The University of Southampton
University of Southampton Institutional Repository

Targeted impersonation as a tool for the detection of biometric system vulnerabilities

Targeted impersonation as a tool for the detection of biometric system vulnerabilities
Targeted impersonation as a tool for the detection of biometric system vulnerabilities
This paper argues that biometric verification evaluations can obscure vulnerabilities that increase the chances that an attacker could be falsely accepted. This can occur because existing evaluations implicitly assume that an imposter claiming a false identity would claim a random identity rather than consciously selecting a target to impersonate. This paper shows how an attacker can select a target with a similar biometric signature in order to increase their chances of false acceptance. It demonstrates this effect using a publicly available iris recognition algorithm. The evaluation shows that the system can be vulnerable to attackers targeting subjects who are enrolled with a smaller section of iris due to occlusion. The evaluation shows how the traditional DET curve analysis conceals this vulnerability. As a result, traditional analysis underestimates the importance of an existing score normalisation method for addressing occlusion. The paper concludes by evaluating how the targeted false acceptance rate increases with the number of available targets. Consistent with a previous investigation of targeted face verification performance, the experiment shows that the false acceptance rate can be modelled using the traditional FAR measure with an additional term that is proportional to the logarithm of the number of available targets.
1-6
Bustard, John
8fa23e3b-8594-4c87-81c4-a77e774c8c0b
Carter, John N.
e05be2f9-991d-4476-bb50-ae91606389da
Nixon, Mark S.
2b5b9804-5a81-462a-82e6-92ee5fa74e12
Bustard, John
8fa23e3b-8594-4c87-81c4-a77e774c8c0b
Carter, John N.
e05be2f9-991d-4476-bb50-ae91606389da
Nixon, Mark S.
2b5b9804-5a81-462a-82e6-92ee5fa74e12

Bustard, John, Carter, John N. and Nixon, Mark S. (2013) Targeted impersonation as a tool for the detection of biometric system vulnerabilities. 2013 IEEE Sixth International Conference on Biometrics: Theory, Applications and Systems (BTAS), United States. 29 Sep - 02 Oct 2013. pp. 1-6 . (doi:10.1109/BTAS.2013.6712744).

Record type: Conference or Workshop Item (Paper)

Abstract

This paper argues that biometric verification evaluations can obscure vulnerabilities that increase the chances that an attacker could be falsely accepted. This can occur because existing evaluations implicitly assume that an imposter claiming a false identity would claim a random identity rather than consciously selecting a target to impersonate. This paper shows how an attacker can select a target with a similar biometric signature in order to increase their chances of false acceptance. It demonstrates this effect using a publicly available iris recognition algorithm. The evaluation shows that the system can be vulnerable to attackers targeting subjects who are enrolled with a smaller section of iris due to occlusion. The evaluation shows how the traditional DET curve analysis conceals this vulnerability. As a result, traditional analysis underestimates the importance of an existing score normalisation method for addressing occlusion. The paper concludes by evaluating how the targeted false acceptance rate increases with the number of available targets. Consistent with a previous investigation of targeted face verification performance, the experiment shows that the false acceptance rate can be modelled using the traditional FAR measure with an additional term that is proportional to the logarithm of the number of available targets.

Text
bustard btas 2013.pdf - Other
Download (417kB)

More information

Published date: 29 September 2013
Venue - Dates: 2013 IEEE Sixth International Conference on Biometrics: Theory, Applications and Systems (BTAS), United States, 2013-09-29 - 2013-10-02
Organisations: Vision, Learning and Control

Identifiers

Local EPrints ID: 363291
URI: https://eprints.soton.ac.uk/id/eprint/363291
PURE UUID: 1503bfeb-48c8-4cb7-b723-2b401b4c387b
ORCID for Mark S. Nixon: ORCID iD orcid.org/0000-0002-9174-5934

Catalogue record

Date deposited: 20 Mar 2014 12:27
Last modified: 07 Aug 2019 00:54

Export record

Altmetrics

Download statistics

Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.

View more statistics

Atom RSS 1.0 RSS 2.0

Contact ePrints Soton: eprints@soton.ac.uk

ePrints Soton supports OAI 2.0 with a base URL of https://eprints.soton.ac.uk/cgi/oai2

This repository has been built using EPrints software, developed at the University of Southampton, but available to everyone to use.

We use cookies to ensure that we give you the best experience on our website. If you continue without changing your settings, we will assume that you are happy to receive cookies on the University of Southampton website.

×