Combining local, regional and global matchers for ... - Semantic Scholar

Expert Systems with Applications 37 (2010) 3676–3684

Contents lists available at ScienceDirect

Expert Systems with Applications journal homepage: www.elsevier.com/locate/eswa

Combining local, regional and global matchers for a template protected on-line signature verification system Loris Nanni a,*, Emanuele Maiorana b, Alessandra Lumini a, Patrizio Campisi b a b

DEIS, Università di Bologna, Viale Risorgimento 2, 40136 Bologna, Italy Università degli Studi ‘‘Roma Tre”, Via della Vasca Navale 84, 00146, Roma, Italy

a r t i c l e

i n f o

Keywords: On-line signature Ensemble of classifiers Dynamic Time Warping Hidden Markov Models Linear Programming Descriptor BioHashing Template protection

a b s t r a c t In this work an on-line signature authentication system based on an ensemble of local, regional, and global matchers is presented. Specifically, the following matching approaches are taken into account: the fusion of two local methods employing Dynamic Time Warping, a Hidden Markov Model based approach where each signature is described by means of its regional properties, and a Linear Programming Descriptor classifier trained by global features. Moreover, a template protection scheme employing the BioHashing and the BioConvolving approaches, two well known template protection techniques for biometric recognition, is discussed. The reported experimental results, evaluated on the public MCYT signature database, show that our best ensemble obtains an impressive Equal Error Rate of 3%, when only five genuine signatures are acquired for each user during enrollment. Moreover, when the proposed protected system is taken into account, the Equal Error Rate achieved in the worst case scenario, that is,when an ‘‘impostor” is able to steal the hash keys, is equal to 4.51%, whereas an Equal Error Rate 0 can be obtained when nobody steals the hash keys. Ó 2009 Elsevier Ltd. All rights reserved.

1. Introduction People recognition based on signatures is one of the most commonly employed biometric based authentication methods. In a signature verification system, the individuals can be recognized by measuring and analyzing the activity of signing, which includes information regarding the stroke order, the pressure applied by the pen or its speed, in addition to the visual aspect of the signatures. Being part of everyday life, signature based authentication is perceived as a non-invasive and non-threatening process by the majority of the users. Furthermore, the written signature has a high legal value. On the other hand, the signature can be influenced by physical and emotional conditions, and therefore exhibits a significant variability which must be taken into account in the authentication process. Several interesting reviews (Dimauro, Impedovo, Lucchese, Modugno, & Pirlo, 2004; Fierrez & Ortega-Garcia, 2008; Impedovo & Pirlo, 2008; Leclerc & Plamondon, 1994) of the state-of-the-art on signature recognition have been proposed during the last years. Basically, signature based authentication can be either static or dynamic. In the static mode, also referred to as off-line, only the written image of the signature, typically acquired through a camera or an optical scanner, is employed. In the dynamic mode, also called

* Corresponding author. E-mail address: [email protected] (L. Nanni). 0957-4174/$ - see front matter Ó 2009 Elsevier Ltd. All rights reserved. doi:10.1016/j.eswa.2009.10.023

on-line, signatures are acquired by means of a graphic tablet or a pen-sensitive computer display, which can provide temporal information about the signature, such as the pressure, the velocity, the pen tilt signals versus time, and so on. The on-line signature verification methods proposed in literature (Jain, Griess, & Connell, 2002; Ortega-Garcia, Fierrez-Aguilar, Martin-Rello, & Gonzalez-Rodriguez, 2003; Ortega-Garcia, Fierrez-Aguilar, & Simon, 2003; Plamondon & Lorette, 1989; Sakamoto et al., 2005) can be distinguished into three main categories, which differ in the information extracted from the available data: (a) global approaches, where a set of global parametric features (i.e. signature total duration, number of pen-ups, and so on) are extracted from the acquired signatures, and used to train a classifier (Fierrez-Aguilar, Ortega-Garcia, & Gonzalez-Rodriguez, 2005). Some recent works (Nanni & Lumini, 2005; Nanni, 2006) demonstrate that a Random Subspace ensemble of one-class classifiers allows a considerable performance improvement, with respect to a stand-alone oneclass classifier. (b) local function based approaches, where the time functions extracted from different signatures are directly matched by using elastic distance measures, such as Dynamic Time Warping (DTW) (Jain et al., 2002), instead to be used as features for a classifier. During the comparative studies performed for the Signature Verification Competition of 2004

L. Nanni et al. / Expert Systems with Applications 37 (2010) 3676–3684

(SVC 2004) (Yeung et al., 2004), the on-line signature recognition algorithm proposed in Kholmatov and Yanikoglu (2005), employing DTW matching, gave the lowest average Equal Error Rate (EER) values, when tested with skilled forgeries. In Piyush Shanker and Rajagopalan (2007) a modified DTW algorithm is presented, which is based on the stability of the components of the signature and outperforms the standard DTW; (c) regional function based approaches, where the acquired signatures are analyzed by estimating some regional properties, which are then employed to train a given classifier. The best regional approaches model on-line signatures with Hidden Markov Models (HMMs) (Fierrez-Aguilar, Ortega-Garcia et al., 2005; Fierrez-Aguilar et al., 2005). Moreover, in Nanni and Lumini (2008b) signatures are decomposed employing wavelet transforms, and the Discrete Cosine Transform (DCT) is applied to the resulting approximation coefficients. A Linear Programming Descriptor (LPD) classifier is then trained using the obtained DCT coefficients. According to some recently published results (Yeung et al., 2004), the most promising approaches belong to the category of local function based methods. However, one of the major research trends in on-line signature verification is to combine different systems, in order to build an ensemble of classifiers (Fierrez-Aguilar, Nanni, Lopez-Penalba, Ortega-Garcia, & Maltoni, 2005; Van, Garcia-Salicetti, & Dorizzi, 2007). In this work, an ensemble of matchers belonging to different categories is presented. The ensemble is built by combining: a local function based matcher, obtained from the fusion of two variants of the Kholmatov’s DTW algorithm (Kholmatov & Yanikoglu, 2005); a regional function based matcher, where each signature is represented by a sequence of vectors describing regional properties, and HMMs are employed as classifiers; a global approach employing a LPD classifier, trained by global parametric features. Moreover, the security of a signature based authentication system is also considered. The use of biometric data in an automatic recognition system involves the possibility of identity theft, with the risk of improper use of the stolen information and, even worse, the impossibility to replace the stolen data. When designing a biometric system, several measures have then to be carefully considered, in order to enhance biometric data resilience against attacks (Ratha, Connell, & Bolle, 2001). The state-of-the-art on biometric template protection is discussed in details in Section 2. In this paper, a protected signature based authentication system is build as an ensemble of already presented approaches. Specifically, two different solutions for template protection are implemented: the Improved BioHashing (Lumini & Nanni, 2007) and the BioConvolving method proposed in Maiorana, Martinez-Diaz, Campisi, Ortega-Garcia, and Neri (2008). The experimental results, reported in Section 4, are obtained using the public SUBCORPUS-100 MCYT Bimodal Biometric Database (Ortega-Garcia et al., 2003; Ortega-Garcia, Fierrez-Aguilar, Simon, et al., 2003), which comprises signatures taken from 100 subjects, and confirm the effectiveness of the proposed ensembles of classifiers.

2. Biometric template protection In the recent past, many solutions have been investigated to secure biometric templates. Among them, the most promising ap-

3677

proaches consist in the implementation of cancelable biometrics (Ratha et al., 2001), which can be roughly described as the application of an intentional and repeatable modification to the original biometric templates. Typically, a properly defined cancelable biometrics should satisfy the properties of renewability (it should be possible to revoke a compromised template and issue a new one based on the same biometric data) and security (it should be impossible or computationally unfeasible to obtain the original biometric template from the modified one). Moreover, it should grant that the recognition performance of the protected system does not degrade significantly with respect to an unprotected system. A classification of the proposed protection methods has been presented in Jain, Nandakumar, and Nagar (2008), where two macro-categories, referred to as Biometric Cryptosystems and Feature Transformation approaches, are considered. Biometric cryptosystems typically employ binary keys to secure the biometric templates, and during the process some public information, usually referred to as helper data, is used. This category can be further divided in key binding systems, where the helper data are obtained by binding a key with the biometric template (Juels & Wattenberg, 1999; Juels & Sudan, 2006), and key generating systems, where both the helper data and the cryptographic key are directly generated from the biometric template (Sutcu, Lia, & Memon, 2007). In a feature transformation approach a transformation function, typically governed by random parameters employed as keys, is applied to the biometric template, thus generating the desired cancelable biometrics. It is possible to distinguish between salting approaches, where the employed transforms are invertible (Teoh, Ngo, & Goh, 2006), and non-invertible transform approaches, where a one-way function is applied to the considered templates (Ratha, Chikkerur, Connell, & Bolle, 2007). The security of salting approaches relies in the secure storage of the transform parameters, whereas when the latter approaches are considered, their security relies in the difficulty to invert the transformation, even if its defining parameters are known. When a feature transformation approach is employed, the transformed templates can remain in the same (feature) space of the original ones, being then possible to employ, in the authentication stage, the matchers designed for the original biometric templates. This allows to guarantee performance which is similar to that of an unprotected approach. Moreover, having the possibility of employing dedicated matchers, a score can be obtained as the output of a recognition process, even if it has been performed in a transformed domain: secure multibiometric systems can therefore be implemented through score-level fusion techniques (Ross, Nandakumar, & Jain, 2006). Signature template protection have been first considered in Vielhauer, Steinmetza, and Mayerhofer (2002) with a key generation approach, where a set of parametric features was extracted from the acquired dynamic signatures, and a hash function was applied to the feature binary representation, obtained exploiting some statistical properties of the enrollment signatures. In Freire-Santos, Fierrez-Aguilara, and Ortega-Garcia (2006) an adaptation of the fuzzy vault to signature protection has been proposed, employing a quantized set of maxima and minima of the temporal functions mixed with chaff points in order to provide security. Also the fuzzy commitment (Juels & Wattenberg, 1999) (more specifically, its practical implementation known as Helper Data System (Van der Veen, Kevenaar, Schrijen, Akkermans, & Zuo, 2006) has been employed to provide security for the features extracted from an on-line signature, as proposed in Maiorana et al. (2008), Campisi, Maiorana, & Neri (2008), where a user-adaptive error correcting code selection was also introduced. A salting approach has been proposed in Yip, Goh, Ngo, & Teoh (2006), as an adaptation of the BioHashing method (Teoh et al., 2006) to signature templates. Moreover, in Lumini & Nanni (2007)) an improved version of the

3678


Fig. 1. (a) Information acquired by the acquisition device for a given signature and (b) azimuth and altitude pen angles, with respect to the plane of the tablet. from FierrezAguilar, Nanni et al. (2005).

BioHashing approach, where the procedure is iterated many times to increase the security of the system, has also been employed to protect signature templates. In Maiorana et al. (2008) a signature template protection scheme, where non-invertible transforms are applied to a set of signature sequences, has been presented, and its non-invertibility discussed. The renewability capacity of the approach in Maiorana, Campisi, and Neri (2008) has also been analyzed in Maiorana, Campisi, Ortega-Garcia, and Neri (2008), where additional non-invertible transforms are introduced. 3. Proposed signature based authentication system As explained above, in this paper we implement a signature based authentication system by combining the following classifiers: the local function based matcher presented by Kholmatov in Kholmatov and Yanikoglu (2005), where the distances between reference and test signatures are computed by means of the DTW algorithm, and normalized with respect to the intra-class distances estimated during the enrollment phase; the regional function based approach presented in Fierrez-Aguilar, Ortega-Garcia et al. (2005), where HMMs are employed as matcher; the global feature based approach presented in Nanni (2006), where a LPD is trained by a set of parametric features. Moreover, a signature based authentication system where the employed biometric templates are protected is also defined, by building an ensemble based on the following approaches: the Improved BioHashing template protection technique (Lumini & Nanni, 2007); the BioConvolving template protection technique presented in Maiorana et al. (2008).

3.1. Employed on-line signature features The following discrete-time dynamic sequences are available from a typical acquisition device (the sampling frequency of the acquired signals is set to 100 Hz):

x, position in horizontal axis; y, position in vertical axis; p, pressure applied by the pen; a, azimuth angle of the pen with respect to the tablet; b, altitude (elevation) angle of the pen with respect to the tablet.

A signature acquisition begins in correspondence to the first sample with a non-zero pressure value, and its ending is determined by setting a 3 s timer to the pen up. Fig. 1a shows an example of the discrete-time sequences extracted from a given dynamic signature, while Fig. 1b displays the azimuth and altitude pen angles, with respect to the plane of the tablet. The following other sequences can be calculated by means of the ones above mentioned, and are employed as features in the considered systems:

Dx: difference between two consecutive x coordinates; Dy: difference between two consecutive y coordinates; Dp: difference between two consecutive pressure values; Db: difference between two consecutive pen elevation values; h: path-tangent angle; v: path velocity magnitude; q: log curvature radius; a: total acceleration magnitude.

Fig. 2 illustrates some of the employed functional features, together with their first-order derivatives (employed as signature representation for the HMM based matching approach). 3.2. Dynamic Time Warping (DTW)

A detailed description of the signature features employed in the proposed systems, as well as of the aforementioned matching techniques, is provided in the following.

This matching approach, proposed by Kholmatov in Kholmatov and Yanikoglu (2005), is based on the computation of DTW


3679

Fig. 2. Information extracted from a given signature. from Fierrez-Aguilar, Nanni et al. (2005).

distances between test and reference signatures, which are then normalized with respect of the intra-class DTW distances, estimated during the enrollment phase. Specifically, for each enrolled signature of a user i, the average values of the following distances are evaluated: distance to their nearest neighbor ðdmini Þ; distance to their farthest neighbor ðdmaxi Þ; distance to the template signature ðdtemplatei Þ. The reference template is selected as the signature having the lowest average distance to all the other enrollment signatures. The evaluated distances describe the users’ signature variability, and are employed to normalize the DTW distances computed during authentication. Specifically, each test signature is compared to the signatures in the reference set, thus producing the aforementioned three distance values, which are then normalized with respect of the corresponding average distances computed over the reference set. A three-dimensional feature vector is therefore obtained from each comparison. It is worth pointing out that the same normalization process is done both for signatures acquired during enrollment, and for signatures considered during the authentication process. Using Principal Component Analysis (PCA) (Duda, Hart, & Stork, 2000), the dimensionality is reduced from three to one (the three features are highly correlated). A Linear Discriminant Classifier (LDC), or, in alternative, a Linear Support Vector Machine (LSVM), is then trained on this feature space.1 In the performed experimental results, illustrated in Section 4, the DTW approach is tested employing different sets of functional features. The feature sets which allow to reach the best authentica1

We use the MATLAB function ldc() of the PRTools 3.1.7.

tion rates are then combined by means of the sum rule. 3.3. Hidden Markov Models (HMM) Following this approach, a left-to-right HMM is used as in Fierrez-Aguilar, Nanni et al. (2005). Each signature is represented using a set of seven discrete-time sequences ðx; y; p; h; v ; q; aÞ, together with their first-order time derivatives, resulting in a signature template consisting of 14 discrete sequences. For more details on the left-to-right Hidden Markov Models, please refer to Fierrez-Aguilar, Nanni et al. (2005). It is worth pointing out that this approach was ranked in first and second place, for random and skilled forgeries, respectively, during the Signature Verification Competition 2004 (SVC 2004) (Yeung et al., 2004). 3.4. Linear Programming Descriptor (LPD) LPD2 is a one-class classifier, which is therefore able to determine if a test sample belong to the considered class or not. When applied to signature verification, each individual represents a class, and his signatures are the objects which have to be classified. The description of the target objects is usually obtained by means of parametric feature vectors. For a detailed description of this method see Tax (2001), where a data descriptor is specifically constructed to describe target objects which are classified in terms of distances to other classes. In the proposed implementation, a LPD is trained employing the set of 100 global features detailed in Fierrez-Aguilar, Nanni et al. (2005). Moreover, in order to significantly improve the performance of 2

LPD is implemented as in the free DD_Tool 0.95 Matlab Toolbox.

3680


a stand-alone LPD (Nanni, 2006), a random subspace ensemble of features (Ho, 1998) is employed. Specifically, in this work our LPD matcher is based on 100 different training sets3 created using random subspace. When performing authentication, the maximum similarity score (Kittler, Hatef, Duin, & Matas, 1998) obtained from the pool of 100 classifiers is selected as representative of the matching process. 3.5. BioHashing protection approach (BH) The BioHashing template protection approach (Teoh et al., 2006) modifies an original biometric template b 2 Rn in order to generate a binary vector f 2 f0; 1gm ðm 6 nÞ. A pseudo-random number generator is employed to rule the generation of the binary vector, whose expression is therefore dependent on a randomly selected Hash key K. Moreover, a preset threshold s is used to determine the binary vector f. The matching between a test and a reference signature is then computed by means of the Hamming distance between the templates generated by employing the Hash Key K. In Lumini and Nanni (2007) the authors suggested to iterate k times the BioHashing method, in order to generate k BioHash codes for each user (k ¼ 5 in this work). Moreover, they proposed to normalize each biometric vector by its module, and to use several values for s instead of a fixed one (s 2 ½0:1; 0:1, with step of 0.05). The verification stage is performed by using the Hamming Distance for each BioHash code, and by combining the k classifiers with the sum rule. Please refer to Lumini and Nanni (2007) for more details on the Improved BioHashing. 3.6. BioConvolving protection approach (BC) The generation of cancelable biometrics according to the BioConvolving approach was proposed in Maiorana et al. (2008). Specifically, following this approach it is possible to build transformed templates that can be used for training any function based matcher. In order to generate a transformed template, each original signature sequence is divided into W (W ¼ 2 in this paper) non-overlapping segments, according to a randomly selected transformation key d. Then, the transformed functions are obtained by performing a linear convolution between the obtained segments. An example of the employed transform is given in Fig. 3, where the x and y coordinates of a given signature are modified according to two different keys. In the present work, each original sequence is normalized to zero mean and unit standard deviation, before performing the convolutions. Moreover, in order to improve the verification performance, we iterate k times ðk ¼ 5Þ the BC method, and combine the obtained similarity scores by means of the sum rule. The security of the BioConvolving approach depends of the fact that, if an impostor gains access to the stored information, he has to resolve a blind deconvolution problem to retrieve the original template. Moreover, in Maiorana et al. (2008) it was also shown that even if multiple transformed templates are stolen, it is not possible to retrieve the original template. 4. Experimental results An extensive set of experimental results has been performed using the public SUBCORPUS-100 MCYT (Ortega-Garcia et al., 2003; Ortega-Garcia, Fierrez-Aguilar, Simon, et al., 2003), which 3 Each modified training dataset contains a random subset (60% in this paper) of all the features.

comprises signatures taken from 100 subjects. Specifically, 25 genuine signatures are available for each signer, as well as 25 skilled forgeries, which are produced by providing to the forgers the signature images of the clients to be forged. For each user, the enrollment is performed on the basis of his first five genuine signatures. Moreover, in order to train the employed classifiers, the skilled forgeries of 20 individuals are considered. The authentication tests are therefore performed by considering the remaining 80 subjects of the available database. The similarity score which are then evaluated when testing each approach consist of 80 20 matching scores from genuine users, and 80 25 matching scores from impostors. Specifically, the employed database with 100 subjects is divided five times in different ways, in order to generate the training and the testing subsets, and the reported verification results correspond to the average of the performances obtained for each division. As for the performance evaluation, we adopt the Equal Error Rate (EER) (Jain et al., 2002) and the Area Under the Receiver Operating Characteristic curve (AUC) (Ling, Huang, & Zhang, 2003). The AUC can be interpreted as the probability that the system will assign a higher score to a randomly picked genuine example than to a randomly picked impostor sample: the greater the AUC value, the better the performance of the considered system. In order to properly evaluate the proposed ensemble and the template protection methods, the following aspects have been investigated: Which is the best feature set and the best classifier we can use to design a DTW based authentication system? Which is the matching performance of the novel ensemble method, based on the fusion of the considered local, regional and global classifiers (each of which can be considered as the state-of-the-art approach of their categories)? Which is the matching performance of the novel signature based authentication system with protected templates, obtained by combining the BH and the BC protection approaches? Moreover, Which is the loss in matching performance between the proposed unprotected and protected systems? The aforementioned aspects are analyzed in the following Sections.

4.1. Feature and classifier selection for a local based approach In this Section, we analyze the authentication performance which can be achieved when employing a local function based verification approach. Specifically, the DTW based approach of Kholmatov and Yanikoglu (2005) is considered, and different implementation of this algorithm are tested, by varying the feature set, as well as the used classifier. The original configuration, proposed in Kholmatov and Yanikoglu (2005), employs the Dx and Dy coordinates as feature set, and a LDC as classifier. In Tables 1 and 2 we compare the performance, in terms of EER and AUC, of some variants of the method in Kholmatov and Yanikoglu (2005), obtained using a different classifier, that is, a Linear SVM (LSVM) instead of LDC, and different sets of features. Please note that, in all the reported tests, the reference set used for the normalization of the distances in Kholmatov’s variants coincides with the training set. Moreover, in the training step, the impostors’ patterns (notice that the Kholmatov’s methods extract a feature vector comparing a given signature with a reference set) are obtained considering for each individual only the forgeries of that individual: we compare each forgery of an individual i with each signature that belong to the reference set of the same individual i.

3681


Fig. 3. Application of two different BC transformations to the x and y coordinates of a given signature. The original and transformed signatures are also shown.

Table 1 EER (in %) of some variants of the method in Kholmatov and Yanikoglu (2005). EER

Classifier

Features

LDC

LSVM

ðDx; DyÞ ðDx; DpÞ ðDx; DbÞ ðDy; DpÞ ðDy; DbÞ ðDp; DbÞ

5.5 6.2 11.9 5.6 11.2 9.6

5.3 6.3 11.6 5.6 11.0 9.5

Average

8.3

8.2

Table 2 AUC of some variants of the method in Kholmatov and Yanikoglu (2005).

On the basis of the observed results, we therefore implement a variation of the DTW based approach proposed in Kholmatov and Yanikoglu (2005), by selecting two distinct feature sets: Dx and Dy; Dy and Dp, and employing a LSVM classifier to train the considered feature spaces. The system generated from the fusion of these two variants by the sum rule, is indicated as Extended Kholmatov (EK), and it is able to achieve an EER equal to 4.96%, with an AUC of 0.988. The proposed local matching based verification system therefore outperforms the one in Kholmatov and Yanikoglu (2005), which can guarantee an EER equal to 5.5% with an AUC of 0.986. 4.2. Performances of the proposed ensemble of matchers

AUC

Classifier

Features

LDC

LSVM

ðDx; DyÞ ðDx; DpÞ ðDx; DbÞ ðDy; DpÞ ðDy; DbÞ ðDp; DbÞ

0.986 0.980 0.943 0.984 0.953 0.957

0.986 0.980 0.946 0.985 0.954 0.958

Average

0.967

0.968

As can be seen from the results reported in Tables 1 and 2, slightly better results can be obtained when employing a LSVM classifier, with respect to the performances obtained with a LDC classifier, as proposed in Kholmatov and Yanikoglu (2005). The feature set which guarantees the best recognition rates comprises the Dx and Dy signature signals, as noticed in Kholmatov and Yanikoglu (2005). However, similar results can be achieved when employing the signals Dy and Dp as feature set.

In this Section we compare the matching performance of the novel ensemble method with respect to the three different approaches used in the fusion. In Table 3 we report the results

Table 3 Results obtained by the weighed sum of EK, HMM and LPD. Weights

Indicators

EK

HMM

LPD

EER (in %)

AUC

1 0 0 1 3 6 9 1 3 6 9

0 1 0 0 0 0 0 1 1 1 1

0 0 1 1 1 1 1 1 1 1 1

4.96 8.51 7.68 4.40 4.58 4.65 4.71 4.89 3.95 3.81 3.83

0.988 0.964 0.981 0.991 0.990 0.989 0.989 0.986 0.990 0.991 0.991

3682


Table 4 Results obtained by the template protection approaches. Method

Hash key always stolen

Hash key never stolen

BH

BC + EK

BC + HMM

BC + LPD

EER (in %)

AUC

EER (in %)

AUC

1 0 0 0 0 0 0 0 1 1 1

0 1 0 0 1 1 1 1 0 1 1

0 0 1 0 1 3 6 9 1 1 3

0 0 0 1 1 1 1 1 0 1 1

10.74 11.78 7.45 12.71 4.60 4.89 5.61 5.98 4.94 5.13 4.51

0.956 0.944 0.968 0.942 0.987 0.985 0.980 0.977 0.987 0.985 0.988

0 6.86 1.36 0.97 0.42 0.61 0.77 0.91 0.05 0.25 0.36

1 0.979 0.997 0.997 0.999 0.999 0.998 0.998 0.999 0.999 0.999

obtained by our ensemble using different combinations of weights in the sum rule. The considered approaches are denoted by the following abbreviations: EK, the local based approach employing the fusion of two Kholmatov’s variants, discussed in Sections 3.2 and 4.1; HMM, the regional based approach employing Hidden Markov Models as matcher, described in Section 3.3; LPD, the global feature based approach employing Linear Programming Descriptor as matcher, described in Section 3.4. It is worth noticing that, before performing the fusion, the scores of each classifier are normalized to mean 0 and standard deviation 1. The results in Table 3 have been obtained by empirically setting the weights used for the fusion, while for improving the performance this choice should be achieved by an optimization process on a training set. Anyway, from the available results the usefulness of the fusion of all three approaches is evident. Specifically, we can see that the proposed EK approach allows to reach the best verification performances for a stand-alone system. The LPD approach, which employs global features, performs better than the HMM one. When combining the two best approaches, that is, the EK and the LPD methods, a significant performance improvement can be obtained, resulting in an EER equal to 4.40%, and an AUC equal to 0.991. Moreover, a further improvement can also be achieved when considering an ensemble of the three classifiers: in this case, the best recognition rate corresponds to an EER equal to 3.81% and an AUC of 0.991. It is worth remarking that the reported results are referred to a system where only five signatures are taken from each user during enrollment, and that the algorithm proposed in Kholmatov and Yanikoglu (2005), which gave the best authentication results in SVC 2004 (Yeung et al., 2004), achieve an EER equal to 5.5% under the same conditions. 4.3. Performances of the proposed protected system Finally, the verification performance of proposed ensemble of template protection approaches is investigated. As illustrated in Section 3, the proposed protected system is built by combining the BioHashing and the BioConvolving methods, respectively presented in Lumini and Nanni (2007) and Maiorana et al. (2008). It is worth pointing out that the BioHashing is a matching system that requires a fixed length feature vector as input, and uses the Hamming distance for classification purposes. On the other hand, the BioConvolving is a feature transformation approach, which projects an input feature vector in a transformed space having the same dimension of the original one and, therefore, can be coupled to any matching system which represents the considered biometrics with a set of sequences.

In Table 4 the results obtained for a system where only cancelable template are used are reported. Specifically, we performed tests by the BioHashing approach (BH) and by training the proposed EK, HMM and LPD with the cancelable templates provided by the BC approach. It is worth stressing that, in order to improve the achievable verification rates for the EK and the HMM methods, the BC transformations are applied five times to the available signatures, and the similarity scores obtained from the matching of these five cancelable templates are then combined by means of the sum rule. As for the LPD method, a different BC cancelable template is built for each random subspace, and the scores resulting from each LPD classifier are then combined by sum rule4. Two different scenarios have been taken into account: a worst case scenario, when an attacker is able to steal the keys of the employed transformations, and a scenario where each impostor does not possess the transformation keys. When considering the worst case scenario, it can be noticed that the best performance for a protected system employing a standalone classifier is met when using the standard Kholmatov’s method in Kholmatov and Yanikoglu (2005), together with the BC baseline approach proposed in Maiorana et al. (2008), and correspond to an EER equal to 12.95, with an AUC of 0.927. On the other hand, the BH protection approach performs better when the impostors do not know the employed transformation keys, reaching an EER 0. The BC protection approach can be employed to implement an ensemble of protected systems, by combining the EK, the HMM, and the LPD matchers. An EER equal to 4.60%, with an AUC of 0.987, can then be achieved for a protected system, even when the impostors can steal the transformation keys. However, overall better recognition rates are obtained when combining the BC based approaches with the BH method: following such approach, an impressive EER equal to 4.51%, with an AUC of 0.988, is obtained for the worst scenario with stolen keys. Moreover, when the impostors do not know the employed transformation keys, we obtain EER = 0.36%, with an AUC of 0.999. Notice that using the standard Kholmatov’s method and the base approach proposed in Maiorana et al. (2008) we obtain an EER 12.95 of and an AUC of 0.927. The performance of BC + HMM using only one BC cancelable template is (when the key is stolen) an EER of 9.82 and an AUC of 0.956; instead when the key is stolen BC + HMM obtains an EER of 2.30 and an AUC of 0.9948. The last reported experiment is referred to a system where the BH approach is combined with the standard EK, HMM and LPD matchers (and therefore it is considered as a matcher rather than a template protection technique). In Table 5 we report the performance obtained when an ‘‘impostor” is always able to steal the

4 If we combine these classifiers with the max rule (as when we use the standard biometric template) the performance is very low

3683

L. Nanni et al. / Expert Systems with Applications 37 (2010) 3676–3684 Table 5 Results obtained when the BH approach is combined with the standard EK, HMM and LPD matchers. Method

Hash key always stolen

Hash key never stolen

BH

EK

HMM

LPD

EER (in %)

AUC

EER (in %)

AUC

1 1 1 1

1 3 6 9

1 1 1 1

1 1 1 1

3.61 3.00 3.11 3.28

0.992 0.994 0.993 0.993

0.66 0.92 1.76 2.22

0.997 0.997 0.996 0.996

hash key, as well as those achieved when the key is not stolen. The obtained experimental results confirm what already stated in other works (Lumini & Nanni, 2007): the fusion among a BioHashing matcher and a pure biometric approach is extremely useful to improve the verification performance, also in cases when the hash key is stolen. In fact, the resulting lowest EER is equal to 3%, with an AUC of 0.994. In our opinion, the results obtained combining the biometric matchers with the BH approach are very interesting. Unfortunately, it is worth pointing out that the employed EK, HMM and LPD biometric matchers are not based on a cancelable template, in this case. So this system can be used only when the cancelable templates are not essential. Otherwise, the best verification rates obtained for a protected system corresponds to an EER equal to 4.51%. However, we have proven that a system where the employed templates are protected against possible attacks can be efficiently implemented, with only a slight loss in performance with respect to the best achievable unprotected system. 5. Conclusions We introduced a system for on-line signature verification that outperforms several state-of-the-art methods. The main contribution of our work is to propose and validate a new system, which employs a combination of different kind of matchers based on local, global and regional features. It is experimentally shown that the system here proposed outperforms also the method which gave the best verification results in SVC 2004. The best EER which can be achieved employing the proposed combination of matchers is an impressive 3%. Therefore, our results testify that a very low EER can be achieved by employing on-line signature verification, which can then be employed in real world applications, just as fingerprint and iris. In our opinion, the results obtained when employing the BioHashing template protection scheme, and also the BioConvolving protection approach, are very interesting since we have shown that also using template protection techniques it is possible to obtain a very low EER (4.51% in the worst case scenario, with impostors able to steal the transformation keys). A possible future work for improving the performance is to use the ensemble of global matcher proposed in Nanni and Lumini (2008a), Nanni and Lumini (2009), where the training data are used to create the different subspaces for training each matcher. Acknowledgment The authors would like to thank J. Fierrez-Aguilar and J. OrtegaGarcia for sharing SUBCORPUS-100 MCYT data set. Moreover, the authors want to thank J. Fierrez-Aguilar for the helpful discussions on on-line signature when he was a visiting researcher at the University of Bologna, Italy. References Campisi, P., Maiorana, E., & Neri, A. (2008). On-line signature based authentication: Template security issues and countermeasures. In N. V. Boulgouris, K. N. Plataniotis, & E. Micheli-Tzanakou (Eds.), Biometrics: Theory, methods, and applications. Wiley/IEEE.

Dimauro, G., Impedovo, S., Lucchese, M. G., Modugno, R., Pirlo, G. (2004). Recent advancements in automatic signature verification. In Workshop on frontiers in handwriting recognition (pp. 179–184, 26–29). Duda, R. O., Hart, P. E., & Stork, D. G. (2000). Pattern classification (2nd ed.). New York: Wiley. Fierrez-Aguilar, J., Ortega-Garcia, J., & Gonzalez-Rodriguez, J. (2005). Target dependent score normalization techniques and their application to signature verification. IEEE Transactions on Systems Man and Cybernetics, 35, 418–425. Fierrez-Aguilar, J., Krawczyk, S., Ortega-Garcia, J., Jain, A. K. (2005). Fusion of local and regional approaches for on-line signature verification. In IWBRS (pp. 188– 196). Fierrez-Aguilar, J., Nanni, L., Lopez-Penalba, J., Ortega-Garcia, J., Maltoni, D. (2005). An on-line signature verification system based on fusion of local and global information. In Proceedings audio- and video-based biometric person authentication, New York, USA, July. Fierrez, J., & Ortega-Garcia, J. (2008). On-line signature verification. In A. K. Jain, A. Ross, & P. Flynn (Eds.), Handbook of biometrics (pp. 189–209). Springer. Freire-Santos, M., Fierrez-Aguilara, J., Ortega-Garcia, J., (2006). Cryptographic key generation using handwritten signature. SPIE defense and security symposium, Biometric technologies for human identification (Vol. 6202, pp. 225–231). Ho, T. K. (1998). The random subspace method for constructing decision forests. IEEE Transactions on Pattern Analysis and Machine Intelligence, 20(8), 832–844. Impedovo, D., & Pirlo, G. (2008). Automatic signature verification: The state of the art. IEEE Transactions on Systems, Man, and Cybernetics: Part C, 38(5), 609–635. Jain, A. K., Griess, F., & Connell, S. (2002). On-line signature verification. Pattern Recognition, 35(12), 2963–2972. Jain, A. K., Nandakumar, K., Nagar, A. (2008). Biometric template security. EURASIP Journal on Advances in Signal Processing [Special Issue on Biometrics]. Juels, A., Wattenberg, M. (1999). A fuzzy commitment scheme. In ACM conference on computer and communication security (pp. 28–36). Juels, A., & Sudan, M. (2006). A fuzzy vault scheme. Designs Codes and Cryptography, 38(2), 237–257. Kittler, J., Hatef, M., Duin, R., & Matas, J. (1998). On combining classifiers. IEEE Transactions on Pattern Analysis and Machine Intelligence, 20(3), 226–239. Kholmatov, A., & Yanikoglu, B. (2005). Identity authentication using improved online signature verification method. Pattern Recognition Letters, 26(15), 2400–2408. Leclerc, F., & Plamondon, R. (1994). Automatic signature verification: The state of the art 1989–1993. IJPRAI, 8(3), 643–660. Ling, C., Huang, J., Zhang, H. (2003) Auc: A better measure than accuracy in comparing learning algorithms. In Proceedings of 2003 Canadian artificial intelligence conference. Lumini, A., & Nanni, L. (2007). An improved BioHashing for human authentication. Pattern Recognition, 40(3), 1057–1065. Maiorana, E., Martinez-Diaz, M., Campisi, P., Ortega-Garcia, J., & Neri, A., (2008). Template protection for HMM-based on-line signature authentication. In CVPR biomerics workshop (pp. 1–6). Maiorana, E., Campisi, P., & Neri, A. (2008). User adaptive fuzzy commitment for signature templates protection and renewability. SPIE Journal of Electronic Imaging, Special Section on Biometrics: Advances in Security, Usability and Interoperability, 17(1). Maiorana, E., Campisi, P., Ortega-Garcia, J., Neri, A.(2008). Cancelable biometrics for HMM-based signature recognition. In IEEE second international conference on biometrics: Theory, applications and systems (BTAS), Washington, USA, 29 September–1 October. Nanni, L., & Lumini, A. (2005). Ensemble of parzen window classifiers for on-line signature verification. Neurocomputing, 68(7), 217–224. Nanni, L. (2006). Experimental comparison of one-class classifiers for on-line signature verification. Neurocomputing, 69(7-9), 869–873. Nanni, L., & Lumini, A. (2008a). Over-complete feature generation and feature selection for biometry. Expert Systems with Applications, 35(4), 2049–2055. Nanni, L., & Lumini, A. (2008b). A novel local on-line signature verification system. Pattern Recognition Letters, 29(5), 559–568. Nanni, L., & Lumini, A. (2009). Ensemble of on-line signature matchers based on OverComplete Feature generation. Expert Systems with Applications, 36(3), 5291–5296. Ortega-Garcia, J., Fierrez-Aguilar, J., Martin-Rello, J., Gonzalez-Rodriguez, J. (2003). Complete signal modelling and score normalization for function-based dynamic signature verification. Audio- and Video-based Biometric Person Authentication 2003, Guilford, UK, June 9–11 (pp. 658–667). Ortega-Garcia, J., Fierrez-Aguilar, J., Simon, D., et al. (2003). MCYT baseline corpus: A bimodal biometric database. IEE Proceedings – Vision Image Sensor and Processor, 150(6), 395–401. Piyush Shanker, A., & Rajagopalan, A. N. (2007). Off-line signature verification using DTW. Pattern Recognition Letters, 28(12), 1407–1414.

3684


Plamondon, R., & Lorette, G. (1989). Automatic signature verification and writer identification – the state of the art. Pattern Recognition, 22(2), 107–131. Ratha, N. K., Connell, J. H., & Bolle, R. (2001). Enhancing security and privacy of biometric-based authentication systems. IBM Systems Journal, 40(3), 614–634. Ratha, N., Chikkerur, S., Connell, J. H., & Bolle, R. M. (2007). Generating cancelable fingerprint templates. IEEE Transactions on Pattern Analysis and Machine Intelligence, 29(4), 561–572. Ross, A. A., Nandakumar, K., & Jain, A. K. (2006). Handbook of multibiometrics. USA: Springer. Sakamoto, D. et al. (2005). On-line signature verification incorporating pen position, pen pressure and pen inclination trajectories. In IEEE international conference on acoustics, speech, and signal processing 2001, Salt Lake City, USA, May 9 (pp. 993– 996). Sutcu, Y., Lia, Q., & Memon, N. (2007). Protecting biometric templates with sketch: Theory and practice. IEEE Transactions on Information Forensics and Security, 2(3). Tax, D. M. J. (2001). One-class classification; concept-learning in the absence of counter-examples. Delft University of Technology. ISBN: 90-75691-05-x. Teoh, A. B. J., Ngo, D. C. L., & Goh, A. (2006). Random multispace quantization as an analytic mechanism for biohashing of biometric and random identity inputs.

IEEE Transactions on Pattern Analysis and Machine Intelligence, 28(12), 1892–1901. Van, B. L., Garcia-Salicetti, S., & Dorizzi, B. (2007). On using the Viterbi path along with HMM likelihood information for online signature verification. IEEE Transactions on Systems, Man and Cybernetics, Part B(5), 1237–1247. Van der Veen, M., Kevenaar, T., Schrijen, G.-J., Akkermans, T.H., Zuo, F. (2006). Face biometrics with renewable templates. In SPIE proceedings on security, steganography, and watermarking of multimedia contents (Vol. 6072). Vielhauer, C., Steinmetza, R., Mayerhofer, A. (2002). Biometric hash based on statistical features of online signatures. In International conference on pattern recognition (ICPR) (Vol. 1, pp. 123–126). Yeung, D. Y. et al. (2004). SVC2004: First international signature verification competition. In International conference on biometric authentication 2004, Fort Lauderdale, USA, July 15-17 (pp. 16–22). Yip, W. K., Goh, A., Ngo, D. C. L., Teoh, A. B. J. (2006). Generation of replaceable cryptographic keys from dynamic handwritten signatures’. In ICBA (pp. 509– 515).