A proposed Iris Recognition Model for Authentication in Mobile Exams

—Mobile learning is an extended version of e-learning. The revolution of handheld devises had encouraged to design courses to be compatible with different mobiles versions, brands and platforms. Mobile exams need more attention to strengthen mobile learning certificates. A major issue with mobile exam is student authentication and identification before and during exam session. With no presence of proctor, more techniques are available to ensure student identification. In this paper, we proposed a model that uses a tradition user name and password in addition to the biometric iris recognition technique to verify student identity before and during mobile exam.


Introduction
Wireless technology refers to a global communication without cables nor wires. Handheld devices such as phone mobiles and tablets… are depending on Wireless technology to connect, transmit, and share files and documents. The increased use of handheld devices, tablet computer notebook and digital reader in learning had encouraged the use of a new learning phenomenon called mobile learning. Mobile learning gives students the ability to study anywhere and anytime [14] [11]. Mobile learning is an attractive way in learning [5].
One of the most important phases in learning is assessment or exam. According to [32] the most important point in teaching is exam; it is the phase that evaluate what student learn during a certain course [9].
Today, computer based exam known as online exam and e-exam is the process of achieving the exam or test through a personal computer or a laptop. Meanwhile, Mobile exam or m-exam is the process of achieving the exam through mobile devices or hand held devices [22]. The biggest issue with online exam or mobile exam is security and increased cheating levels [39]. [34] Showed that cheating in e-exam had increased compared with the traditional exam since a student achieves the exam without the presence of a proctor. The most important challenge in mobile exam is impersonation [37]. The risk of authentication before and during exam is a problem with online exam [3].
Many methods and techniques are used to reduce and prevent cheating levels in eexams and m-exams. Such traditional methods are the use of username/password, and/or the use of a card or badges. Other techniques depend upon biometric features which depend on unique features or characteristics owned by individual and differ them from the other, like finger print, face recognitions, DNA, Palm hand…etc., these features are distinctive and measurable [6] [23].
In this paper, we will consider Iris recognition as a biometric technology to help identify students while using handheld devices. Iris is a flexible and colored tissue that controls the pupil [40].Iris recognition is the process of capturing iris image and save the extracted data, and then compare data with previous saved data to verify the student identity. Mathematical analysis is performed to distinguish between peoples [40].
This research proposed a model that use biometric iris recognition method alongside with traditional method to login to mobile exam in mobile learning. The proposed model is applied during exam by capturing iris image randomly during exam, which help to increase authentication of student who conduct the exam. The proposed framework aims to prevent the impersonation of students and cheating in mobile exams. This paper is structured as follows: A review of mobile learning is introduced in section 2. A preview of related work is in section 3. Section 4 represent the iris recognition technique. The proposed model and discussion are introduced in section 5 and section 6 respectively. And finally, conclusion and future work in section 7.

Mobile Learning
Mobile learning is being deployed in many higher education institutions as a result of the evolution of wireless technology and handheld devises [8]. The success of mobile learning is determined by the availability of technology and support for students and instructor. This support is divided into: software, hardware and training. As well as the Integration and ownership of the technology [27]. [11] Encouraged the use of mobile learning since mobiles are always available with young people, affordable prices, and ease of use. However, they also mentioned the drawback of the small size of screen, limited storage, battery problem and the problem of using 3G and 4G when moving graphic elements.
A successful mobile learning program requires the availability of many features and requirements. [14] Defined important features that must be within mobile learning which are: flexibility, timely, virtual and trans-time-space, popularization and personalization, interactivity and universality. Technical characteristics like accessibility and portability, and pedagogical characteristics are important to maintain the use of such learning [18].
The quality of mobile learning outcomes depends on the assessment phase. Assessment is important to ensure student completed successfully all of course objectives and he/she deserve the certificate. In order to accept mobile learning, the exam must be accomplished with strong authentication method before and during exam. This is important to accept the given certificate or degree [36].
In mobile learning, security and authentication are one of the most important challenges that need to be highlighted. Other challenges include: security and privacy, copy right, protect data stored in mobile and content filtering [17].

Related Work
In online exam, cheating is incredibly increased compared to traditional classroom. A study conducted by [24] showed that teachers believes that number of students cheating in online exam are greater than in paper exam, because of no presence of proctor.
Many threats and dishonest behaviors were found in online exams that are similar in traditional exam. [28] Reviewed several cheating behaviors that appear during exams. The most important threat is student authentication before and during the exam. Authentication is one of most important goals in security [3]. The authentication process is usually happened before conducting the exam, though, the exam is not supervised by proctor. Therefore, the mobile device could be given to someone else during the exam. Another threats may occur that user name and password are given to others to answer the exam, or after logging in someone else answer the exam.
Authentication and verification methods are divided into two types: traditional authentication and biometric authentication. Traditional authentication is either a knowledge-based techniques or object based. The knowledge based that are frequently used is the use of username and password while object-based authentication is the use of what you have like cards, keys, Badges ...etc. Using traditional authentication method user name and password only in online exam increase attack and security problem [30].
Biometric authentication uses a human physical or behavioral feature to authenticate and verify use. A unique feature is different from one person to another; no one can have except you, this feature is considered as a vector [2] [30]. Physical features include: face recognition, iris recognition, finger print recognition, hand vascular, palm print, hand or ear geometry recognition. Behavioral features include gait recognition, voice recognition, keystroke or signature.
The use of some biometric authentication requires special hardware and software. Therefore, not all these biometric techniques are applicable for mobiles [10]. Behavioral type of biometric is more difficult and need accurate logging records of user behavior [2]. [31] Proposed a model for online exam to enhance security, which facilitate the effective online exam by decreasing security risk and cheating.
Many researchers worked with biometric techniques to improve security in online exams and mobile exams. [21] Proposed an approach that prevents unethical access to e-learning environment using finger print feature. While [20] proposed the use of QR reader to increase security in mobile exam as well as a good distribution random question. [3] proposed a model for online exam security and authentication risk. They suggested the use of multi biometric authentication. The model was updated by [34] by supplement it with cryptography within the electronic monitoring system. [36] Proposed a model applied in mobile and online exam with two biometric methods first apply face recognition then keystroke dynamic in addition to the traditional authentication method. While [26] used keystroke behavioral biometrics method to accept student login in online exam. [30] Supposed two layers to authenticate student to login and track student during online exam. They used biometric authentication and knowledge based authentication. [28] Proposed two biometric techniques for student authentication in handheld devices before exam login by first using fingerprint and during the exam by image similarity.
A proposed model for mobile exam which is integrated with Moodle learning management system is proposed by [15]. The proposed model enhanced security through several points. They suggested to provide random questions distributions, stop "unattended exam", use biometric authentication to prevent impersonation, prevent student change their device during exam, help to facilitate exam security in online or offline Mobile Exam System (MES) application is designed by [25]. MES is supported by IOS and Android, students reacted positively with this system. Another mobile exam system was designed by [38] called Mobi-exam. A friendly, efficient, and easy to use system.
In this paper, we will use Iris recognition in mobile exam authentication and tracking. Iris is a flexible and colored tissue that controls the pupil [40]. Iris recognition is a way to control student impersonation another in online exam [4]. [19] Used Iris recognition method for mobile phone to prevent unauthorized access to mobile phone by using mobile camera for recognition. [13] applied iris recognition in mobile phone using adaptive Gabor filter. While [16] applied multi-unit iris authentication method using support vector machine algorithms, it is used to prevent unauthorized mobile user.

Iris Recognition
One of the most reliable and accurate physical biometric features is the human eye's iris [12].Iris is located behind the cornea and in front of the lens. A small colored tissue that is unique for every person [29] [33]. It is different between identical twins, as well as the left and right eye for the same person are different also [35]. This is a reason why iris recognition is a reliable biometric technique to be used in authentication. It can be used for blind people as well.
As every biometric system, Iris recognition includes four phases as the following: 1. Image acquisition: This phase deal with capturing iris image. The quality of iris image is important in developing matrices of iris image [7]. Factors that affect the image quality image acquisition include: illumination, location and camera, the occlusion, and lighting [35]. In mobile exam, the process of image acquisition is happened through the mobile camera. 2. Preprocessing phase: Preprocessing include many steps like segmentation and normalization. In iris recognition; many technique are used to locate iris and pupil like Hough transformation, integrodifferential operator and gradient based edge detection [35] [7]. After that iris unwrapping process is used to calculate the variation of pupil size with illumination change to transform from iris texture to polar coordinate [33]. This process make iris matching more easer [33]. 3. Feature extraction and encoding: In this phase the distinguish feature are extracted for used in classification like: x-y coordinates, radius, shape and size of the pupil, intensity values, orientation of the pupil ellipse and ratio between average intensity of two pupils [35]. Gabor wavelets are commonly used as encoding mechanism. Firstly, extracted local phasor from iris texture and represent the phasor response in two bits of data [33]. 4. Matcher phase, compare the new capture feature with data that decision if authorizes or not.

Proposed Model
Biometric is a good choice to authenticate and verify users. Iris verification technology is a better choice for the following reasons: fast, reliable, secure and not changeable with age like face recognition. It has a static feature that cannot change as happened in finger print recognition where the pattern size change with age. Iris recognition can be used for all, even for blind people [37] [1].
The proposed model (see figure 3) is applied for mobile learning, which all students from different locations are connected with course by mobile or tablet. Students register online and get their user name and password. The registry is completed in the course once the student provides his/her iris image through the mobile camera. The iris recognition process is applied and features calculated and saved in server database for future use in exam sessions. When student register and capture his/her iris, the student must make sure not wearing any lenses, and in good light for best iris image capture.
The proposed model has three phases: registration to course, login and during exam. Explanation of each phase are examined below:

Registration phase
The student in this phase register and enroll to online course and get a user name and password to login to course material. During the process of registry, student is supposed to provide an iris image. Iris recognition data are acquired and saved in server database to be used later in mobile exam authentication. The image is captured using mobile camera and a built-in application that direct the student to center the eye within a certain area in the screen. It is important to mention that mobile cameras are enhanced to provide a reliable high resolution image to be used for identification.
During this phase, iris recognition is conducted using four steps.
• Capture image: using mobile camera to get an iris image or can get a lot of frame using mobile video camera. • Segmentation: this step responsible to extract the basic element of eye like sclera, pupil, eyelids and eyelashes [33]. • Normalization step: the iris image represented in 2D and the noise in image is removed using mask filter [2]. • Encoding and feature extracted: using feature extraction to represent the iris feature in vector, feature filter using classifier Laplacian of Gaussian filter to be represented in a vector.
The results after these steps are saved in database server. See Figure1 that shows the process of iris recognition steps.

Login phase
In our proposed model, the process of login to the mobile exam requires two steps. The first step: A traditional authentication is applied where student (Si) provides a user name (Ui) and a password (Pi) to login to the mobile exam. The user name and password are the same as the one used to enter the course content. In addition to Ui and Pi, the second step direct the student to provide the iris image through mobile camera. The captured image is then processed through iris recognition steps explained in phase 1 and vector result is verified with data stored in database. See figure 2 that shows the verification of iris recognition results. The results of matcher are represented as a vector send with Ui to server to verify student Si. If the student is verified then go to the exam session to start exam, otherwise the login is canceled. http://www.i-jet.org During Exam Phase

Paper-A proposed Iris Recognition Model for Authentication in Mobile Exams
During exam session, capturing iris image is taken randomly for student to ensure that the same person who login is the same person who is conducting the exam. The Instructor can determine the period of randomly ask the student for the image. This is occurred to prevent student to give his/her mobile phone to another to answer the exam. Model's Discussion The proposed model offers an ease to use, effective, quick and less cost authentication system to login to exam. It provides a way to support online exam with less students cheating in identification. The proposed model aims to help both instructors and students in the assessment phase. Student can take exam through their mobile or tablets devices anywhere at any time, while instructor need a secure and fast model to achieve assessment.
The proposed model is used with mobile learning system with no physical connect between student and instructor. The registration, payment, discussion, using course material and exam all do online.
The assessment through mobile exam in mobile learning is an open book exam; the student can use material to answer the questions. However, with mobile exam the ability to cheat between students increase since students can get mobile to another to answer the questions. The proposed model focus to this point. Also, the proposed model prevents the use of any other application during exam.
The proposed model starts with registration phase, where student can get their account with user name and password after that the iris recognition, in this phase the iris recognition is done through several steps as discussed before. The result of this step is a vector that is saved with user name and password in server database.
The next phase is login to exam the student login by providing their user name and password. An encrypted message that include Ui and Pi are sent to database server, if the decrypted message is verified with data saved on server, the iris image is requested. In this step the student captures an iris image using mobile camera, during capturing iris the student must remove any lenses or eyeglasses. Through the process the iris image recognition includes the same steps done in registration phase, the result after this step are presented as vector Vi, that contain Ui, Pi, and iris extracted features. Vi is sent as encrypted message to server. The decrypted message on server side is compared with data store in database. If verified then student can start exam session, otherwise the login is canceled.
The last phase in the proposed model focus on preventing cheating during exam. Through mobile exam there is no monitoring over student during exam time. Student can give the mobile to someone else to solve the questions. In order to prevent this type of cheating; the proposed system capture an iris image during exam in random time. This can help to avoid students of cheating and forgery, when student give their mobile to someone else to answer the questions.

Conclusion and Future Work
Mobile learning has generated a new challenge in security and authentication especially within the assessment phase. The reliability and trustworthiness of mobile learning course outcome is measured using exam, the results determine the power of mobile learning certificate. In this research, a new model is proposed to authenticate students using two type of authentication. Student uses traditional login method user name and password, in addition to the biometric authentication using iris recognition to verify the student. In addition, the proposed framework checks for student randomly during exam to prevent impersonality.
The proposed model requires no additional hardware, nevertheless we need to determine the minimum requirements for mobile camera resolution to capture a highquality image. For future purposes, we will study the impact of using such system to determine the needed time required in capturing iris image during the exam and how it will affect the grades of students.