2,437 research outputs found
Efficient software attack to multimodal biometric systems and its application to face and iris fusion
This is the author’s version of a work that was accepted for publication in Pattern Recognition Letters. Changes resulting from the publishing process, such as peer review, editing, corrections, structural formatting, and other quality control mechanisms may not be reflected in this document. Changes may have been made to this work since it was submitted for publication. A definitive version was subsequently published in Pattern Recognition Letters 36, (2014) DOI: 10.1016/j.patrec.2013.04.029In certain applications based on multimodal interaction it may be crucial to determine not only what the user is doing (commands), but who is doing it, in order to prevent fraudulent use of the system. The biometric technology, and particularly the multimodal biometric systems, represent a highly efficient automatic recognition solution for this type of applications.
Although multimodal biometric systems have been traditionally regarded as more secure than unimodal systems, their vulnerabilities to spoofing attacks have been recently shown. New fusion techniques have been proposed and their performance thoroughly analysed in an attempt to increase the robustness of multimodal systems to these spoofing attacks. However, the vulnerabilities of multimodal approaches to software-based attacks still remain unexplored. In this work we present the first software attack against multimodal biometric systems. Its performance is tested against a multimodal system based on face and iris, showing the vulnerabilities of the system to this new type of threat. Score quantization is afterwards studied as a possible countermeasure, managing to cancel the effects of the proposed attacking methodology under certain scenarios.This work has been partially supported by projects Contexts (S2009/TIC-1485) from CAM,
Bio-Challenge (TEC2009-11186) and Bio-Shield (TEC2012-34881) from Spanish MINECO,
TABULA RASA (FP7-ICT-257289) and BEAT (FP7-SEC-284989) from EU, and Cátedra UAM-Telefónica
Vulnerabilities in biometric systems: Attacks and recent advances in liveness detection
This is an electronic version of the paper presented at the Spanish Workshop on Biometrics 2007, SWB-07 held in Girona (Spain)A review of the state-of-the-art in direct and indirect attacks to fingerprint and iris automatic recognition security systems is presented. A summary of the novel liveness detection methods, which take advantage of different physiological properties to distinguish between real and fake biometric traits, is also reported.This work has been supported by the TIC2006-13141-C03-03 project of the Spanish Ministry of Science and Technology and the BioSecure NoE
Wild Patterns: Ten Years After the Rise of Adversarial Machine Learning
Learning-based pattern classifiers, including deep networks, have shown
impressive performance in several application domains, ranging from computer
vision to cybersecurity. However, it has also been shown that adversarial input
perturbations carefully crafted either at training or at test time can easily
subvert their predictions. The vulnerability of machine learning to such wild
patterns (also referred to as adversarial examples), along with the design of
suitable countermeasures, have been investigated in the research field of
adversarial machine learning. In this work, we provide a thorough overview of
the evolution of this research area over the last ten years and beyond,
starting from pioneering, earlier work on the security of non-deep learning
algorithms up to more recent work aimed to understand the security properties
of deep learning algorithms, in the context of computer vision and
cybersecurity tasks. We report interesting connections between these
apparently-different lines of work, highlighting common misconceptions related
to the security evaluation of machine-learning algorithms. We review the main
threat models and attacks defined to this end, and discuss the main limitations
of current work, along with the corresponding future challenges towards the
design of more secure learning algorithms.Comment: Accepted for publication on Pattern Recognition, 201
On the vulnerability of iris-based systems to a software attack based on a genetic algorithm
The final publication is available at Springer via http://dx.doi.org/10.1007/978-3-642-33275-3_14Proceedings of 17th Iberoamerican Congress, CIARP 2012, Buenos Aires, ArgentinaThe vulnerabilities of a standard iris verification system to a novel indirect attack based on a binary genetic algorithm are studied. The experiments are carried out on the iris subcorpus of the publicly available BioSecure DB. The attack has shown a remarkable performance, thus proving the lack of robustness of the tested system to this type of threat. Furthermore, the consistency of the bits of the iris code is analysed, and a second working scenario discarding the fragile bits is then tested as a possible countermeasure against the proposed attack.This work has been partially supported by projects Contexts (S2009/TIC-1485) from CAM, Bio-Challenge (TEC2009-11186) from Spanish MICINN, TABULA RASA (FP7-ICT-257289) and BEAT (FP7-SEC-284989) from EU, and Cátedra UAM-Telefónica
THRIVE: Threshold Homomorphic encryption based secure and privacy preserving bIometric VErification system
In this paper, we propose a new biometric verification and template
protection system which we call the THRIVE system. The system includes novel
enrollment and authentication protocols based on threshold homomorphic
cryptosystem where the private key is shared between a user and the verifier.
In the THRIVE system, only encrypted binary biometric templates are stored in
the database and verification is performed via homomorphically randomized
templates, thus, original templates are never revealed during the
authentication stage. The THRIVE system is designed for the malicious model
where the cheating party may arbitrarily deviate from the protocol
specification. Since threshold homomorphic encryption scheme is used, a
malicious database owner cannot perform decryption on encrypted templates of
the users in the database. Therefore, security of the THRIVE system is enhanced
using a two-factor authentication scheme involving the user's private key and
the biometric data. We prove security and privacy preservation capability of
the proposed system in the simulation-based model with no assumption. The
proposed system is suitable for applications where the user does not want to
reveal her biometrics to the verifier in plain form but she needs to proof her
physical presence by using biometrics. The system can be used with any
biometric modality and biometric feature extraction scheme whose output
templates can be binarized. The overall connection time for the proposed THRIVE
system is estimated to be 336 ms on average for 256-bit biohash vectors on a
desktop PC running with quad-core 3.2 GHz CPUs at 10 Mbit/s up/down link
connection speed. Consequently, the proposed system can be efficiently used in
real life applications
Security provision for biometric authentication systems using Enhanced Nelder Mead Algorithm
Since, their are numerous advantages of biometrics-based authentication systems over traditional security systems based on knowledge, they are susceptible to attacks that can decrease their security significantly. We analyze these attacks in the multibiometric system. We propose an attack system that uses a hill climbing procedure to synthesize the targeted templates and evaluate its achievability with experimental results conducted on large databases. Hill climbing attack is nothing but security attack based on generating artificial data, after analyzing the output; updating such data, so as to improve the output. This is done repeatedly till output is desire output. So that, several actions can be utilized to decrease the probability of such attacks and their result are also presented. Some of the measures are uniform quantization techniques, non-uniform quantization techniques and many more. We are using uniform quantization, as quantization is the process of mapping a set of continuous pixel values into a finite numbers of possible values. The template division can be done on the basis of uniform quantized method which replicates the principle of uniform or linear quantizer has all the quantization levels uniformly distributed in the interval
- …