| Summary: | Online exam user authentication is a critical security issue. The traditional techniques
of authentication that usually rely on object-based methods (such as token, smart card,
ATM card) and knowledge-based methods (such as secret password, challenge
questions) suffered a lot of drawbacks such as' stealing, forgetting, forgery, and
impersonation. These drawbacks pose a lot of problems to the online exams, which
leads to the use of biometrics, steganography and cryptography techniques. This
thesis adopt the three techniques named multi-layer approach to the security
framework for online exam authentication in National Open University of Nigeria
using a combination of Discrete Wavelet Transform and Least Significant Bit. The
DWT was applied for all colors layers (Red, Green, and Blue) separately for both
cover and secret image with different levels; 1 - level for the secret im age and 3 -
level for cover image where encrypted coefficients of sub bands of the secret image are
embedded in the corresponding subbands of the Cover linage. The least Significant is
applied in two stages. The first stage is to choose the best cover image that will be
used to conceal the secret image, while the second stage is to choose the best
embedding threshold that will be used to determine the embedding locations in both
embedding and extraction phases. The whole examination process can be divided into
two phases namely student registration and student login. During registration, the
student will be asked for name, fingerprint image, and email address. In return, the
student will be given an exam TD, Personal Authentication Number (PAN), a secret
key and his fingerprint image. The server makes use of Least Significant Bit (LSB)
technique to form a signature (Stego-image) for each student by embedding the PAN
(secret message) into the fingerprint linage (cover-image) and have it stored into the
database. On the examination day, the examinee sits in front of an internet-enabled
computer, enters the exam ID into the university site followed by request for his
fingerprint image which was exchanged during the registration and saved into the
USB device, the secret key and the PAN via a series of request and response
messages. These three items will be compared to that stored in the database.
Respectively, if they are identical, the examinee is authenticated and allowed to
proceed to the examination. The results obtained from the experimentation shows that
a Peak Signal to Noise Ratio (PSNR) ranges from 66.21dB - 68.10dB, Mean Square
Error (MSE) of 0.60023 - 0.70147 and Normalized Cross - Correlation (NCC) of
0.9752 - 0.9935 for the Improved Least Significant Bit. These values give a good
quality of the Stego-image, and hence the embedded secret message is difficult to be
detected by attackers. Moreover, the multi-layer nature of the framework's security
which combined the secret key, PAN and fingerprint image make the system secure
and difficult to be tempered by any intruders. Hence, the proposed method guarantees
the security of online examination procedures against a variety of fraudulent conducts.
|
|---|