Vulnerability assessment in the use of biometrics in unsupervised environments

• Autores: ANAS HUSSEIN AHMAD Husseis
• Directores de la Tesis: Raúl Sánchez Reillo (dir. tes.), Judith Liu Jiménez (codir. tes.)
• Lectura: En la Universidad Carlos III de Madrid ( España ) en 2021
• Idioma: español
• Tribunal Calificador de la Tesis: Cristina Conde Vidal (presid.), Mariano López García (secret.), Farzin Deravi (voc.)
• Programa de doctorado: Programa de Doctorado en Ingeniería Eléctrica, Electrónica y Automática por la Universidad Carlos III de Madrid
• Materias:
  • Ciencias de la vida
    • Biometría
• Enlaces
  • Tesis en acceso abierto en: e-Archivo
• Resumen

  • In the last few decades, we have witnessed a large-scale deployment of biometric systems in different life applications replacing the traditional recognition methods such as passwords and tokens. We approached a time where we use biometric systems in our daily life. On a personal scale, the authentication to our electronic devices (smartphones, tablets, laptops, etc.) utilizes biometric characteristics to provide access permission. Moreover, we access our bank accounts, perform various types of payments and transactions using the biometric sensors integrated into our devices. On the other hand, different organizations, companies, and institutions use biometric-based solutions for access control. On the national scale, police authorities and border control measures use biometric recognition devices for individual identification and verification purposes.

    Therefore, biometric systems are relied upon to provide a secured recognition where only the genuine user can be recognized as being himself. Moreover, the biometric system should ensure that an individual cannot be identified as someone else. In the literature, there are a surprising number of experiments that show the possibility of stealing someone’s biometric characteristics and use it to create an artificial biometric trait that can be used by an attacker to claim the identity of the genuine user. There were also real cases of people who successfully fooled the biometric recognition system in airports and smartphones [1]–[3]. That urges the necessity to investigate the potential threats and propose countermeasures that ensure high levels of security and user convenience.

    Consequently, performing security evaluations is vital to identify: (1) the security flaws in biometric systems, (2) the possible threats that may target the defined flaws, and (3) measurements that describe the technical competence of the biometric system security. Identifying the system vulnerabilities leads to proposing adequate security solutions that assist in achieving higher integrity.

    This thesis aims to investigate the vulnerability of fingerprint biometric modality to presentation attacks in unsupervised environments, then implement mechanisms to detect those attacks and avoid the misuse of the system. To achieve these objectives, the thesis is carried out in the following three phases.

    In the first phase, the generic biometric system scheme is studied by analyzing the vulnerable points with special attention to the vulnerability to presentation attacks. The study reviews the literature in presentation attack and the corresponding solutions, i.e. Presentation Attack Detection (PAD) mechanisms, for six biometric modalities: fingerprint, face, iris, vascular, handwritten signature, and voice. Moreover, it provides a new taxonomy for presentation attack detection mechanisms. The proposed taxonomy helps to comprehend the issue of presentation attacks and how the literature tried to address it. The taxonomy represents a starting point to initialize new investigations that propose novel presentation attack detection mechanisms.

    In the second phase, an evaluation methodology is developed from two sources: (1) the ISO/IEC 30107 standard, and (2) the Common Evaluation Methodology by the Common Criteria. The developed methodology characterizes two main aspects of the presentation attack detection mechanism: (i) the resistance of the mechanism to presentation attacks, and (ii) the corresponding threat of the studied attack.

    The first part of this phase is conducted by showing the mechanism's technical capabilities and how it influences the security and ease-of-use of the biometric system. As provided in the standard ISO/IEC 30107 part 3: Testing and reporting, the goal of PAD subsystem evaluations is to determine the PAD mechanism’s ability to correctly classify attacks and bona fide presentations. Nonetheless, PAD subsystems are subject to classification errors, i.e. false positive and false negative. The conducted evaluation reports sufficient description which characterizes the influence of those error rates on the security and ease-of-use attributes of the biometric systems.

    The second part is done by performing a vulnerability assessment considering all the factors that affect the attack potential. The vulnerability assessment refers to the process of determining exploitable vulnerabilities introduced in the development or operation of the Target of Evaluation (ToE). This determination depends on investigating the evaluation evidence and exploring publicly available tools by the evaluator and is assisted by evaluator infiltration testing. In addition to the vulnerability analysis, vulnerability assessment analyzes the attack potential by exploring different factors that affect the potential of attacks.

    At the end of the second phase, a data collection is carried out, including 7128 fingerprint videos of bona fide and attack presentation. The data is collected using two sensing technologies: thermal and optical, two presentation scenarios, and considering seven attack species. The database is used to develop dynamic presentation attack detection mechanisms that exploit the fingerprint spatio-temporal features.

    The two acquisition scenario were proposed to investigate the following cases: (1) the dynamic development of fingerprint impressions in ordinary presentations, where the capture subject presents his fingerprint to the sensor. (2) The dynamic distortion caused by applying additional pressure during the fingerprint placement on the sensors’ surface. This thesis studies the dynamic differences, in both scenarios, between genuine fingerprints and different attack species.

    In the final phase, a set of novel presentation attack detection mechanisms is developed exploiting the dynamic features caused by the natural fingerprint phenomena such as perspiration and elasticity. The first PAD mechanism calls into question whether the formation of genuine fingerprint provides discriminative dynamic features that distinguish it from the different presentation attack species. In this context, First Order Statistics (FOSs) are used to describe the visual features of a video, considering that a video is a sequence of images. FOSs are selected because they provide a useful global description for the video frames as well as the calculation’s simplicity.

    The second PAD mechanism exploits the dynamic texture of the fingerprint as the discriminative foundation. The dynamic model was chosen because of the experimental observations which shows that genuine fingerprints demonstrate perceptual and statistical dynamic differences in comparison with attacks as shown by the first mechanism. Thus, five state-of-the-art dynamic texture descriptors are selected to investigate fingerprint spatiotemporal features aiming to obtain high PAD classification accuracy. The importance of this mechanism lies in consolidating the spatial fingerprint features of the fingerprint impression with the temporal variations by investigating fingerprint videos instead of studying static fingerprint impressions. This experiment investigates three groups of spatio-temporal features: (1) local features extracted from 3-D patches, (2) local features extracted from the XY, XT, and YT planes, and (3) global features extracted from the complete fingerprint video. Results show an accuracy improvement over the dynamic methods that combine the 2-D features of the fingerprint sequence. Moreover, it is noticed that the first group of features achieves the highest accuracy for the optical technology and the second group performs the best for the thermal technology.

    The third PAD mechanism involves studying the impact of applying additional pressure during the presentation on the dynamic fingerprint pattern. The study examines the influence of pressure in fingerprint presentations and utilized this influence for the purpose of PAD. We studied the dynamic characteristics of genuine and attack presentations through a subjective and objective analysis. Based on those analyses on genuine fingerprints and seven PAI species, we concluded that the reaction to pressure in fingerprint patterns depends on the characteristics of the presented trait, genuine or attack. Fingerprint dynamic features were investigated using different dynamic texture descriptors. The utilized feature extractors had demonstrated a significant capability to detect presentation attacks and low false reject rates at the same time.

    The evaluation of the proposed mechanisms show an efficient capability to detect attacks where, in some configurations, the mechanisms are capable of eliminating some attack species and mitigating the rest of the species while keeping the user convenience at a high level.

    References [1] “Amsterdam airport’s facial ID fooled by simple photo,” Biometric Technol. Today, vol. 2020, no. 1, pp. 11–12, Jan. 2020.

    [2] “Man boards plane disguised as old man then arrested on arrival in Canada | Daily Mail Online.” [Online]. Available: https://www.dailymail.co.uk/news/article-1326885/Man-boards-plane-disguised-old-man-arrested-arrival-Canada.html. [Accessed: 02-Nov-2020].

    [3] “How Bkav tricked iPhone X’s Face ID with a mask - YouTube.” [Online]. Available: https://www.youtube.com/watch?v=i4YQRLQVixM&feature=emb_logo. [Accessed: 02-Nov-2020].