Your SlideShare is downloading. ×
  • Like
Zahid Akhtar - Ph.D. Defense Slides
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Now you can save presentations on your phone or tablet

Available for both IPhone and Android

Text the download link to your phone

Standard text messaging rates apply

Zahid Akhtar - Ph.D. Defense Slides

  • 1,924 views
Published

 

Published in Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
No Downloads

Views

Total Views
1,924
On SlideShare
0
From Embeds
0
Number of Embeds
3

Actions

Shares
Downloads
50
Comments
0
Likes
2

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. PhD in Electronic and Computer Engineering Security of Multimodal Biometric Systems against Spoof Attacks Zahid Akhtar Advisor: Prof. Fabio Roli Co-advisors: Dr. Giorgio Fumera Dr. Gian Luca Marcialis Pattern Recognition and Applications Group Department of Electrical and Electronic Engineering University of Cagliari, Italy
  • 2. Outline •  Background concepts   biometric systems and their security issues •  Contributions of this thesis   Robustness evaluation of multimodal biometric systems against real spoof attacks   Proposed methods for security evaluation of multimodal biometric systems against spoof attacks   Experiments •  Conclusions and future works06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar 2
  • 3. Biometrics •  Examples of body traits that can be used for biometric recognition Face Fingerprint Iris Hand geometry Palmprint Signature Voice Gait06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar 3
  • 4. Biometric authentication systems •  Enrollment Phase User Identity XTemplate Biometric ` Feature System Sensor Extractor Database User•  Verification Phase Claimed user Identity System Genuine Database Yes XTemplate XQuery Score > Biometric Feature Sensor Extractor Matcher Threshold Score User No Impostor06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar 4
  • 5. Biometric authentication systems•  Unimodal Biometric System Genuine Yes Biometric Feature Fingerprint Score > Sensor Extractor Matcher Threshold Score System No Impostor Database•  Multimodal Biometric System Biometric s1 Feature Face Genuine Sensor Extractor Matcher Yes Score Fusion Score > System Rule Threshold Database Score f(s1,s2) Biometric Feature Fingerprint No s2 Impostor Sensor Extractor Matcher06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar 5
  • 6. Spoof (Direct) Attacks•  Spoof attacks   attacks at the user interface (sensor)   presentation of a fake biometric trait•  Countermeasures   Liveness detection methods   Multimodal biometric Systems  “intrinsically” robust?06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar 6
  • 7. State-of-the-art•  Vulnerability identification   contrary to a common belief, a multimodal biometric system can be evaded even if only one biometric trait is spoofed [Rodrigues et al. JVLC 2009, Rodrigues et al. BTAS 2010, P. A. Jonhson et al. WIFS 2010]•  Robustness evaluation against spoof attacks   evaluation under working worst-case hypothesis   “worst-case” scenario, where it is assumed that the attacker is able to fabricate a perfect replica of a biometric trait   Fake scores are simulated under a worst-case scenario, resampling genuine user scores p(score|Impostor, spoofing) = p(score|Genuine) 6 5 4 p(score|Genuine) 3 p(score|Impostor) p(score|Fake) 2 1 0 0 0.1 0.2 0.3 0.4 0.5 0.6 0.7 0.8 0.9 1 score 06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar 7
  • 8. State-of-the-art•  Defense strategies against spoof attacks   two robust fusion rule under a worst-case hypothesis [Rodrigues et al. JVLC 2009]•  No methodology exist to evaluate the performance of biometric systems against real spoof attack 06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar 8
  • 9. Open issues 1.  Vulnerability identification against real spoof attacks   vulnerability of multimodal biometric systems to real spoof attacks that may be exploited by an attacker to mislead the system 2.  Performance evaluation methods against spoof attacks   standard performance evaluation does not provide information about the security1 of a system against spoof attack 3.  Robust system design   current theory and design methods of biometric systems do not take into account the vulnerability to such adversary attacks.1 In this thesis, we will use both “security” and “robustness” terms interchangeably, to indicate performance of biometric systems against spoof attacks. 06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar 9
  • 10. Main contributions of this thesis1.  Security of multimodal biometric systems against real spoof attacks   to provide empirical proof that multimodal systems are not intrinsically robust against real spoof attacks2.  Worst-case hypothesis validation   to verify that current worst-case scenario is not realistic under “real” attacks3.  Security evaluation method   to provide an estimate of the performance of multimodal biometric system against real spoof attack without fabrication of fake traits   to select a more robust score fusion rule according to its performance under spoof attack 06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar 10
  • 11. Problems•  Can multimodal biometric systems be actually cracked by attacking only one sensor via real spoof attacks?   to validate the state-of-the-art results obtained under “worst-case” spoof attack scenario The scope of state-of-the-art results are very limited since they were obtained by simulating the scores of spoofed traits under worst-case scenario. 06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar 11
  • 12. Problems•  Is the “worst-case” scenario hypothesized in literature for spoofing biometrics representative of real spoof attacks?   whether and to what extend the “worst-case” scenario is realistic To what extent the drop in performance under the “worst-case” attack scenario is representative of the performance under real spoof attacks. 06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar 12
  • 13. Problems•  How can the security of multimodal systems be evaluated, under realistic attacks, without fabricating spoofed traits?   a current issue is to have a measurements of the performance drop under spoofing attacks for uni and multimodal systems   collecting “attack” samples is a non-trivial task It is of interest to evaluate robustness of biometric systems under different qualities of fake traits. 06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar 13
  • 14. Experiments•  Multimodal system with face and fingerprint matchers   Fingerprint: Bozorth3 (NIST) and Verifinger (Neurotechnology)   Face: Elastic Bunch Graph Matching - EBGM Biometric s1 Feature Face Genuine Sensor Extractor Matcher Yes Score Fusion Score > System Rule Threshold Database Score f(s1,s2) Biometric Feature Fingerprint No s2 Impostor Sensor Extractor Matcher 06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar 14
  • 15. Experiments Score fusion rules1.  Sum s = s1 + s22.  Product s = s1 × s23.  Bayesian s = ( s1 × s2 ) / [(1- s1)(1- s2) + (s1 × s2)]4.  Weighted Sum (LDA) s = w0 + w1s1 × w2s25.  Weighted Product s = s1w × s1−w 26.  Perceptron s = 1 / 1 + exp[(w0 + w1s1 × w2s2)]7.  Likelihood ratio (LLR) s = p(s1,s2|G) / p(s1,s2|I) €8.  Extended LLR (ExtLLR) p(s1,s2|I) = α 3 (1− c1 )(1+ c 2 ) p(s1 | G) p(s2 | I)   explicitly models the distribution of spoof attacks (worst-case) + α (1+ c1 )(1− c 2 ) p(s1 | I) p(s2 | G) 3 [Rodrigues et al. JVLC 2009] + α (1− c1 )(1− c 2 ) p(s1 | G) p(s2 | G) 3 € [(1− α ) + α (c1 + c 2 + c1c 2 )]p(s1 | I) p(s2 | I) 3 06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar 15 €
  • 16. Experiments Fake biometric traits •  Fake fingerprints by “consensual method”   mould: plasticine-like material   cast: silicon, latex, gelatin and alginate ! ! ! Live Fake (latex) Fake (silicon) ! ! ! ! ! ! •  Fake faces by “photo-attack”, “personal photo attack” and “print-attack”   photo displayed on a laptop screen to camera   Personal photos (like those appearing an social networks)   video clips of printed-photo attacks ! ! ! Live Fake (photo) Fake (personal ) ! ! !06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar 16
  • 17. Experiments Data sets Data Set Number Number Number of clients of spoofs of live per client per client Silicon 142 20 20 Latex 80 3 5 Gelatin 80 3 5 Alginate 80 3 5 Photo Attack 40 60 60 Personal Photo Attack 25 3(avg.) 60 Print Attack 50 12 16   12 chimerical multimodal data sets with 8 fusion rules   12 × 8 = 96 multimodal biometric systems06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar 17
  • 18. Robustness evaluation against real spoof attacks06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar 18
  • 19. Experiments Results•  can multimodal systems be cracked by attacking only one modality via real spoof attacks?   Fakes: latex (fingerprint) and photo (faces) LDA 2 LLR 10 2 10 1 10 1 10 FRR (%) FRR (%) no spoof fing. 0 10 face 0 10 both w-fing. w-face −1 10 −1 −1 10 10 0 10 1 10 2 10 −1 0 1 2 FAR (%) 10 10 10 10 FAR (%)   @1% FAR operational point (LDA): FAR under attacks: 64.91% (fingerprint spoofing) and 2.17% (face spoofing)06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar 19
  • 20. Experiments Results   Fakes: silicon (fingerprint) and photo (faces) Product LLR 2 2 10 10 1 1 10 10 FRR (%) FRR (%) fing. + face (no spoof) fing.+ face spoof 0 fing. (no spoof) 0 10 fing. spoof 10 face (no spoof) face spoof −1 −1 10 −1 0 1 2 10 −1 0 1 2 10 10 10 10 10 10 10 10 FAR (%) FAR (%)   however the considered multimodal systems are more robust than unimodal ones, even when all biometric traits are spoofedZahid Akhtar, Battista Biggio, Giorgio Fumera, Gian Luca Marcialis, “Robustnessof Multi-modal Biometric Systems under Realistic Spoof Attacksagainst All Traits”, InIEEE Workshop on Biometric Measurements and Systems for Security and Medical Applications (BioMS), pp. 5–10, 2011. 06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar 20
  • 21. Worst-case hypothesis validation06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar 21
  • 22. Experiments Results •  Is the “worst-case” scenario for spoofing biometrics representative of real spoof attacks?   Fakes: latex (fingerprint) and photo (faces) LLR 2 Extended LLR 10 2 10 1 10 1 10 FRR (%) FRR (%) no spoof 0 fing. 10 face 0 10 both w-fing. w-face −1 10 −1 −1 10 10 0 10 1 10 2 10 −1 0 1 2 FAR (%) 10 10 10 10 FAR (%)   worst case assumption (dashed lines) holds to some extent for face spoofing but not for fingerprint spoofingBattista Biggio, Zahid Akhtar, Giorgio Fumera, Gian Luca Marcialis, FabioRoli, “Robustness of multi-modal biometric verification systems under realistic spoofingattacks”, In International Joint Conference on Biometrics (IJCB), 2011. 06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar 22
  • 23. Experiments Results•  Matching score distributions   Fake faces photo personal photo !"!% * !"!% * +,-./-, +,-./-, /0123425 /0123425 !"!) !"!) 678, 678, !"!$ !"!$ !"!( !"!( !"!# !"!# !"! !"! !* !* ! !"# !"$ !"% !"& ! !"# !"$ !"% !"&   Fake fingerprints silicon *+,-./!01213/4)!0+15./3+67!8+*+91: alginate *+,-./!01213/4)!0+15./3+67!7*8+97/ !"$ ; !"$ : <.:=+:. 8.9;+9. !")( +5>18/13 !")( +5<1=/13 ?76. >76. !") !") !"#( !"#( !"# !"# !"( !"( !" !" !"!( !"!( !; !: ! !"# !"$ !"% !"& ! !"# !"$ !"% !"& 06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar 23
  • 24. Experiments Results   Fakes: silicon (fingerprint) and personal photo (faces) Extended LLR can be less robust than LLR to real fingerprint spoof attacks LLR 2 Extended LLR 10 2 10 1 10 1 10 FRR (%) FRR (%) no spoof 0 fing. 10 face 0 10 both w-fing. w-face −1 10 −1 −1 10 10 0 10 1 10 2 10 −1 0 1 2 FAR (%) 10 10 10 10 FAR (%)Battista Biggio, Zahid Akhtar, Giorgio Fumera, Gian Luca Marcialis, FabioRoli, “Security evaluation of biometric authentication systems under realisticspoofing attacks”, In IET Biometrics, In press, 2012. 06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar 24
  • 25. Security evaluation method06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar 25
  • 26. Security evaluation•  Security evaluation is required to have a more complete understanding of multimodal biometric systems’ performance   to assess the robustness of the multimodal systems   to design novel fusion rules robust to spoof attacks   to choose the most robust fusion rule•  Fabricating spoof attacks may be very difficult task   costly and time consuming•  We thus propose to simulate the effect of spoof attacks on corresponding matching score distribution 06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar 26
  • 27. Attack simulation•  Factors: biometric trait spoofed, matching algorithm, forgery techniques and ability•  Sets of matching scores from genuine users and impostors distributions are given•  Baseline assumptions   worst-case for the system (best-case for the attacker)   p(score|Fake) = p(score|Genuine)  State-of-the-art   best-case for the system (worst-case for the attacker)   p(score|Fake) = p(score|Impostor)   intermediate cases   p(score|Fake) lies between p(score|Genuine) and p(score|Impostor) 06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar 27
  • 28. Attack simulation•  Models of spoof attacks match score distribution Zahid Akhtar, Giorgio Fumera, Gian Luca Marcialis,   based on baseline assumption and Fabio Roli, “Robustness Evaluation of Biometric Systems under Spoof Attacks”, In 16th International Conference Image Analysis and Processing (ICIAP),•  Parametric model pp.159–168, 2011.   Fake: same parametric form as Genuine and Impostor ones µFake = α µGenuine + (1- α) µImpostor 7 p(score|Genuine) σFake = α σGenuine + (1- α) σImpostor 6 p(score|Impostor) p(score|Fake) 5 α = 0.5   α ∈ [0,1] : “Attack Strength” 4   state-of-the-art (worst-case)  α = 1 3 2•  Non-Parametric model 1 scoreFake = (1 - α) scoreImpostor + α scoreGenuine 0 0 0.1 0.2 0.3 0.4 0.5 0.6 0.7 0.8 0.9 1 score 06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar 28
  • 29. Security evaluation method Training Phase Testing Phase Matchers not attacked State-of-the-art 6 p(score|Fake) = p(score|Genuine) p(score|Genuine) 5 p(score|Impostor) Matchers under attack 4 6 p(score|Genuine) 3 5 p(score|Impostor) 4 p(score|Fake) 2 1 3 Fused score distribution 0 0 0.1 0.2 0.3 0.4 0.5 0.6 0.7 0.8 0.9 1 2 score6 1 Score Fusion Threshold p(score|Genuine) Rule5 p(score|Impostor) 0 0 0.1 0.2 0.3 0.4 0.5 0.6 0.7 0.8 0.9 1 score multimodal biometric accuracy43 Our method system2 Parametric µFake = α µGenuine + (1- α) µImpostor1 σFake = α σGenuine + (1- α) σImpostor0 0 0.1 0.2 0.3 0.4 0.5 0.6 0.7 0.8 0.9 1 0 0.1 0.2 …………..…. 0.8 0.9 1 attack strength (α) score Non-parametric scoreFake = (1 - α) scoreImpostor + α scoreGenuine Matchers under attack Matchers not attacked 6 6 p(score|Genuine) p(score|Genuine) 5 p(score|Impostor) 5 p(score|Impostor) p(score|Fake)Zahid Akhtar, Giorgio Fumera, Gian Luca Marcialis 4 4and Fabio Roli, “Robustness analysis of Likelihood 3 Score Fusion 3Ratio score fusion rule for multi-modal biometric Rulesystems under spoof attacks”, In 45th IEEE Intl. 2 2Carnahan Conference on Security Technology 1 1(ICCST), pp. 237–244, 2011. 0 0 0 0.1 0.2 0.3 0.4 0.5 0.6 0.7 0.8 0.9 1 0 0.1 0.2 0.3 0.4 0.5 0.6 0.7 0.8 0.9 1 score score 06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar 29
  • 30. Experiments Results•  Matching score distributions Fake faces: Photo Fake fingerprints: silicon 0.09 0.45 Genuine Genuine 0.08 Impostor Impostor 0.4 Fake Fake 0.07 0.35 0.06 0.3 Frequency Frequency 0.05 0.25 0.04 0.2 0.03 0.15 0.02 0.1 0.01 0.05 0 0.4 0.5 0.6 0.7 0.8 0.9 1 0 score 0.49 0.5 0.51 0.52 0.53 0.54 0.55 score   score distribution of fake trait is lying between Genuine and Impostor distributions 06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar 30
  • 31. Experiments Results•  Can our method reasonably approximate a real fake score distribution?   Hellinger Distance: ∈ [0 , 2]   Non-parametric model Data set Hellinger Distance α Face 0.0939 0.9144 Fingerprint 0.4397 0.0522 Face System Fingerprint System $ ! )!! ! 67839:;0<=,-./0, 4561789.:;*+,-.* 1:>0=,-./0, /8<.;*+,-.* # %!! + #!! 1/02304-5 /-.01.2+3 * (!! ) !! ( &!! !! !! !"# !"## !"$ !"$# !"% !"%# !"& !"&# !" !"# ( !"#$% !"% !"%!% !"%& !"%&% !"% ,-./0 *+,-. 06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar 31
  • 32. Experiments Results•  Does our method provide a good estimate of the performance under attacks?   Performance measure: False Acceptance Rate (FAR)   Performance estimation of unimodal biometric systems under spoof attack Face System Fingerprint System 100 100 the real Performance the estimated performance by our model 90 90 the estimated performance by state!of!the!art 80 80 False Acceptance Rate ! FAR(%) False Acceptance Rate ! FAR(%) 70 70 60 60 50 50 40 40 30 30 20 the real Performance 20 the estimated performance by our model 10 10 the estimated performance by state!of!the!art 0 0 0.5 0.51 0.52 0.53 0.54 0.55 0.56 0.57 0.58 0.59 0.6 0.5 0.55 0.6 0.65 0.7 0.75 0.8 0.85 0.9 0.95 1 Threshold Threshold 06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar 32
  • 33. Experiments Results  Comparison with the worst-case spoof attacks Operational Real Approximated Approximated Point FAR FAR FAR (our model) (worst-case assumption)Face zeroFAR 4.80 4.20 11.40System 1%FAR 23.50 23.30 24.30Fingerprint zeroFAR 50.60 62.50 94.80System 1%FAR 60.00 80.80 95.10 06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar 33
  • 34. Experiments Results   Performance estimation of multimodal biometric systems under spoof attack Face System Fingerprint System !"" ! #!! ! :0549947? ;165::58@ *" -.415/800@549947?5<@47.> +! ./5260911A65::58@6=AB;C/.9.B;:? /ABC149.25/800@549947?5<@47.> 0BDE25:/360911A65::58@6=AB;C/.9.B;:? #" *! 341/.5677.894:7.5;49.5!536;<=> 4520/6788/9:5;8/6<5:/6!647<=>? )" )! $" (! (" ! %" &! " %! &" $! !" #! "! !# !$ !% !& " !! !" !" !" !" !" ! !"# !"$ !"% !"& !" !"( !") !"* !"+ # +,-./,012 ,-./0-123   Comparison with the worst-case spoof attacks Operational Real Approximated Approximated Point FAR FAR FAR (our model) (worst-case assumption)Face zeroFAR 2.51 2.70 5.91System 1%FAR 5.13 8.93 11.24Fingerprint zeroFAR 5.20 4.83 95.05System 1%FAR 6.27 6.35 98.01 06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar 34
  • 35. Experiments Case study •  Robustness analysis of likelihood ratio score fusion rule using parametric model   a bi-modal system using LLR fusion rule with Gaussian distribution p(s1 | G) p(s2 | G)  σ σ  1 (s − µ ) 2 (s − µ ) 2 (s − µ ) 2 (s − µ ) 2  z(s1,s2 ) = log = log I s 1 I s 2  +  1 2 I s1 + 2 2 I s 2 − 1 2 Gs1 − 2 2 Gs 2  σ σ  2  σ p(s1 | I) p(s2 | I)  Gs 1 Gs 2   I s1 σ Is2 σ Gs1 σ Gs 2  z(s1,s2 ) − log t = As12 + Bs1s2 + Cs2 + Ds1 + Es2 + F 2€ € z(s1,s2 ) − log t = 0 €   B2 - 4AC < 0 : an ellipse   B2 - 4AC = 0 : a parabola FAR(t) = ∫∫ G p(s1 | I) p(s2 | I)ds1ds2 €   B2 - 4AC > 0 : an hyperbola   FAR under spoof attack: when only matcher 1 is spoofed € FAR(t) = ∫∫G p(s1 | F) p(s2 | I)ds1ds2 06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar 35
  • 36. Experiments Data sets•  NIST Biometric score set Release 1(BSSR1)   two different face matchers (C & G)   one fingerprint matchers (LI & RI)   no. of clients: 517   for each client 1 genuine & 516 impostor samples•  Four multimodal systems: G-RI, G-LI, C-RI, and C-LI•  α (attack strength) values: 0 (best-case) to 1 (worst-case) scenario 06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar 36
  • 37. Experiments Results  Performance measure: False Acceptance Rate (FAR)  α = 0  absence of attacks  α = 1  worst-case scenario (state-of-the-art) At 0.01% FAR operational point At 1% FAR operational point $ $ #! ! #! ! ,-78/09::/;2-4:/0<-2/0!0,9<0=>?,-78/09::/;2-4:/0<-2/0!0,9<0=>? # #! # ! #! #! !# #! @@<0!0,A45/3;3A4201;BBC/D @@<0!0,A45/3;3A4201;BBC/D @@<0!0,-:/01;BBC/D @@<0!0,-:/01;BBC/D ! #! ! !$ #! ! ! !"# !"$ !"% !"& !" !"( !") !"* !"+ # ! !"# !"$ !"% !"& !" !"( !") !"* !"+ # ,-./0123/4526 ,-./0123/4526  FAR under attacks increases as the fake strength increases06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar 37
  • 38. Experiments Results At 0.01% FAR operational point At 1% FAR operational point $ $ #! ! #! ! ,-78/09::/;2-4:/0<-2/0!0,9<0=>? ,-78/09::/;2-4:/0<-2/0!0,9<0=>? # #! # ! #! #! !# #! @@<0!0,A45/3;3A4201;BBC/D @@<0!0,A45/3;3A4201;BBC/D @@<0!0,-:/01;BBC/D @@<0!0,-:/01;BBC/D ! #! ! !$ #! ! ! !"# !"$ !"% !"& !" !"( !") !"* !"+ # ! !"# !"$ !"% !"& !" !"( !") !"* !"+ # ,-./0123/4526 ,-./0123/4526  fingerprint spoofing: FAR increases very quickly  face spoofing: relatively a more graceful increase of FAR  multimodal biometric systems can be vulnerable to spoof attacks against only one matcher 06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar 38
  • 39. Score fusion rules ranking method06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar 39
  • 40. Score fusion rule ranking method Training Phase Testing Phase Our method 6 Threshold p(score|Genuine) Parametric 5 p(score|Impostor) µFake = α µGenuine + (1- α) µImpostor 4 p(score|Fake) σFake = α σGenuine + (1- α) σImpostor 3 Non-parametric 2 scoreFake = (1 - α) scoreImpostor + α scoreGenuine 1 0 0 0.1 0.2 0.3 0.4 0.5 0.6 0.7 0.8 0.9 1 score Fused score distribution Matchers under attack6 6 Threshold p(score|Genuine) p(score|Genuine)5 p(score|Impostor) 5 p(score|Impostor)4 4 p(score|Fake)3 32 21 1 1 Rule 1 Rule 10 0 2 Rule 2 Rule 2 ranking 0 0.1 0.2 0.3 0.4 0.5 0.6 0.7 0.8 0.9 1 0 0.1 0.2 0.3 0.4 0.5 0.6 0.7 0.8 0.9 1 score score Score Fusion 3 Rule 3 …………..…. Rule 3 Matchers not attacked Rules ……..…. ……..…. ……..…. 6 p(score|Genuine) 5 p(score|Impostor) 4 3 0 0.1 0.2 …………..…. 0.8 0.9 1Zahid Akhtar, Giorgio Fumera, Gian Luca attack strength (α) 2Marcialis and Fabio Roli, “Evaluation ofmultimodal biometric score fusion rules 1under spoof attacks”, In 5th IAPR/IEEE 0Intl. Conf. on Biometrics (ICB), 2012. 0 0.1 0.2 0.3 0.4 0.5 score 0.6 0.7 0.8 0.9 1 06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar 40
  • 41. Experiments Results•  Ranking of fusion rules according to their FAR under real spoof attacks   Fakes: silicon (fingerprint) and photo (faces) Face Spoofing Fingerprint Spoofing zeroFAR 1% FAR zeroFAR 1% FARFAR(%) Rules FAR(%) Rules FAR(%) Rules FAR(%) Rules 0.04 ExtLLR 2.26 ExtLLR 0.00 Bayesian 1.05 Bayesian 0.05 LLR 2.29 LLR 0.00 Sum 1.15 Sum 0.27 W. Product 10.72 W. Product 0.00 Product 1.33 Product 0.48 W. Sum 18.37 W. Sum 24.56 W. Sum 42.59 W. Sum 1.30 Perceptron 20.95 Perceptron 27.73 Perceptron 44.11 Perceptron 6.75 Bayesian 23.47 Bayesian 34.87 W. Product 51.10 W. Product 6.80 Sum 23.49 Sum 50.42 ExtLLR 60.31 ExtLLR 6.82 Product 23.57 Product 50.43 LLR 60.32 LLR   our method always predicted the correct ranking corresponding to the optimal α value 06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar 41
  • 42. Experiments Results   Fakes: silicon (fingerprint) and photo (faces)   Optimal α values : face  0.9144 fingerprint  0.0522 Face spoofing Fingerprint spoofing ! ! # # $ $ :.;4<9.5 % :.;4<9.5 % 2=> 2=> ?3@A=/- 8.50956 ?3@A=/- &8.50956 & B"12=> B"12=> ?43/4C-3@5 ?43/4C-3@5 B"1?3@A=/- B"1?3@A=/- DE-FF8 DE-FF8 ( ( FF8 FF8 ) ) * * ! ! ! !"# !"$ !"% !"& !" !"( !") !"* !"+ # ! !"# !"$ !"% !"& !" !"( !") !"* !"+ # ,--./012-3456-7 ,--./012-3456-7   fingerprint spoofing   predicted ranking of each rule remains constant   bayesian rule always exhibits the best ranking 06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar 42
  • 43. Experiments Results   Fakes: silicon (fingerprint) and photo (faces)   Optimal α values : face  0.9144 fingerprint  0.0522 Face spoofing Fingerprint spoofing ! ! # # $ $ :.;4<9.5 % :.;4<9.5 % 2=> 2=> ?3@A=/- 8.50956 ?3@A=/- &8.50956 & B"12=> B"12=> ?43/4C-3@5 ?43/4C-3@5 B"1?3@A=/- B"1?3@A=/- DE-FF8 DE-FF8 ( ( FF8 FF8 ) ) * * ! ! ! !"# !"$ !"% !"& !" !"( !") !"* !"+ # ! !"# !"$ !"% !"& !" !"( !") !"* !"+ # ,--./012-3456-7 ,--./012-3456-7   face spoofing   two different rankings are predicted: one for α < 0.5, and the other α ≥ 0.5   weighted sum or weighted product rule can be reasonable choice 06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar 43
  • 44. Conclusions and future works•  Multimodal biometric systems are not intrinsically robust•  Multimodal systems can be more robust than unimodal systems•  Worst-case hypothesis does not hold in real scenarios•  Methodology for security evaluation without fabrication of spoof attacks   two models for fake score distribution based on the concept of “Attack strength”   developed models are a good alternative to the worst-case assumption•  Methodology for Ranking the score fusion rule under spoof attacks06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar 44
  • 45. Conclusions and future works•  Experimental results provide useful insights for the design of robust multimodal biometric systems•  Future works   more accurate modelling and simulation of fake score distributions   extensive validation of our models on data sets with significant spoof attacks of different biometric traits   development of robust score fusion rules06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar 45
  • 46. Thank you06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar 46