Targeted Impersonation As A Tool For The Detection Of Biometric System Vulnerabilities

John D. Bustard*, John N. Carter, Mark S. Nixon

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference contribution

5 Citations (Scopus)

Abstract

This paper argues that biometric verification evaluations can obscure vulnerabilities that increase the chances that an attacker could be falsely accepted. This can occur because existing evaluations implicitly assume that an imposter claiming a false identity would claim a random identity rather than consciously selecting a target to impersonate. This paper shows how an attacker can select a target with a similar biometric signature in order to increase their chances of false acceptance. It demonstrates this effect using a publicly available iris recognition algorithm. The evaluation shows that the system can be vulnerable to attackers targeting subjects who are enrolled with a smaller section of iris due to occlusion. The evaluation shows how the traditional DET curve analysis conceals this vulnerability. As a result, traditional analysis underestimates the importance of an existing score normalisation method for addressing occlusion. The paper concludes by evaluating how the targeted false acceptance rate increases with the number of available targets. Consistent with a previous investigation of targeted face verification performance, the experiment shows that the false acceptance rate can be modelled using the traditional FAR measure with an additional term that is proportional to the logarithm of the number of available targets.

Original languageEnglish
Title of host publication2013 IEEE SIXTH INTERNATIONAL CONFERENCE ON BIOMETRICS: THEORY, APPLICATIONS AND SYSTEMS (BTAS)
Place of PublicationNEW YORK
PublisherInstitute of Electrical and Electronics Engineers (IEEE)
Number of pages6
Publication statusPublished - 2013
EventIEEE 6th International Conference on Biometrics - Theory, Applications and Systems (BTAS) - Washington, United Kingdom
Duration: 29 Sep 201302 Oct 2013

Conference

ConferenceIEEE 6th International Conference on Biometrics - Theory, Applications and Systems (BTAS)
CountryUnited Kingdom
Period29/09/201302/10/2013

Keywords

  • FINGERPRINT VERIFICATION
  • RECOGNITION
  • ATTACKS

Cite this