Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Introduction to biometric systems security


Published on

An introduction to secure Biometric templates

Published in: Engineering
  • Be the first to comment

Introduction to biometric systems security

  1. 1. Introduction to Biometric Systems Security Dhananjay Dewangan
  2. 2. Overview Biometric Introduction Privacy Assessments Biometric System Security Template Protection Privacy in Multimodal Systems Future Work References
  3. 3. Biometric Introduction Definition: Any automatically measurable, robust and distinctive physical characteristics or personal traits that can be used to identify an individual or verify the claimed identity of an individual i.e. used to provide user’s authenticity.
  4. 4. Biometric Introduction Stages in Biometric: •Identification/Enrollment -figure out ‘Who is X?’ -accomplished by system performing ‘one-to-many’ search •Verification/Authentication -answer the question ‘Is this X?’ -accomplished by system performing ‘one- to-one’ search
  5. 5. Biometric Introduction Types of Biometric 1.Behavioral -voice -signature -DNA 2. Physiological -fingerprint -palmprint -face -hand geometry -iris
  6. 6. Biometric Introduction
  7. 7. Biometric Introduction Expectation from biometric technology -Performance -Cost -Interoperability -User Convenience -Security
  8. 8. Privacy Assessments The biometric features, samples and templates can not be considered as ‘Secrets’ since it is possible to capture them to create real or digital artifacts suitable to a attack a biometric system. The design and usage of a biometric system should always respect strict guidelines to protect the user’s privacy and these are: •Scope & capability of the system •The data protection •User control of personal data •Disclosure, auditing and accountability of the biometric system
  9. 9. Biometric System Security The security ensured by the biometric systems can itself be compromised. The general analysis of a biometric system for vulnerability assessment determines the extent to which an imposter can compromise the security offered by the biometric system. Many of the attacks are applicable to any information system, the attacks using fake biometrics and template modification are unique to biometric systems.
  10. 10. Biometric System Security
  11. 11. Biometric System Security Sensor level attacks A fake biometric sample can be presented at the sensor to gain access like fingerprint impressions from object touched by the person. Replay attacks It is possible for an adversary to interpret or acquire a digital copy of th e stored biometric sample and replay this signal bypassing the biometric sensor. Trojan horse attacks The feature extractor can be replaced by a program which generates a desired feature set.
  12. 12. Biometric System Security Spoofing the features The feature vectors generated from the biometric samples are replaced by the set of synthetically generated (fake) features. Attack on matcher The matcher can also be subjected to a Trojan horse attack that always produce high or low match scores irrespective of which user presents the biometric at the sensor. Attack on template The template generated during the user enrollment/registration can either be stored locally or at some central location which either modifies stored templates or replaces it with a new template.
  13. 13. Biometric System Security Attack on communication channel The data being transferred through a communication channel can be intercepted for malicious reasons and modified and inserted back into the system. Attack on decision module The final decision generated by the biometric system can be overridden by a Trojan horse program. A biometric matcher is typically only a part of a larger information and security management system. Thus the non-biometric modules in the overall system can also introduce some security
  14. 14. Template Protection An ideal template protection scheme for a biometric system should have following properties: 1. Diversity - The cross-matching of a secured templates should be ensured in such a manner that the privacy of the true owner of the template should be ensured. 2. Revocability - When the biometric template is compromised, it should be possible to revoke the compromised template and reissue a new template based on the biometric trait. 3. Security - It should be extremely difficult to generate the original biometric feature set from the protected biometric templates.
  15. 15. Template Protection The secured template must be Non- invertible i.e. illegal users could not generate original template from secure stored template in system database. There is a tradeoff between matching performance and the security degree of biometric template protection scheme. The methods of protection scheme are: 1. Biometric cryptosystems 2. Cancellable biometric or Template
  16. 16. Template Protection Biometric Cryptosytems Binds a digital key to a biometric template or generates a key from a biometric template. In enrollment phase, the public information called helper data is derived from the biometric template & stored in system database and is computationally very complicated to reconstruct the original template from the helper data. In authentication phase, if the input biometric is sufficient close to original template then it
  17. 17. Template Protection Key-Binding In enrollment phase, a digital secret key binds to a biometric template and combination of them stores in the system database as helper data. In recognition phase, a key retrieval algorithm is applied to input template and helper data to extract secret key. Whenever an adversary behavior take places on the system database the helper data removes and a new helper data using a new secret key and biometric template generates. Example – fuzzy commitment and fuzzy vault schemes
  18. 18. Template Protection
  19. 19. Template Protection Key-Generation In enrollment phase, helper data is extracted from biometric template and the secret key is generated from the helper data and biometric template. In recognition phase the stored helper data and input biometric template used to generate the secret key. Example – Private template approach and quantization technique
  20. 20. Template Protection Template Transformation Applying a transform function on biometric data in a way that reconstructing original biometric data from transformed biometric is computationally so hard. •In enrollment phase, the biometric template transforms to transformed template using user specific parameters for transformation and then stored in system database along with user specific parameters. • In recognition phase, the transformation with same user specific parameters occurs on input biometric template and resulting transformed template compares with stored transformed template.
  21. 21. Template Protection
  22. 22. Template Protection Non-Invertible Transformation: A one-way function applying on biometric data. To renew a biometric template the parameters of function must be changed. In cases the parameters of transformation are compromised the attacker is not able to reconstruct the original biometric template. Because of intra-class variations the transformation needs to align biometric template to perform an effective comparison and this causes to reduce the authentication performance.
  23. 23. Template Protection Salting/Biohashing: The biometric features are transformed using a function defined by a user-specific key or password. Since the transformation is invertible to a large extent, the key needs to be securely stored or remembered by the user and presented during authentication. The parameters of transformation are kept secret. otherwise the attacker is able to reconstruct the original biometric template from the transformed template. The authentication performance of this method in comparison with non-invertible transformation method is higher but has the lower accuracy.
  24. 24. Template Protection The mentioned template protection methods have their pros and cons in relation to degree of security, performance, storage requirements and ability to apply on various types of biometric data. One of the main limitations of mentioned methods is the issue of alignment that reduces the recognition performance. Fractal coding is a type of template transformation methods along with some changes and has many advantages in relation to alignment and applicability to different types of biometric data. Fractals are self-similar objects that are similar under various geometrical scales and could be described by a set of transformations. Fractal code is a set of non-linear transformations that approximating a given image.
  25. 25. Template Protection Hybrid Approach: •Combination of both methods, Biometric cryptosystem and cancellable biometrics.
  26. 26. Template Protection • cancelable transforms used to generate a cancelable template. A cancelable transform, normally, decreases the discriminative power of the original template. •A discriminability enhancement transform is then applied to compensate for the discriminative power lost in the first step. Another objective of the discriminability enhancement transform is to generate a binary template such that biometric cryptosystem method, e.g., hash function, can be employed in the final step. This way, the proposed three-step hybrid framework is able to satisfy the template protection requirements.
  27. 27. Privacy in Multimodal System Humans beings typically identify other individuals using a biometric approach which encompasses more than a single biometric trait. For example we can recognize a person watching his face, but the final decision is often integrated using other biometric traits such as the voice, the stature, the gait, or the behavior. In a similar way, a multimodal biometric system uses different biometric traits and combines them efficiently.
  28. 28. Privacy in Multimodal System Pros: The performance of a matching system is improved with respect to the same system working with the single traits which compose the multimodal system.  The global fault tolerance of the system is enhanced, since, if one biometric subsystem is not working properly (e.g., a sensor problem occurred), the multimodal system can keep working using the remaining biometric submoduls that are correctly functioning. The multiple acquisition of different traits at the same time (or in a very narrow time frame) achieves an effective deterring against spoofing
  29. 29. Privacy in Multimodal System Cons: The higher cost of the systems, since they are composed by multiple and different biometric subsystems, each for every single traits that has been selected. The acquisition time: a multi-acquisition is mostly longer than a single acquisition. In addition, the user can perceive the multiple acquisition as more invasive and/or inconvenient. The retention of biometric data is
  30. 30. Privacy in Multimodal System Design: A typical multimodal biometric verification scheme provides two basic modules. The first, the enroll module, creates some sort of ID linked to a single user starting from the user’s biometric samples. The ID could then be stored in e.g. a document or a smart card and must be provided during the verification phase. The second module, the verification one, verifies if the ID matches a new set of freshly provided biometrics. While the number of biometric traits might in principle be increased as desired.
  31. 31. Privacy in Multimodal System
  32. 32. Privacy in Multimodal System
  33. 33. Future Work Plan for next 10 days: •Implementation of any transformation technique for our biometric system. •Analysis of security attacks. •Non-invertible transformation as biohashing. •Verification based on fractal coding.
  34. 34. References S. Prabhakar, S. Pankanti, and A. K. Jain, “Biometric Recognition: Security and Privacy Concerns,” IEEE Security and Privacy Magazine, Vol. 1, No. 2, pp. 33-42, March-April 2003. Anil K Jain, Ajay Kumar, Biometrics on Next Generation: An Overview. Jain AK, Nandakumar K, and Nagar A (2008) Biometric template security. EURASIP J Advances n Signal Processing, Special issue on Biometrics. A. K. Jain, K. Nandakumar and A. Nagar, "Biometric Template Security", EURASIP Journal on Advances in Signal Processing, January 2008. Stelvio Cimato, Marco Gamassi, Vincenzo
  35. 35. References A. Teoh Beng Jin, D. Ngo Chek Ling, and A. Goh. Biohashing: two factor authentication featuring fingerprint data and tokenised random number. Pattern recognition, 37(11):2245–2255, 2004. Hossein Malekinezhad, Hossein Ebrahimpour- Komleh, Protecting Biometric-based Authentication Systems against Indirect Attacks. Hossein Malekinezhad, Hossein Ebrahimpour- Komleh, Fractal Technique for Face Recognition. Y C Feng1, Pong C Yuen1and Anil K Jain, A Hybrid Approach for Face Template Protection. Andrew B.J. Teoha, Yip Wai Kuan b Sangyoun Lee a, Cancellable biometrics and annotations on BioHash, Pattern Recognition 41 (2008) 2034 – 2044.