Adversarial Biometric Recognition : A review on biometric system security from the adversarial machine-learning perspective
@article{Biggio2015AdversarialBR, title={Adversarial Biometric Recognition : A review on biometric system security from the adversarial machine-learning perspective}, author={Battista Biggio and Giorgio Fumera and Paolo Russu and Luca Didaci and Fabio Roli}, journal={IEEE Signal Processing Magazine}, year={2015}, volume={32}, pages={31-41} }
In this article, we review previous work on biometric security under a recent framework proposed in the field of adversarial machine learning. This allows us to highlight novel insights on the security of biometric systems when operating in the presence of intelligent and adaptive attackers that manipulate data to compromise normal system operation. We show how this framework enables the categorization of known and novel vulnerabilities of biometric recognition systems, along with the…
64 Citations
Biometric Backdoors: A Poisoning Attack Against Unsupervised Template Updating
- Computer Science2020 IEEE European Symposium on Security and Privacy (EuroS&P)
- 2020
This work designs a poisoning detection technique that leverages the consistent directionality of template updates in feature space to discriminate between legitimate and malicious updates and designs a countermeasure with a set of intra-user variability factors which may present the same directionality characteristics.
Evasion Attack for Fingerprint Biometric System and Countermeasure
- Computer Science
- 2019
The aim of this work is to demonstrate that machine learning can be utilized to enhance system security, if one utilizes an adversary-aware approach that proactively intercept the attacker.
Characterizing and Evaluating Adversarial Examples for Offline Handwritten Signature Verification
- Computer ScienceIEEE Transactions on Information Forensics and Security
- 2019
It is found that attacks that aim to get a genuine signature rejected are easy to generate, even in a limited knowledge scenario, where the attacker does not have access to the trained classifier nor the signatures used for training.
Adversarial Robustness is Not Enough: Practical Limitations for Securing Facial Authentication
- Computer ScienceIWSPA@CODASPY
- 2022
This paper assesses the strengths and limitations of prominent robustness methods in light of facial authentication, a realistic use case where adversarial perturbations pose a real threat, which allows for a natural reflection on the security gained by the obtained robustness.
Protection of Privacy in Biometric Data
- Computer ScienceIEEE Access
- 2016
The functional mechanisms of popular PPBSs are explained and the state-of-the-art privacy-preserving biometric methods based on these mechanisms are presented.
Machine Learning under Attack: Vulnerability Exploitation and Security Measures
- Computer ScienceIH&MMSec
- 2016
A general framework is introduced that encompasses and unifies previous work in the field, allowing one to systematically evaluate classifier security against different, potential attacks, and shows how carefully-designed poisoning attacks can mislead some learning algorithms by manipulating only a small fraction of their training data.
On the guessability of binary biometric templates: A practical guessing entropy based approach
- Computer Science2017 IEEE International Joint Conference on Biometrics (IJCB)
- 2017
An acceleration of the guessing entropy is presented which reflects the expected number of guessing trials in attacking the binary template based biometric systems and benefits from computation reuse and pruning.
Adaptive Biometric Systems
- Computer ScienceACM Comput. Surv.
- 2019
This article provides the most up-to-date and complete discussion on adaptive biometrics systems the authors are aware of, including formalization, terminology, sources or variations that motivates the use of adaptation, adaptation strategies, evaluation methodology, and open challenges.
Wild Patterns: Ten Years After the Rise of Adversarial Machine Learning
- Computer SciencePattern Recognit.
- 2018
References
SHOWING 1-10 OF 32 REFERENCES
Poisoning attacks to compromise face templates
- Computer Science2013 International Conference on Biometrics (ICB)
- 2013
This paper shows that the attack on PCA-based face verification templates can be successful even in the case of multiple templates per client, for different matchers, and under more realistic scenarios, and validate it by experiments to highlight its practical relevance.
Security evaluation of biometric authentication systems under real spoofing attacks
- Computer ScienceIET Biom.
- 2012
The results confirm that multimodal systems are vulnerable to attacks against a single biometric trait, and show that the `worst-case` scenario can be too pessimistic, which can lead to two conservative choices.
Biometric Template Security
- Computer ScienceEURASIP J. Adv. Signal Process.
- 2008
This work presents a high-level categorization of the various vulnerabilities of a biometric system and discusses countermeasures that have been proposed to address these vulnerabilities.
Security Evaluation of Pattern Classifiers under Attack
- Computer ScienceIEEE Transactions on Knowledge and Data Engineering
- 2014
A framework for empirical evaluation of classifier security that formalizes and generalizes the main ideas proposed in the literature, and given examples of its use in three real applications show that security evaluation can provide a more complete understanding of the classifier's behavior in adversarial environments, and lead to better design choices.
Vulnerabilities in Biometric Encryption Systems
- Computer Science, MathematicsAVBPA
- 2005
A potential vulnerability in biometric encryption systems that allows a less-than-brute force regeneration of the secret and an estimate of the enrolled image is described.
Multimodal fusion vulnerability to non-zero effort (spoof) imposters
- Computer Science2010 IEEE International Workshop on Information Forensics and Security
- 2010
A method for assessment of multimodal systems and underlying fusion algorithms is outlined and experiments are conducted on a multi-modal database of face, iris, and fingerprint match scores.
On the vulnerability of face verification systems to hill-climbing attacks
- Computer SciencePattern Recognit.
- 2010
Robustness of multimodal biometric fusion methods against spoof attacks
- Computer ScienceJ. Vis. Lang. Comput.
- 2009
An evaluation of indirect attacks and countermeasures in fingerprint verification systems
- Computer SciencePattern Recognit. Lett.
- 2011
Pattern Recognition Systems under Attack: Design Issues and Research Challenges
- Computer ScienceInt. J. Pattern Recognit. Artif. Intell.
- 2014
The ultimate goal is to provide some useful guidelines for improving the security of pattern recognition in adversarial settings, and to suggest related open issues to foster research in this area.