KR20210091560A - Verification method and device using EEG and ECG - Google Patents

Abstract

Provided, in the present invention, is a personal authentication device comprising: at least one of an electroencephalogram meter for measuring electrical signals generated in the brain and an electrocardiogram meter for measuring electrical signals generated from the heart; a feature extraction part that extracts features from a signal waveform outputted from the electroencephalogram meter and the electrocardiogram meter, and converts thereof to digital if necessary; a registration part that stores and registers the extracted features in association with the user information; a comparison part that compares at least one of the electrocardiogram and electroencephalogram features of the authentication requester with the features stored by the registration part; and an authentication processing part that determines whether or not to authenticate according to a comparison result of the comparison part, and proceeds with a follow-up action. Therefore, the present invention is capable of allowing self-authentication using biometric information that cannot be forged or altered.

Description

Identity authentication method and device using electroencephalogram (EEG) and electrocardiogram (ECG) {Verification method and device using EEG and ECG}

The present invention relates to identity authentication, and more particularly, to a method and apparatus for identity authentication using biometric information.

Identity authentication using biometric information is very convenient for users because there is no need to memorize passwords, and because authentication is based on one's natural characteristics, there is no objection in emotional aspects, so it is a field that is rapidly being researched and commercialized. . For example, currently commercial products that perform identity authentication in various ways such as fingerprint recognition, iris recognition, and face recognition are being released one after another.

However, such a conventional biometric recognition method is a new technology in itself, but in that it basically uses static information, duplication and forgery are possible, thereby exposing a security problem. In particular, fingerprint and facial recognition have a problem in that even ordinary people can easily deceive the recognition device to obtain third-party authentication.

On the other hand, recently, examples of collecting and managing biometric information such as ECG and pulse using wearable devices such as smartphones or smart watches are increasing. Since it is difficult to manage the information contained therein, there is a limit in that it is impossible to manage personal health by using the collected bio-signals.

Nevertheless, due to the high user convenience, the biometric information authentication method is rapidly and widely adopted in each field such as finance and security, which can be a dangerous situation like walking through a minefield with an unexploded bomb.

Therefore, there is an urgent need for an authentication method and device for using biometric information that is fundamentally impossible to forge or falsify while satisfying all authentication requirements such as universality and uniqueness in order to prevent accidental damage to individuals or institutions.

It is an object of the present invention to provide a method and apparatus for authentication using biometric information that cannot be forged or tampered by using an electroencephalogram (EEG) and/or an electrocardiogram (ECG) waveform that cannot be forged or tampered with.

Another object of the present invention is to provide a method and apparatus capable of checking and managing health conditions such as early detection of dementia or heart disease using electroencephalogram and/or electrocardiogram.

In order to solve the above problems, the personal authentication method according to the present invention includes the steps of measuring a steady-state visual evoked potential (SSVEP) and a steady-state auditory evoked potential (ASSR) through an electroencephalogram (EEG), and the SSVEP and ASSR Extracting a feature that can identify an individual as a combination value of a response pattern and a frequency of occurrence, and storing and registering the feature by associating it with measurement target information when the feature is extracted, and after the registration step, a person requesting authentication If there is, the steps of measuring the SSVEP and ASSR of the authentication requestor and extracting features in the same manner as at the time of registration, comparing the characteristics of the authentication requester with one or more features stored at the time of registration, and performing authentication if there is a matching stored feature , and returning back to the measurement step if they do not match.

In the step of removing the common noise component introduced at the time of EEG measurement by applying the common average standard derivation method to the original signal of EEG measured in the preprocessing process before the feature extraction step, and if the number of discrepancies is more than a predetermined number, it is regarded as an intruder and security It may further include initiating the procedure.

According to another aspect of the present invention, the step of detecting P, Q, R, S, T waveforms through an electrocardiogram (ECG), and digital conversion values for the complex wave (QRS wave) of the Q, R, and S waves Obtaining, storing and registering the digital conversion value of the QRS wave associating it with measurement target information, and after the registration step, if there is a person requesting authentication, based on the ECG result of the authentication requester, conduct an electrocardiogram in the same manner as at the time of registration Personal authentication comprising the steps of digitally converting a measurement result and comparing it with one or more digital conversion values stored in the registration step, authenticating if there is a matching stored digital conversion value, and returning to the measurement step if it does not match A method is provided.

A change value for a specific period of the heart rate may be obtained and further stored, and authentication may be performed by comparing the digital conversion value of the QRS wave with the change value.

According to another aspect of the present invention, at least one of an electroencephalograph for measuring an electrical signal generated in the brain and an electrocardiogram for measuring an electrical signal generated from the heart, and a signal waveform output from the electroencephalograph and the electrocardiometer Comparison of a feature extraction unit that extracts and digitally converts when necessary, a registration unit that stores and registers the extracted characteristics in association with user information, and at least one of the ECG and EEG characteristics of the authentication requester and the characteristics stored by the registration unit There is provided a personal authentication device including a unit and an authentication processing unit that determines whether to authenticate according to the comparison result of the comparison unit and proceeds with a follow-up action.

In addition, health consisting of the above-described personal authentication device implemented in the form of a wearable device, and a remote health management server that continuously receives at least one of an electroencephalogram signal and an electrocardiogram signal measured from the personal authentication device and monitors the user's health status A management system is provided.

According to the present invention, by using dynamic biometric information such as an electroencephalogram and/or an electrocardiogram, it is possible to authenticate a person using biometric information that cannot be forged or altered.

In addition, it is possible to check and manage the health status using the electroencephalogram and electrocardiogram, and to transmit and receive the measured result through real-time Internet of Medical Thing.

1 is a flowchart illustrating a procedure of a personal authentication method using an electroencephalogram according to the present invention.
Figure 2 is a view showing each electrical signal waveform measured by the electrocardiometer.
3 is a graph illustrating a change trend of a QRS wave among cardiac electrical signals.
4 is an exemplary diagram illustrating the result of digital conversion of P, Q, R, S, T, and QRS waves output by the electrocardiograph.
5 is a flowchart illustrating a procedure of a personal authentication method using an electrocardiogram according to the present invention.
6 is a diagram illustrating a specific interval on an electrocardiogram waveform;
7 is a block diagram of a personal authentication device according to the present invention.

Objects and effects of the present invention are not limited to those mentioned above, and additional objects and effects, and technical configurations for achieving them, will become clear with reference to the embodiments described below in detail in conjunction with the accompanying drawings.

In describing the present invention, if it is determined that a detailed description of a well-known function or configuration may unnecessarily obscure the gist of the present invention, the detailed description thereof will be omitted. In addition, the present invention is not limited to the embodiments disclosed below, but may be implemented in various different forms. Each of the following examples are provided so that the disclosure of the present invention is complete, and to completely inform those of ordinary skill in the art to which the present invention belongs, the scope of the invention, and it is intended to limit the scope of the present invention no.

Throughout the specification, when a part "includes" or "includes" a certain element, it means that other elements may be further included, rather than excluding other elements, unless otherwise stated. . In addition, terms such as "...unit", "...device", "...device", "...unit" or "...module" described in the specification refer to at least one function or operation. It means a processing unit, which may be implemented as hardware or software or a combination of hardware and software.

On the other hand, in each embodiment of the present invention, each component, functional blocks or means may be composed of one or more sub-components, and the electrical, electronic, mechanical, and logical functions performed by each component are An electronic circuit, an integrated circuit, an ASIC (Application Specific Integrated Circuit), etc. may be implemented as various well-known elements, programs, or mechanical elements, and may be implemented separately or two or more may be integrated into one.

The basic technical idea of the present invention is to identify and authenticate a user in real time by using an EEG sensor and an electrocardiogram sensor, and to monitor variously different states of the brain and heart for each individual. That is, the electroencephalogram and electrocardiogram waveforms provide information that can understand the state of the human brain and heart, while each individual has unique characteristics and can be used for personal identification, and unlike correction information such as fingerprints or iris, Since it is time-varying dynamic information, it cannot be forged or tampered with.

The key is which waveform of the electroencephalogram and electrocardiogram is used in order to secure a high level of reliability to be recognized as an authentication method, which will be described in detail with reference to a preferred embodiment of the present invention.

[EEG identification and measurement]

Steady-state visual evoked potential (SSVEP) and auditory steady-state response (ASSR) from event-related potential (ERP) measured through electroencephalography (EEG) is measured (S110), and a personal identification recognition value is calculated using this.

That is, the brain waves for the visual and auditory responses are measured through a two-channel EEG measurement device to derive a numerical value for identity authentication. Specifically, the combination value of the brain response pattern and the frequency of occurrence according to the visual and auditory responses. to extract a feature that can identify an individual (S120).

It is desirable to remove the common noise component introduced at the time of EEG measurement by applying a common average reference (CAR) to the raw data of the EEG measured in the preprocessing process before feature extraction.

When the feature is extracted, it is registered (stored) in association with the measurement target information (name, resident registration number, mobile phone number, etc.) (S130).

After the registration procedure, if there is a person requesting authentication, the SSVEP and ASSR of the authentication requestor are measured to extract features in the same manner as in registration (S140), and compare them with one or more features stored during registration (S150).

If there is a matching storage feature, authentication is performed (S160), and if not, it returns to the measurement and feature extraction step (S140). If the number of discrepancies is more than a predetermined number (eg, three or more), it is better to consider an intruder and initiate a security procedure such as notifying the police or a security company or initiating an internal warning procedure (S180).

On the other hand, the EEG of a normal person, the EEG of a patient with mild cognitive impairment (MCI), and an EEG of a patient with dementia (AD) are each distinguished. In particular, since SSVEP and ASSR are also different, it can be configured to determine MCI and AD signs each time during the authentication process, and notify the authentication requester, medical institution, and/or administrator when anomalies are detected.

For example, if the authentication procedure for passing the door is performed every day at work, each authentication requester receives an EEG examination every day, which has the effect of being able to receive an early judgment on the possibility of MCI and AD.

[Electrocardiogram identity authentication and measurement]

ECG-based authentication uses dynamic bio-signals, and unlike authentication methods (fingerprints, iris, etc.) using static bio-signals, it cannot be duplicated or forged.

In addition, the sensor for measuring the electrocardiogram is small in size, so it can be made into a portable wearable device and can be authenticated anytime, anywhere, so the user convenience is high and the device implementation cost is low compared to the above-mentioned EEG authentication method.

Unlike general static biometric information (fingerprint, iris, vein, etc.), biometric recognition using electrocardiogram, which is dynamic biometric information, has a characteristic that the signal continuously changes.

The heart, which is the basis of the electrocardiogram signal, exists inside the body and is very difficult to cut. The electrocardiogram signal is a dynamic biosignal and has very strong characteristics against duplication and forgery as opposed to a static biosignal.

The electrical activation phase of the heart is largely divided into atrial depolarization, ventricular depolarization, and ventricular repolarization phases, and these phases are reflected in the form of waves called P, QRS, and T waves.

In particular, the Q, R, and S waveforms are the waveforms that change the most and are suitable for extracting digital ECG codes, and the QRS complex is unique and constant for each person.

The QRS complex is suitable for use in the authentication process because no significant change in the size of the QRS vector is observed before, after, or during emotional ups and downs (see Fig. 3). In addition, QRS Complex can be used as authentication data even in an arrhythmia condition with only a little normalization because only a difference in the frequency of occurrence and a minute difference in time occur in various arrhythmia situations.

For the PQRST waveform, the electrical activity of the heart can be considered normal when it has a standard shape by examining whether the duration of each wave, the interval between each wave, the amplitude of each wave, and the kurtosis are within the standard range.

The authentication technology using biosignals has convenience and high security compared to the existing authentication technology, but it must satisfy certain requirements for use, and the electrocardiogram (ECG) satisfies all seven requirements.

- Universality: universally possessed by all subjects

- Uniqueness: distinct characteristics of each individual

- Persistence: The generated characteristic point persists its characteristic.

- Collectability: Ease of acquiring feature points

- Performance: Excellence in personal identification and recognition

- Acceptance: There should be no objection to the biometric subject

- Difficulty of forgery or falsification: Impossible to forge or falsify

In particular, in the present invention, it is used for user authentication through digital code extraction of ECG rather than an analog waveform of ECG signal used by ECG biometrics.

By digital conversion of ECG signal, it is possible to improve security for self-authentication through higher precision than analog method.

Specific examples of digital conversion are as follows.

As shown in FIG. 4 , an inflection point that becomes a feature point when recognized through ECG is extracted, digitized with a polynomial coefficient, and digital data of the ECG is precisely extracted and used for biometric authentication. 4 is an example of automated extraction of digital ECG codes based on MATLAB open source.

Based on the above description, an electrocardiogram biometric authentication method according to a preferred embodiment of the present invention will be described below with reference to FIG. 5 .

P, Q, R, S, and T waveforms are detected through an electrocardiogram (ECG) (S210).

This is digitally converted, but not only the digital conversion values of P, Q, R, S, and T waves, but also separately obtain digital conversion values for QRS waves (S220).

When the digital conversion value is obtained, it is registered (stored) in association with the measurement target information (name, resident registration number, mobile phone number, etc.) (S230).

After this registration procedure, if there is a person requesting authentication, digital conversion is performed in the same manner as during registration based on the ECG result of the authentication requester (S240), and this is compared with one or more digital conversion values stored during registration (S250).

If there is a matching stored digital conversion value, authentication is performed (S260), and if not, it returns to the measurement and digital conversion step (S240). If the number of discrepancies is more than a predetermined number (eg, three or more), it is better to consider an intruder and initiate a security procedure such as notifying the police or security company or initiating an internal warning procedure (S280).

The comparison of the digital conversion value is based on the comparison of the QRS wave conversion value with less variation as described above.

In addition, it is good to prepare P, Q, R, S, and T wave conversion values together. However, since P wave and T wave may change depending on emotional or physical state, it is desirable to proceed with the authentication process taking this into account. . For example, if the QRS wave converted value is in the same category as the registered value, but the P wave and/or T wave converted values do not match, it is better to try authentication again after a predetermined time (for example, 1 minute) has elapsed.

For example, in the case of the first authentication attempt, the QRS wave conversion value falls into the same category, but when the P wave and T wave conversion values do not match, immediately after exercise or in a state of great emotional ups and downs. At this time, when the second authentication procedure is performed after a predetermined time (eg, 1 minute) has elapsed, the QRS wave conversion value continues to fall into the same category as the registered conversion value, and if the P wave and T wave fall into the same category, the It can be regarded as having found stability and certified as a registrant.

If the P wave and T wave continue to be inconsistent even after a sufficient time has elapsed, it is considered that authentication has failed and it is desirable to initiate the security procedure.

Meanwhile, the P-wave and T-wave variability may be utilized to increase authentication reliability. If other factors such as electroencephalogram are detected together in a multi-modal method, the emotional state or physical state is confirmed or inferred from them, and the authentication is performed only when the emotional state or body state identified or inferred from the change of the P wave and T wave coincides. , the certification process will be carried out with more stringent standards. For confirmation or inference of emotional state/physical state, facial imaging or detection of heart rate and respiration volume may be included in addition to electroencephalography.

In addition, other methods such as electroencephalography and electrocardiogram methods are used in parallel, but each method checks or infers emotional state/physical state more than twice over time and compares them with each other to further increase the authentication reliability. can be used for catalogs.

For example, assuming that the emotional state is intense or the physical state is immediately after exercise during the first authentication of the authentication requester and is stable during the secondary authentication, the emotional state confirmed or inferred from the P wave/T wave and/or The authentication reliability is increased by checking whether the physical state and the emotional state/physical state confirmed or inferred from other methods (facial imaging, electroencephalogram, heart rate, respiration rate) belong to the same category at the time of the first and second authentications. can be raised

As another embodiment, in addition to the QRS wave combination value of the electrocardiogram, personal identification and authentication may be performed by adding a change value for a specific heart rate cycle (P-R interval, QRS interval, and S-T interval in FIG. 6 ). Since the heart rate P-R interval, QRS interval, and S-T interval also have the same characteristics as the QRS wave, they can be used for personal identification and authentication, and when used together with the digital conversion value of the QRS wave, authentication reliability can be further increased.

The ECG user authentication technology according to the present invention can be expanded to various authentication technologies such as fintech and smart key in addition to access control, and unlike other biosignals, it is also significant in that it can be extended to the wellness and healthcare fields. there is.

In the collection and management of bio-signals, mobile devices such as smartphones or wearable devices such as smart watches are often used for ease of use. Since it is difficult to manage information, there is a limit in that it is impossible to manage personal health by using the collected bio-signals.

In order to solve this problem, it is necessary to verify the user's identity through a mobile device or a wearable device. The ECG use authentication method according to the present invention requires a biosignal-based identity authentication function that can be used in a digital healthcare environment.

According to the present invention, if an electroencephalogram and/or an electrocardiogram is measured when collecting biometric information for checking health status, the measurement device simultaneously with the biometric measurement or a medical institution server that receives the transmitted biometric information measurement data uses the measurement data Since identification and authentication are possible, users do not necessarily use their own device, and no matter what measuring device they use, they do not need to enter additional identification/authentication information (name, resident registration number, etc.) to manage personal biometric data accurately and conveniently. can do.

In addition, by analyzing patterns of visual and auditory responses using EEG results using machine learning techniques, dementia diseases that are different for each individual can be detected at an early stage. It can detect the prognosis or signs of heart disease and report it immediately to users, families, related institutions, and medical institutions.

The authentication device using electroencephalogram / electrocardiogram according to the present invention can be implemented as a wearable device such as a smart watch or a band, and performs identity authentication by using biometric signals (brain waves, electrocardiogram, etc.) that can identify an individual user, and dementia For early diagnosis and heart disease management, measured results can be transmitted and received through real-time Internet of Medical Thing.

Hereinafter, an apparatus for personal identification and authentication using an electroencephalogram and/or an electrocardiogram according to the present invention will be described with reference to FIG. 7 .

The authentication device according to the present invention includes at least one of an electroencephalograph 110 for measuring an electrical signal generated in the brain and an electrocardiogram 120 for measuring an electrical signal generated from the heart, and an electroencephalogram 110 and/or The feature extraction unit 130 for extracting features from the signal waveform output from the electrocardiogram 120 and digital conversion if necessary, the registration unit 140 for storing and registering the extracted features in association with user information, and the authentication requester The comparison unit 150 that compares the ECG and/or EEG characteristics with the stored characteristics, the authentication processing unit 160 that determines whether to authenticate according to the comparison result of the comparison unit and proceeds with follow-up measures, and an alarm when a non-registrant requests authentication and a notification unit 170 that generates

The electroencephalogram 110 measures a steady-state visual evoked potential (SSVEP) and an auditory steady-state response (ASSR), and the electrocardiometer 120 measures the heartbeat Measure P, Q, R, S, T waves.

The feature extraction unit 130 extracts a feature that can identify an individual from the output signal of the electroencephalogram 110 as a combination value of a brain response pattern and a frequency of occurrence according to visual and auditory responses. In addition, P, QRS, and T waves are digitally converted from the output signal of the electrocardiogram 120 .

The registration unit 140 stores and registers features extracted from brain waves and/or digital conversion values in association with other user information.

The comparison unit 150 compares the feature value or digital conversion value obtained from the electroencephalogram and/or electrocardiogram measurement result of the authentication requester with pre-stored values.

The authentication processing unit 160 performs authentication if the matching result is matched, and does not authenticate if not matched and proceeds with a predetermined procedure for non-registrants.

The notification unit 170 is configured to notify an administrator, a security organization, or the like through a wired/wireless communication network when it is confirmed as an authentication attempt by a non-registrant.

In addition, as another embodiment of the present invention, the above-described authentication device in the form of a portable device or wearable device that has an electroencephalogram and/or electrocardiogram function and is easily attached to or carried on the user's body, and a remote authentication server and/or health management server It is possible to establish an authentication and/or health management system consisting of

The health management server continuously receives at least one of the electroencephalogram signal and the electrocardiogram signal measured from the personal authentication device, and monitors the user's health status. At the same time, personal identification and authentication can be performed based on individual biosignals.

The configuration of the present invention has been described in detail with reference to several preferred embodiments, but these are only examples for helping understanding, and the protection scope of the present invention is not limited to the configuration of each embodiment. It goes without saying that various modifications and variations of the above-described embodiments are possible within the scope of the technical spirit of the present invention.

Accordingly, the protection scope of the present invention should be defined by the description of the following claims.

Claims (10)

Measuring a steady-state visual evoked potential (SSVEP) and a steady-state auditory evoked potential (ASSR) through an electroencephalogram (EEG);
extracting a characteristic that can identify an individual by a combination value of the SSVEP and ASSR response patterns and frequency of occurrence;
When the feature is extracted, storing and registering it associating it with the measurement target information;
After the registration step, if there is a person requesting authentication, measuring the SSVEP and ASSR of the authentication requester and extracting features in the same manner as at the time of registration;
comparing the characteristics of the authentication requester with one or more characteristics stored at the time of registration;
If there is a matching storage feature, authentication is performed, and if not, it returns to the measurement step.
A personal authentication method comprising a. The method of claim 1, further comprising: removing a common noise component introduced at the time of EEG measurement by applying a common average reference derivation method to the original EEG signal measured in the preprocessing process before the feature extraction step. The personal authentication method according to claim 1, further comprising, if the number of discrepancies is greater than or equal to a predetermined number, the method further comprises the step of initiating a security procedure as an intruder. Detecting P, Q, R, S, T waveforms through an electrocardiogram (ECG);
obtaining a digital conversion value for the complex wave (QRS wave) of the Q, R, and S waves;
storing and registering the digital conversion value of the QRS wave in association with measurement target information;
After the registration step, if there is a person requesting authentication, digitally converting the ECG measurement result in the same manner as at the time of registration based on the ECG result of the authentication requester, and comparing it with one or more digital conversion values stored in the registration step;
Authenticate if there is a matching stored digital conversion value, and return to the measurement step if not.
A personal authentication method comprising a. According to claim 4, further comprising the step of obtaining a change value for a specific period of the heart rate,
The registering step is to further store the change value,
The preparing step is to compare the digital conversion value and the change value of the QRS wave together.
A personal authentication method. 5. The method of claim 4, wherein the preparing comprises additionally comparing the digital conversion values of the P wave and the T wave,
As a result of comparison, if the QRS digital conversion value belongs to the same category, but the digital conversion values of the P wave and T wave do not match, the digital conversion value of the QRS wave and the P wave and T wave are generated again after a predetermined time has elapsed Contrast with stored corresponding conversion values
A personal authentication method further comprising a. At least one of an electroencephalogram for measuring electrical signals generated in the brain and an electrocardiometer for measuring electrical signals generated from the heart;
a feature extraction unit for extracting features from the signal waveforms output from the electroencephalogram 110 and the electrocardiogram 120 and digitally converting if necessary;
a register for storing and registering the extracted features in association with user information;
A comparison unit for comparing at least one of the electrocardiogram and electroencephalogram characteristics of the authentication requester with the characteristics stored by the registration unit;
An authentication processing unit that determines whether to authenticate according to the comparison result of the comparison unit and proceeds with a follow-up action
A personal authentication device comprising a. 8. The method of claim 7,
The electroencephalograph measures the steady-state visual evoked potential and the steady-state auditory evoked potential, and the electrocardiometer measures P, Q, R, S, T waves according to the heartbeat. 8. The method of claim 7,
A personal authentication device further comprising a notification unit that generates an alarm when a non-registrant requests authentication. The personal authentication device according to any one of claims 7 to 9, comprising: a personal authentication device implemented in the form of a wearable device;
A remote health management server that continuously receives at least one of the EEG signal and the ECG signal measured from the personal authentication device and monitors the user's health condition
A health care system comprising a.

Images