Standards. This type of testing is performed by a specialized testing team. System testing is so important because of the following reasons: 

System Testing is the first step in the Software Development Life Cycle, where the application is tested as a whole.



The application is tested thoroughly to verify that it meets the functional and technical specifications.



The application is tested in an environment which is very close to the production environment where the application will be deployed.



System Testing enables us to test, verify and validate both the business requirements as well as the Applications Architecture.

Regression Testing Whenever a change in a software application is made it is quite possible that other areas within the application have been affected by this change. To verify that a fixed bug hasn't resulted in another functionality or business rule violation is Regression testing. The intent of Regression testing is to ensure that a change, such as a bug fix did not result in another fault being uncovered in the application. Regression testing is so important because of the following reasons: 

Minimize the gaps in testing when an application with changes made has to be tested.



Testing the new changes to verify that the change made did not affect any other area of the application.



Mitigates Risks when regression testing is performed on the application.



Test coverage is increased without compromising timelines.



Increase speed to market the product.

Acceptance Testing

This is arguably the most importance type of testing as it is conducted by the Quality Assurance Team who will gauge whether the application meets the intended specifications and satisfies the client requirements. The QA team will have a set of pre written scenarios and Test Cases that will be used to test the application. More ideas will be shared about the application and more tests can be performed on it to gauge its accuracy and the reasons why the project was initiated. Acceptance tests are not only intended to point out simple spelling mistakes, cosmetic errors or Interface gaps, but also to point out any bugs in the application that will result in system crashers or major errors in the application. By performing acceptance tests on an application the testing team will deduce how the application will perform in production. There are also legal and contractual requirements for acceptance of the system. Alpha Testing This test is the first stage of testing and will be performed amongst the teams (developer and QA teams). Unit testing, integration testing and system testing when combined are known as alpha testing. During this phase, the following will be tested in the application: 

Spelling Mistakes



Broken Links



Cloudy Directions



The Application will be tested on machines with the lowest specification to test loading times and any latency problems.

Beta Testing This test is performed after Alpha testing has been successfully performed. In beta testing a sample of the intended audience tests the application. Beta testing is also known as pre-release testing. Beta test versions of software are ideally distributed to a wide audience on the Web, partly to give the program a "real-world" test and partly to provide a preview of the next release. In this phase the audience will be testing the following: 

Users will install, run the application and send their feedback to the project team.



Typographical errors, confusing application flow, and even crashes.



Getting the feedback, the project team can fix the problems before releasing the software to the actual users.



The more issues you fix that solve real user problems, the higher the quality of your application will be.



Having a higher-quality application when you release to the general public will increase customer satisfaction.

Non-Functional Testing This section is based upon the testing of the application from its non-functional attributes. Non-functional testing of Software involves testing the Software from the requirements which are nonfunctional in nature related but important a well such as performance, security, and user interface etc. Some of the important and commonly used nonfunctional testing types are mentioned as follows: Performance Testing It is mostly used to identify any bottlenecks or performance issues rather than finding the bugs in software. There are different causes which contribute in lowering the performance of software: 

Network delay.



Client side processing.



Database transaction processing.



Load balancing between servers.



Data rendering.

Performance testing is considered as one of the important and mandatory testing type in terms of following aspects: 

Speed (i.e. Response Time, data rendering and accessing)



Capacity



Stability



Scalability

It can be either qualitative or quantitative testing activity and can be divided into different sub types such as Load testing and Stress testing. Load Testing Load testing is a process of testing the behavior of the Software by applying maximum load in terms of Software accessing and manipulating large input data. It can be done at both normal and peak load conditions. This type of testing identifies the maximum capacity of Software and its behavior at peak time. Most of the time, Load testing is performed with the help of automated tools such as Load Runner, AppLoader, IBM Rational Performance Tester, Apache JMeter, Silk Performer, Visual Studio Load Test etc. Virtual users (VUsers) are defined in the automated testing tool and the script is executed to verify the Load testing for the Software. The quantity of users can be increased or decreased concurrently or incrementally based upon the requirements.

Stress Testing This testing type includes the testing of Software behavior under abnormal conditions. Taking away the resources, applying load beyond the actual load limit is Stress testing. The main intent is to test the Software by applying the load to the system and taking over the resources used by the Software to identify the breaking point. This testing can be performed by testing different scenarios such as: 

Shutdown or restart of Network ports randomly.



Turning the database on or off.



Running different processes that consume resources such as CPU, Memory, server etc.

Usability Testing This section includes different concepts and definitions of Usability testing from Software point of view. It is a black box technique and is used to identify any error(s) and improvements in the Software by observing the users through their usage and operation. According to Nielsen, Usability can be defined in terms of five factors i.e. Efficiency of use, Learn-ability, Memorability, Errors/safety, satisfaction. According to him the usability of the product will be good and the system is usable if it possesses the above factors. Nigel Bevan and Macleod considered that Usability is the quality requirement which can be measured as the outcome of interactions with a computer system. This requirement can be fulfilled and the end user will be satisfied if the intended goals are achieved effectively with the use of proper resources. Molich in 2000 stated that user friendly system should fulfill the following five goals i.e. Easy to Learn, Easy to Remember, Efficient to Use, Satisfactory to Use and Easy to Understand. In addition to different definitions of usability, there are some standards and quality models and methods which define the usability in the form of attributes and sub attributes such as ISO-9126, ISO-9241-11, ISO-13407 and IEEE std.610.12 etc. UI vs Usability Testing

UI testing involves the testing of Graphical User Interface of the Software. This testing ensures that the GUI should be according to requirements in terms of color, alignment, size and other properties. On the other hand Usability testing ensures that a good and user friendly GUI is designed and is easy to use for the end user. UI testing can be considered as a sub part of Usability testing. Security Testing Security testing involves the testing of Software in order to identify any flaws ad gaps from security and vulnerability point of view. Following are the main aspects which Security testing should ensure: 

Confidentiality.



Integrity.



Authentication.



Availability.



Authorization.



Non-repudiation.

Portability Testing Portability testing includes the testing of Software with intend that it should be re-useable and can be moved from another Software as well. Following are the strategies that can be used for Portability testing. 

Transferred installed Software from one computer to another.



Building executable (.exe) to run the Software on different platforms.



Portability testing can be considered as one of the sub parts of System testing, as this testing type includes the overall testing of Software with respect to its usage over different environments.

CHAPTER VIII Conclusion The success of AFIS and their extensive deployment all over the world have prompted some individuals to take extreme measures to evade identification by altering their fingerprints. The problem of fingerprint alteration or obfuscation is very different from that of fingerprint spoofing, where an individual uses a fake fingerprint in order to adopt the identity of another individual. While the problem of spoofing has received substantial attention in the literature, the problem of obfuscation has not been addressed in the biometric literature, in spite of numerous documented cases of fingerprint alteration for the purpose of evading identification. While obfuscation may be encountered with other biometric modalities (such as face and iris), this problem is especially significant in the case of fingerprints due to the widespread deployment of AFIS in both government and civilian applications and the ease with which fingerprints can be obfuscated. An algorithm to automatically detect altered fingerprints based on the characteristics of the fingerprint orientation field and minutiae distribution is developed. The proposed algorithm based on the features extracted from the orientation field and minutiae satisfies the three essential requirements for alteration detection algorithm: 1) fast operational time, 2) high true positive rate at low false positive rate, and 3) ease of integration into AFIS. The proposed algorithm and the NFIQ criterion were tested on a large public domain fingerprint database (NIST SD14) as natural fingerprints and an altered fingerprint database provided by a law enforcement agency. At a false positive rate of 0.3 percent, the proposed algorithm can correctly detect 66.4 percent of the subjects with altered fingerprints, while 26.5 percent of such subjects are detected by the NFIQ algorithm.

References [1] J. Feng, A.K. Jain, and A. Ross, “Detecting Altered Fingerprints,” Proc. 20th Int’l Conf. Pattern Recognition, pp. 1622-1625, Aug. 2010. [2] D. Maltoni, D. Maio, A.K. Jain, and S. Prabhakar, Handbook of Fingerprint Recognition, second ed. Springer-Verlag, 2009. [3] The U.S. Department of Homeland Security, US-VISIT, http://www.dhs.gov/usvisit, 2011. [4] The Fed. Bureau of Investigation (FBI), Integrated Automated Fingerprint Identification System (IAFIS), http://www.fbi.gov/hq/cjisd/iafis.htm, 2011. [5] H. Cummins, “Attempts to Alter and Obliterate Finger-prints,” J. Am. Inst. Criminal Law and Criminology, vol. 25, pp. 982-991, 1935. [6] Surgically Altered Fingerprints, http://www.clpex.com/images/FeetMutilation/L4.JPG, 2011. [7]

K.

Singh,

Altered

Fingerprints,

http://www.interpol.int/Public/Forensic/fingerprints/research/alteredfingerprints.pdf, 2008. [8]

M.

Hall,

“Criminals

Go

to

Extremes

to

Hide

Identities,”

USA

Today,

http://www.usatoday.com/news/nation/2007-11-06-criminal-extreme_N.htm, Nov. 2007. [9]

Criminals

Cutting

off

Fingertips

to

Hide

IDs,

http://www.thebostonchannel.com/news/15478914/detail.html, 2008. [10] A. Antonelli, R. Cappelli, D. Maio, and D. Maltoni, “Fake Finger Detection by Skin Distortion Analysis,” IEEE Trans. Information Forensics and Security, vol. 1, no. 3, pp. 360373, Sept. 2006. [11] K.A. Nixon and R.K. Rowe, “Multispectral Fingerprint Imaging for Spoof Detection,” Proc. SPIE, Biometric Technology for Human Identification II, A.K. Jain and N.K. Ratha, eds., pp. 214-225, 2005. [12] E. Tabassi, C. Wilson, and C. Watson, “Fingerprint Image Quality,” NISTIR 7151, http://fingerprint.nist.gov/NFIS/ir_7151.pdf, Aug. 2004.

[13] F. Alonso-Fernandez, J. Fierrez, J. Ortega-Garcia, J. GonzalezRodriguez, H. Fronthaler, K. Kollreider, and J. Bigun, “A Comparative Study of Fingerprint Image-Quality Estimation Methods,” IEEE Trans. Information Forensics and Security, vol. 2, no. 4, pp. 734-743, Dec. 2007. [14] R. Cappelli, D. Maio, and D. Maltoni, “Synthetic FingerprintDatabase Generation,” Proc. 16th Int’l Conf. Pattern Recognition, pp. 744-747, Aug. 2002. [15] K. Wertheim, “An Extreme Case of Fingerprint Mutilation,” J. Forensic Identification, vol. 48, no. 4, pp. 466-477, 1998. [16] History of Fingerprint Removal, http://jimfisher.edinboro.edu/forensics/fire/print.html, 2011. [17] J. Patten, Savvy Criminals Obliterating Fingerprints to Avoid Identification, http://www.eagletribune.com/punews/local_story_062071408.html, 2008. [18] Woman Alters Fingerprints to Deceive Taiwan Immigration Fingerprint Identification System, http://www.zaobao.com/special/newspapers/2008/10/hongkong081002r.shtml, (In Chinese), Oct. 2008. [19] Sweden Refugees Mutilate Fingers, http://news.bbc.co.uk/2/hi/europe/3593895.stm , 2004. [20] Asylum Seekers Torch Skin off Their Fingertips So They Can’t Be ID’d by Police, http://www.mirror.co.uk/sunday-mirror/2008/06/29/asylum-seekers-torch-skin-off-theirfingertips-so-they-cant-be-id-d-by-police-98487-20624559/, 2008. [21]

Surgically

Altered

Fingerprints

Help

Woman

Evade

Immigration,

http://abcnews.go.com/Technology/GadgetGuide/surgicallyaltered-fingerprints-womanevade-immigration/story?id=9302505, 2011. [22] Three Charged with Conspiring to Mutilate Fingerprints of Illegal Aliens, http://www.eagletribune.com/local/x739950408/Threecharged-with-conspiring-to-mutilatefingerprints-of-illegal-aliens, July 2010. [23] EURODAC: a European Union-Wide Electronic System for the Identification of Asylum-Seekers,

http://ec.europa.eu/justice_home/fsj/asylum/identification/fsj_asylum_identification_en.htm, 2011. [24] Neurotechnology Inc., VeriFinger, http://www.neurotechnology.com/vf_sdk.html, 2011. [25] NIST Special Database 4, NIST 8-Bit Gray Scale Images of Fingerprint Image Groups (FIGS), http://www.nist.gov/srd/nistsd4.htm, 2011. [26] J.W. Burks, “The Effect of Dermabrasion on Fingerprints: A Preliminary Report,” Archives of Dermatology, vol. 77, no. 1, pp. 8-11, 1958. [27] Men in Black, http://www.imdb.com/title/tt0119654/, 1997. [28] M.V. de Water, “Can Fingerprints Be Forged?” The Science NewsLetter, vol. 29, no. 774, pp. 90-92, 1936. [29] M. Wong, S.-P. Choo, and E.-H. Tan, “Travel Warning with Capecitabine,” Annals of Oncology, vol. 20, p. 1281, 2009. [30] K. Nandakumar, A.K. Jain, and A. Ross, “Fusion in Multibiometric Identification Systems: What about the Missing Data?,” Proc. Second Int’l Conf. Biometrics, pp. 743-752, June 2009. [31] H. Plotnick and H. Pinkus, “The Epidermal versus the Dermal Fingerprint: An Experimental and Anatomical Study,” Archives of Dermatology, vol. 77, no. 1, pp. 12-17, 1958. [32]

Altered

Fingerprints

Detected

in

Illegal

Immigration

Attempts,

http://www.japantoday.com/category/crime/view/alteredfingerprints-detected-in-illegalimmigration-attempts, 2011. [33] NIST Special Database 14, NIST Mated Fingerprint Card Pairs 2 (MFCP2), http://www.nist.gov/srd/nistsd14.htm. 2011. [34] J. Zhou and J. Gu, “A Model-Based Method for the Computation of Fingerprints’ Orientation Field,” IEEE Trans. Image Processing, vol. 13, no. 6, pp. 821-835, 2004.

[35] S. Huckemann, T. Hotz, and A. Munk, “Global Models for the Orientation Field of Fingerprints: An Approach Based on Quadratic Differentials,” IEEE Trans. Pattern Analysis and Machine Intelligence, vol. 30, no. 9, pp. 1507-1519, Sept. 2008. [36] Y. Wang and J. Hu, “Global Ridge Orientation Modeling for Partial Fingerprint Identification,” IEEE Trans. Pattern Analysis and Machine Intelligence, vol. 33, no. 1, pp. 72-87, Jan. 2010. [37] C. Watson, M. Garris, E. Tabassi, C. Wilson, R.M. McCabe, S. Janet, and K. Ko, “NIST Biometric Image Software,” http://www.nist.gov/itl/iad/ig/nbis.cfm, 2011. [38] A.M. Bazen and S.H. Gerez, “Systematic Methods for the Computation of the Directional Fields and Singular Points of Fingerprints,” IEEE Trans. Pattern Analysis and Machine Intelligence, vol. 24, no. 7, pp. 905-919, July 2002. [39] N. Dalal and B. Triggs, “Histograms of Oriented Gradients for Human Detection,” Proc. IEEE Computer Vision and Pattern Recognition Conf., vol. 1, pp. 886-893, June 2005. [40] C.-C. Chang and C.-J. Lin, LIBSVM: A Library for Support Vector Machines, software http://www.csie.ntu.edu.tw/cjlin/libsvm, 2001. [41] L.M. Wein and M. Baveja, “Using Fingerprint Image Quality to Improve the Identification Performance of the U.S. Visitor and Immigrant Status Indicator Technology Program,” Proc. Nat’l Academy of Sciences USA, vol. 102, no. 21, pp. 7772-7775, 2005. [42] A. Ross, K. Nandakumar, and A.K. Jain, Handbook of Multibiometrics. Springer Verlag, 2006. [43] The FBI’s Next Generation Identification (NGI), http://www.fbi.gov/hq/cjisd/ngi.htm, 2011. [44] DoD Biometrics Task Force, http://www.biometrics.dod.mil/,2011. [45] R. Singh, M. Vatsa, H.S. Bhatt, S. Bharadwaj, A. Noore, and S.S. Nooreyezdan, “Plastic Surgery: A New Dimension to Face Recognition,” IEEE Trans. Information Forensics and Security, vol. 5, no. 3, pp. 441-448, Sept. 2010.

Related Documents


More Documents from "forzama"