THRIVE: Threshold Homomorphic encryption based secure and privacy preserving bIometric VErification system

In this paper, we propose a new biometric verification and template protection system which we call the THRIVE system. The system includes novel enrollment and authentication protocols based on threshold homomorphic cryptosystem where the private key is shared between a user and the verifier. In the THRIVE system, only encrypted binary biometric templates are stored in the database and verification is performed via homomorphically randomized templates, thus, original templates are never revealed during the authentication stage. The THRIVE system is designed for the malicious model where the cheating party may arbitrarily deviate from the protocol specification. Since threshold homomorphic encryption scheme is used, a malicious database owner cannot perform decryption on encrypted templates of the users in the database. Therefore, security of the THRIVE system is enhanced using a two-factor authentication scheme involving the user's private key and the biometric data. We prove security and privacy preservation capability of the proposed system in the simulation-based model with no assumption. The proposed system is suitable for applications where the user does not want to reveal her biometrics to the verifier in plain form but she needs to proof her physical presence by using biometrics. The system can be used with any biometric modality and biometric feature extraction scheme whose output templates can be binarized. The overall connection time for the proposed THRIVE system is estimated to be 336 ms on average for 256-bit biohash vectors on a desktop PC running with quad-core 3.2 GHz CPUs at 10 Mbit/s up/down link connection speed. Consequently, the proposed system can be efficiently used in real life applications

Enhancing Biometric Security: A Framework for Detecting and Preventing False Identification

Biometrics is a technological system that utilizes data to differentiate one individual from another. The biometric framework can be used by government and private organizations for security purposes. This software-based technology helps to look at an individual's data if it is genuine or fake. The study suggested a framework; its goal is to strengthen the development and acceptance of the biometric system. The function of this system is to reduce the applied effort to identify and recognize the quality of the image in less time. This study utilizes three data applications: iris, fingerprint, and face recognition. The approach proposed by the survey uses different features of the images to determine the difference between the original image and the considered sample image. It gives efficient protection against different spoofing attacks. Simulation results show that the high-quality detection application has an average peak signal-to-noise ratio (PNSR) of 89.77. Further, the proposed model effectively detects false biometric identification

Wild Patterns: Ten Years After the Rise of Adversarial Machine Learning

Learning-based pattern classifiers, including deep networks, have shown impressive performance in several application domains, ranging from computer vision to cybersecurity. However, it has also been shown that adversarial input perturbations carefully crafted either at training or at test time can easily subvert their predictions. The vulnerability of machine learning to such wild patterns (also referred to as adversarial examples), along with the design of suitable countermeasures, have been investigated in the research field of adversarial machine learning. In this work, we provide a thorough overview of the evolution of this research area over the last ten years and beyond, starting from pioneering, earlier work on the security of non-deep learning algorithms up to more recent work aimed to understand the security properties of deep learning algorithms, in the context of computer vision and cybersecurity tasks. We report interesting connections between these apparently-different lines of work, highlighting common misconceptions related to the security evaluation of machine-learning algorithms. We review the main threat models and attacks defined to this end, and discuss the main limitations of current work, along with the corresponding future challenges towards the design of more secure learning algorithms.Comment: Accepted for publication on Pattern Recognition, 201

Estado del arte de registros biométricos estáticos usados para autenticar la identidad de una persona

El presente artículo académico investiga el estado del arte de registros biométricos estáticos usados para la autenticación de la identidad de la persona. En la actualidad los métodos de reconocimiento: facial, iris, nudillos, huellas dactilares y venas dactilares, centran su estudio en diferentes estrategias de segmentación para lograr una mayor precisión de coincidencia, lo que no es suficiente ante los crecientes desafíos de ataques que sufren cada uno de ellos. Es necesario investigar nuevos algoritmos que pretendan hacer sistemas de autenticación más robustos. Usando la metodología de mapeo sistemático y la revisión de la literatura se encontraron varias alternativas para el reconocimiento del individuo. La biometría ocular y dactilar son las más prometedoras por la aceptación del usuario, ya que son menos invasivas al momento de tomar la muestra, con un mejor comportamiento mejorando notablemente su resultado. La biometría de venas dactilares mostró mediante el QDA (Análisis de la discriminante cuadrática) un 98.7% de precisión y la biometría ocular reveló un 94% de efectividad.This academic paper investigates the state of the art of static biometric records used for the authentication of a person's identity. At present, recognition methods: facial, iris, knuckles, fingerprints and finger veins, focus their study on different segmentation strategies to achieve greater accuracy of coincidence, which is not enough in the face of the growing challenges of attacks suffered by each of them. New algorithms that aim to make authentication systems more robust need to be investigated. Using systematic mapping methodology and literature review, several alternatives for accurate person recognition were found. Ocular and fingerprint biometrics are the most promising due to user acceptance, since they are less invasive at the time of sampling, with a better behavior and significantly improved results. Finger vein biometrics showed 98.7% accuracy through QDA (Quadratic discriminant analysis) and ocular biometrics revealed 94% effectiveness

Motion-Based Counter-Measures to Photo Attacks in Face Recognition

Identity spoofing is a contender for high-security face recognition applications. With the advent of social media and globalized search, our face images and videos are wide-spread on the internet and can be potentially used to attack biometric systems without previous user consent. Yet, research to counter these threats is just on its infancy – we lack public standard databases, protocols to measure spoofing vulnerability and baseline methods to detect these attacks. The contributions of this work to the area are three-fold: firstly we introduce a publicly available PHOTO-ATTACK database with associated protocols to measure the effectiveness of counter-measures. Based on the data available, we conduct a study on current state-of-the-art spoofing detection algorithms based on motion analysis, showing they fail under the light of these new dataset. By last, we propose a new technique of counter-measure solely based on foreground/background motion correlation using Optical Flow that outperforms all other algorithms achieving nearly perfect scoring with an equal-error rate of 1.52% on the available test data. The source code leading to the reported results is made available for the replicability of findings in this article

Facial movement based human user authentication

Face recognition is a form of biometric authentication that has received significant attention during the last decades. Using the human face as a key to security, face recognition technology can be potentially employed in many commercial and law enforcement applications. Despite of the fact that most of the face recognition techniques have greatly developed since the earliest forms, they suffer from spoofing attack which aims at deceiving the sensor by manipulating a face replica. One of the methods to solve this problem is to utilize facial movements. Facial muscle movements represent facial behavior which makes it unrealistic to be replicated and thus more distinctive. The third dimension of facial data - depth - is also utilized to improve recognition performance and to avoid video-based attack. Apart from security concerns, physiologists and psychologists have discovered the imperative role of facial movements during human face perception. Therefore, a 3D dynamic signature can be added to augment facial recognition for which relying on static features related to shape and color. In this thesis, a user authentication method based on spatiotemporal facial movements is proposed. Facial movements are obtained by making a facial expression in front of a 3D camera and are encoded by a standard system. By discretizing motion classifications into values, the problem of face recognition can be reinterpreted as matching two time sequences - probe and gallery - for each facial movement category obtained during the enrollment phase and the verification phase. Experiments have been conducted to show the possibility of discriminating subjects based on their facial movements

Face Image Quality Assessment: A Literature Survey

The performance of face analysis and recognition systems depends on the quality of the acquired face data, which is influenced by numerous factors. Automatically assessing the quality of face data in terms of biometric utility can thus be useful to detect low-quality data and make decisions accordingly. This survey provides an overview of the face image quality assessment literature, which predominantly focuses on visible wavelength face image input. A trend towards deep learning based methods is observed, including notable conceptual differences among the recent approaches, such as the integration of quality assessment into face recognition models. Besides image selection, face image quality assessment can also be used in a variety of other application scenarios, which are discussed herein. Open issues and challenges are pointed out, i.a. highlighting the importance of comparability for algorithm evaluations, and the challenge for future work to create deep learning approaches that are interpretable in addition to providing accurate utility predictions