Finding a suitable threshold value for an iris-based authentication system

ABSTRACT


INTRODUCTION
Today, Biometric systems are widely used in authentication process in order to identify an individual. Biometric can be divided into two main methods. The first is physical biometric which includes face, fingerprint palm and iris recognition [1][2][3][4][5]. The second is known as behavioral biometric, which includes walking pattern, typing pattern and hand-written signature recognition [6]. Biometric systems can help enhance the security of identification and authentication mechanisms. It is claimed to be stronger than a password recognition system since passwords can be forgotten, disappeared and stolen [7,8].
One of the most widely used biometric methods is iris recognition. It is proved to be efficient and comes with promising level of security [9]. In this system, an iris is required in order to verify the person's special characteristics [10]. The part of the iris that is used for identity verification is located between the black center part of the eye (pupil) and the white part of the eyeball (sclera).
Authentication by iris recognition involves extraction of a set of iris images of a given eye. They are then used to generate a final template (iris template) and iris data, in bits, are used in iris test by comparing all points with the template. A chance to match all points is least possible though an iris image belongs to the same person [11]. As a result, the determination of error rate between iris template and iris test for authentication is needed. An accuracy rate used for authentication by iris recognition is 60 percent or using statistical formulas for a comparison [12]. However, in the security aspect, the mentioned accuracy rate cannot be workable as a chance for error rate is quite high. Other experiments focused on Equal Error Rate (EER) value or threshold value of the intersection of FAR and FRR at the acceptance level of approximately 50 per cent, which is a good for usability but not secure [13]. In this paper, a threshold value by intersection of GAR and FRR will be determined. Consequently, this research paid attention to a threshold value from which an accuracy rate from a comparison of iris template and iris test can be acceptable for authentication in a suitable and secure manner. Contribution of this study is, therefore, to find a suitable threshold value for an iris-based authentication system. The efficiency of the authentication method using iris recognition can be measured and evaluated by using the followings. Firstly, the False Rejection Rate (FRR) is the proportion of authentic or correct iris that are incorrectly denied. Secondly, False Acceptation Rate (FAR) is the proportion of impostors or fake iris that are accepted by the biometric system. The Genuine Acceptance Rate (GAR) is defined as, GAR = 100 -FRR [14].
In order to measure and evaluate the efficiency and security as said above, a threshold value must be set. A too low threshold value may result in a verification of authentication containing a high value of Genuine Acceptance Rate (GAR) and a low value of False Rejection Rate (FRR), but a high value of False Acceptation Rate (FAR), high performance of usability but it is not secure. With a too high threshold value, it can result in a verification of authentication containing a low value of Genuine Acceptance Rate (GAR) and a high value of False Rejection Rate (FRR), and affects the incorrectness of the error rate for False Acceptation Rate (FAR) to be low accordingly. Though authentication with too high of threshold value can respond to the security aspect, the real application cannot be done as correct data can be filtered at the same time. Therefore, an analysis to find an appropriate threshold value should be concerned about real application with secure aspect [15].

BACKGROUND KNOWLEDGE AND RELATED WORK
This paper focuses on the finding of a suitable and secure threshold value for an iris authentication system. In order to acquire an understanding of this technique, related theories and researches including iris recognition system and Circle Hough Transform, and methods for finding threshold values will be explained in this section

Iris recognition system and circle hough transform
Authentication or identification process using iris recognition system is considered to be the most highly secured biometric technology. The efficiency of detection is based on pupil dilation and image acquisition to be used in the recognition process. Other factors include too low and too bright light that can lead to error in detection. Therefore, before using an eye image for test or recognition, a process to reduce an error of recognition should be done. For example, converting image colors to gray scale so as to eliminate a problem of iris color. An eye image is composed of pupil, iris, sclera, eyelashes, eyebrows and the top part of eye. However, a part that can be used for authentication is the black center part of the eye or iris which is located between pupil and the white part of the eyeball (sclera) [16,17] as seen in Figure 1.

Eye image acquisition
In this research, images used in iris recognition system are from CASIA Iris Image Database for Biometric Ideal Test [18]. The iris images were captured by a high resolution camera so both dual-eye iris and face patterns were included in the image which made them suitable in this research. Iris images of CASIA were captured with a self-developed close-up iris camera. The most compelling feature of the iris camera is that it has been designed with a circular Near-infrared (NIR LED) array, with suitable luminous flux for iris imaging. Because of this novel design, the iris camera can capture very clear iris images and well-suited for studying. The system allows the user to be anywhere from 1 to 3 feet (0.3 meters) away from the camera that locates the focus on the iris as seen in Figure 2.

Iris and pupil segmentation
The first step is to isolate the actual iris region in a digital eye image. The iris region can be approximated by two circles, one for the pupil/iris boundary and the other one for the iris/sclera boundary. Before detection of these boundaries, the edges of the eye image must be found from pixel intensity. From the edge image, the Circular Hough Transform can be used to detect the centers and radii of the two boundaries according to Daugman Algorithm as seen in Figure 3.
John Daugman proposed Daugman Algorithm, a major part of Iris Recognition System, for segmentation process [13], [14]. The algorithm can be written in a function form as, |. From the Function, ( , ) is a procedure to find pixel intensity ( , ) from eye images used in a test, denotes the radius of various circular regions with the center coordinates at ( 0 , 0 ), is the standard deviation of the Gaussian distribution, denotes a Gaussian filter of scale sigma ( ), ( 0 , 0 ) is the assumed centre coordinates of the iris, is the contour of the circle given by the parameters ( , 0 , 0 ), Pupil and limbus boundaries are expectation to maximize the contour integral derivative, where the intensity value over the circular borders would make a sudden change.
( ) is a smoothing function controlled by done by increasing the intensity of the captured image.

Circle hough transform
Circle Hough Transform (CHT) is a feature extraction technique for detecting circles such as eyes by locating circular objects from an input image. Although there are a number of algorithms functioning like Circle Hough Transform, it is more considerably used and effective when compared to others. The quality and color of the image are adjusted before implemented in CHT process. According to Daugman's algorithm, there were some researches relying on the process in detecting eye images for authentication [13,14] as seen in the (1).
The (1) is a smoothing function by a suitable size of σ from edge detection techniques for iris recognition system. Edge map is a selection procedure to increase a working efficiency of Circle Hough Transform in order to get more accurate shapes by considering the edge points, as described by the formula; ( , ), = 1,2, … . , , which can be written in the (2) and (3). , , , ), Where ℎ( , , , , ) = { 1 ( , , , , ) = 0; 0 ℎ .
An analysis of limbus and pupil which are both modeled as circles and the parametric Function can be defined in (4).
The center of the circle is ( , ) and Radius is , when an edge point is out of the circle, the function value is equal to 0 and the value of Function is equal to 1 whereas Function ℎ is a basic principle of Circle Hough Transform technique. Even though there are other algorithms proposed for the same purpose such as, but Circle Hough Transform is still deemed appropriate since the algorithm has also been used and applied in [18][19][20][21][22].

The removal of noise factors
In this research, a removal of noise factors that affect an accuracy of the iris recognition system such as upper eyelashes and lower eyelashes in an eye image as the both eyelashes were necessary since they could cause a high number of errors in detection [23] as seen in Figure 4.

Normalization process
It was found that an error in detection could be caused by iris inconsistence/ pupil dilation and light shining into the eyes during data collection as well as an unequal comparison such as a distance of image capture, camera rotation or camera angle, head tilt and eye rolling. Eye normalization process can increase significantly a difference in color level between the black and the white parts of the eye to reduce the error in the detect [24]- [30]. The normalization module uses eye image to transform the iris texture from cartesian to polar coordinates. The process, often called iris unwrapping, yields a rectangular entity. Figure 5 shows an iris image with detected pupillary and iris boundaries and the normalized region. As seen in Figure 5  The system extracted an eye image in a center area between the two circle contours, called the retina, including small black spots in the retina. The data was extracted and transformed into the binary iris by convolving encoding, i.e., bit 0 and bit 1 as seen in Figure 6 [31]. The algorithm for extracting [32] and generating the iris template is as follows.

Threshold value
Threshold value is a ranging comparison value of data from iris template and iris test. The comparison is done by bit difference at each point and position. The Genuine Acceptance Rate (GAR), False Rejection Rate (FRR) and False Acceptation Rate (FAR) values are also evaluated. Threshold Value has to be in suitable and safe range. If a range of threshold value is too high, it can affect the efficiency of authentication in terms of data filter or data collision of iris data while a correct data might be filtered out at the same time. However, if a range of threshold value is too low, it can result in high efficiency of recognition of correct iris data but increasing data collision of iris data accordingly.
Equal error rate (EER) is a biometric security system algorithm used to predetermine the threshold value for its False Acceptation Rate (FAR) and its False Rejection Rate (FRR). When the rates are equal, the common value is referred to as the equal error rate. The value indicates that the proportion of false acceptances is equal to the proportion of false rejections. The lower the equal error rate value, the higher the accuracy of the biometric system [33] as seen in the Figure 7.
In theory, the correct iris should always value higher than the impostors iris. A single threshold could then be used to separate the correct iris from the impostor's iris [34][35][36]. Figure 7 shows EER value/Threshold value of the intersection of FAR and FRR at the acceptance level of approximately 50 per cent, which is a good for usability but not secure. In this paper, a threshold value by intersection of GAR and FRR will be determined.

METHODOLOGY
This research used a data set of iris image database from the Chinese Academy of Sciences Institute of Automation (CASIA) which had a total of 22,500 iris images from 1,650 volunteers. All iris images were 8-bit gray-level .JPEG files captured with a circular Near-infrared camera (NIR LED). The iris localization was implemented using Circle Hough Transform technique prior to finding a suitable and secure threshold value. The experimental test was divided into two parts. The first was to use a set of iris images for identifying a threshold value. The second was to use the rest of the iris images to test the validity of the obtained threshold value.

Data set used to find threshold value
Data set used to find a threshold value contained eyes images from the CASIA V.4 database for Biometric testing. Within that, there was a group of CASIA-Iris-Group1 contained 4,000 iris images from 200 persons.

Data set used in threshold value testing
The data set that would be used to test the threshold value for the appropriateness contained two groups all of which were from the CASIA V.4 database. The first group of the test data was from the CASIA-Iris-Group3 database which contained iris images created from an algorithm to imitate real eyes. The second group was from the CASIA-Iris-Group2 database. The iris images in this database contained 900 iris images and were gathered from 450 volunteers who took their own images from mobile phone. There were 2,000 iris images in this database. This means that the image quality was not in perfect condition. However, it was decided that this group of images would reflect real-world application more. That was the reason that this database was included in the test dataset. These iris images were used to test the obtained threshold value in terms of accuracy and security. Since an error in authentication from iris recognition partly came from iris images used in a test with regards to brightness, high resolution, and a distance of being away from a camera, these factors were already taken into account when carrying out the test process.

Threshold value analysis
The analysis threshold value is proposed an overview are divided into two parts: finding a suitable determination and secure threshold value, and testing the threshold value.

Eye images dataset
The eye image datasets used in iris recognition system were from CASIA Iris Image Database V.4 for Biometric Ideal Test. The iris images in the CASIA Iris Image Database V.4 for Biometric Ideal Test were detected or located by the Circle Hough Transform method. The data was then encoded and transformed to create the binary value of the iris by using the algorithm stated in section 2.1.6.

Finding appropriate threshold value
Different ranges and numbers for the threshold values were examined in order to find the appropriate and secure value. The evaluation for the secure threshold value was done by comparing binary bits between the iris template and the iris test. In other words, the binary bits of the iris template and iris test were compared and tested, in both values and positions. Different threshold values were set for the analysis. They were >=50, >=55, >=60, >=65, >=70, >=75 and >= 80 per cent of all the binary bits. Each threshold value was evaluated using three criteria, namely Genuine Acceptance Rate (GAR), False Rejection Rate (FRR) and False Acceptation Rate (FAR). This was done to determine a suitable and secure threshold value. The process is depicted in Figure 8. The required threshold value should have a high GAR value, low FRR value and the lowest FAR value [35].
Algorithm for Finding the Suitable and Secure Threshold Value This section explains how a suitable and secure threshold value is determined. The algorithm begins with the comparison between the iris template and the iris test. The GAR, FRR and FAR are also determined using the algorithm below. Note that the threshold value in the algorithm is the value set as explained in the previous paragraph.
The comparison is done bit by bit from the first to the nth bit at each point to find the matching percentage. The GAR value is the percentage of the correct iris accepted by the threshold value. The FRR value is a percentage of the correct iris rejected by the threshold value. The FAR value is amount of impostor's irises accepted by the threshold value. Hence, it is necessary that this percentage is as small value as possible so that the impostor's irises are not accepted by the threshold value. The three values can be computed accordingly.

RESULTS AND DISCUSSION 4.1. Threshold value determination
The threshold value deemed appropriate and secure was found using the method explained in the previous section. In other words, the Circle Hough Transform technique was applied to both the iris templates and the iris test images for localization purposes. The comparisons between the templates and the test images were carried out, having set the values of the threshold. The results that were looked for were the number of the iris test images that passed the specified threshold. The values of GAR, FRR and FAR were obtained as shown Table 1.  Table 1 shows the comparison results in percentage when evaluating classifier performance of GAR, FRR, and FAR. The aim of this paper was to find a secure threshold value for an iris authentication system. That is, for security purposes, the process was carried out to find the value that gave a low FAR value. Moreover, in terms of correctness, the Acceptance Rate (GAR) value needed to be greater than False Rejection Rate (FRR) value. From Table 1 Table 1 were then plotted in Figure 9 in order to find a suitable and secure threshold value. Figure 9 displays three lines of graph. They are the GAR, FRR and FAR values for each of the specified threshold values. The graph showed that the values of GAR and FAR tended to decrease as the threshold value increased. However, the values of FRR went in the opposite direction. In other words, the FRR values increased as the threshold value increased. In reality, a suitable threshold value would be the one that holds a high value of GAR and a low value of FAR. However, it would be difficult to determine an exact value from Table 1. It was, therefore, necessary to include the FRR line into the graph to assist in the determining of the threshold value. The analysis of threshold ranged with the two-point equation was implemented. In this paper, a threshold value by intersection of GAR and FRR will be determined. Figure 9 shows that the interceptions occurred at two positions. The first was where the FAR line crossed with the FRR line. The second was where the GAR line crossed with the FRR line. The point of interest for the sake of this paper was the intersection of the GAR and FRR lines. This point specified the suitable and secure threshold value because the GAR value was higher than FRR value. At the same time, the FAR value or the false acceptance rate was approximately 10 per cent of all the images, which could be considered suitable and secure [17]. Furthermore, calculated by the two-point equation, the intersection of interest occurred at the threshold value of approximately 72.9246. Our obtained threshold value is higher that those claimed by [13] and [12] whose values are 50 and 60, respectively. Our value would be tested further in the next section.

Testing the obtained threshold value
The obtained threshold value of 72.9246 per cent of all the available bits was tested for correctness using other data sets as each data set contained different properties according to a condition of data collection. The data sets involved in the test were from two groups of the CASIA V.4 database -CASIA-Iris-Group2 and CASIA-Iris-Group3. From Table 2, the obtained threshold value of 72.9246 was tested against the CASIA-Iris-Group2 database. It was found that 78.00 per cent of the iris test images resulted in acceptance rate (GAR), 22.00 per cent resulted in false rejection rate (FRR), and none fell in the false acceptance rate (FAR) category. This, therefore, can be considered a suitable and safe thresholssd value.
For the CASIA-Iris-Group3 database, it was found that 77.00 percent of all the images resulted in GAR, 23.00 percent of the images resulted in FRR and only 2.00 percent of all the iris images resulted in FAR. Therefore, it can be claimed that the threshold value of 72.9246 is secure since there was no permissible error detected at all.
From the tests on the two databases, it was found that at the threshold value of 72.9246, the average GAR value was 77.50 per cent, the average FRR value was 22.50 per cent and the average FAR value was 1 per cent. It can be seen that the values represent a very small error when compared with other researches such as that of Khan et al. [37] whose false acceptance rate or FAR value was approximately 23 percent.

CONCLUSION
An iris authentication system needs a threshold value to analyze an accuracy or rejection of iris images. If the determined threshold value is too high, the error rate of rejecting the genuine iris image can occur. On the other hand, if the determined threshold value was too low, it will result in the error rate of accuracy of incorrect iris images. This research was conducted based on the interest of finding a suitable and secure threshold value on an iris authentication system, with Circle Hough Transform technique used for the localization of the iris. The experimental test of threshold range modeling from the data set of CASIA V.4 iris image database in a group of CASIA-Iris-Group1 revealed that the suitable threshold value was having 72.9246 per cent of the correct bits when compared the iris template with the test iris image. This value of threshold was claimed to be suitable and secure because it provided a higher value of GAR than FRR, while the FAR value was low.
When the obtained threshold value was tested with other data set such as CASIA iris image database version 4.0 in a group of CASIA-Iris-Group2, a total iris images from 1,000 persons, the result revealed that GAR value was 78.00 per cent, FRR value was 22.00 per cent, and FAR value was 0.00 per cent. When tested with the data set of CASIA iris image database version 4.0 in a group of CASIA-Iris-Group3, a total of iris images from 450 persons, it was found that GAR value was 77.00 per cent, FRR value was 23.00 per cent, and FAR value was 2.00 per cent. Therefore, the threshold value at 72.9246 is considered to be the suitable and secure range to be applied for a high security level of authentication method.