Vulnerability assessment

Dunstone, Ted; Poulton, Geoff

doi:10.1016/s0969-4765(11)70093-5

Cited by 5 publications

(4 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In terms of sensor‐level attacks, three existing methods have been identified [9]: Zero‐effort attacks , in which a person claims a random identity and attempts to be incorrectly accepted by the system. Zero‐effort attacks are the attack type being measured in existing large‐scale performance evaluations that calculate false accept rates. Brute force attacks , which repeatedly attempt to access a system, adjusting a biometric feature until a sufficiently close match is obtained [10].…”

Section: Biometric Vulnerabilitiesmentioning

confidence: 99%

“…Attackers can exploit this variation to compromise a biometric system. For example, a lamb insertion attack [9] would involve deliberately enrolling a person or synthetic feature that is known to have a similar signature to many subjects. The system containing the lamb subject would then be vulnerable to imposters claiming the lamb identity.…”

Section: Biometric Vulnerabilitiesmentioning

confidence: 99%

See 1 more Smart Citation

Measuring and mitigating targeted biometric impersonation

et al. 2014

View full text Add to dashboard Cite

This study is concerned with the reliability of biometric verification systems when used in forensic applications. In particular, when such systems are subjected to targeted impersonation attacks. The authors expand on the existing work in targeted impersonation, focusing on how best to measure the reliability of verification systems in forensic contexts. It identifies two scenarios in which targeted impersonation effects may occur: (i) the forensic investigation of criminal activity involving identity theft; and (ii) implicit targeting as a result of the forensic investigation process. Also, the first partial countermeasure to such attacks is presented. The countermeasure uses client-specific Z-score normalisation to provide a more consistent false acceptance rate across all enrolled subjects. This reduces the effectiveness of targeted impersonation without impairing the systems accuracy under random zero-effort attacks.

show abstract

Section: Biometric Vulnerabilitiesmentioning

confidence: 99%

Section: Biometric Vulnerabilitiesmentioning

confidence: 99%

Measuring and mitigating targeted biometric impersonation

et al. 2014

View full text Add to dashboard Cite

show abstract

“…Attackers can ex ploit this variation to compromise a biometric system. For ex ample, a lamb insertion attack [6] would involve deliberately enrolling a person or synthetic feature that is known to have a similar signature to many subjects. The system containing the lamb subject would then be vulnerable to imposters claiming the lamb identity.…”

Section: Biometric Vulnerabilitiesmentioning

confidence: 99%

Targeted biometric impersonation

Bustard

Carter

Nixon

2013

2013 International Workshop on Biometrics and Forensics (IWBF)

View full text Add to dashboard Cite

When applying biometric algorithms to forensic verification, false acceptance and false rejection can mean a failure to iden tify a criminal, or worse, lead to the prosecution of individuals for crimes they did not commit. It is therefore critical that bio metric evaluations be performed as accurately as possible to determine their legitimacy as a forensic tool. This paper ar gues that, for forensic verification scenarios, traditional per formance measures are insufficiently accurate. This inaccu racy occurs because existing verification evaluations implic itly assume that an imposter claiming a false identity would claim a random identity rather than consciously selecting a target to impersonate. In addition to describing this new vul nerability, the paper describes a novel Targeted..FAR metric that combines the traditional False Acceptance Rate (FAR) measure with a term that indicates how performance degrades with the number of potential targets. The paper includes an evaluation of the effects of targeted impersonation on an ex isting academic face verification system. This evaluation re veals that even with a relatively small number of targets false acceptance rates can increase significantly, making the anal ysed biometric systems unreliable.

show abstract

“…Instead, the framework of a biometric system that includes data acquisition, processing, storing of templates and matching can also be threaten by an adversary that result the problems of authentication accuracy, reliability, robustness against fraudulent attacks, secrecy of biometric data and privacy protection. A practical biometric system which is employed to different applications can perform better and achieve the desired accuracy, but it is highly vulnerable to simple methods that can circumvent the security (Dunstone and Poulton, 2011). The methods includes the synthetic reproduction of anatomical identities, e.g., acquisition of facial images or lifting of latent fingerprints; and the imitation of behavioural identities, e.g., reproduction of handwritten signature or producing similar voices.…”

Section: Introductionmentioning

confidence: 99%

A taxonomy of biometric system vulnerabilities and defences

Singh

2013

IJBM

View full text Add to dashboard Cite

The interest in biometric technology is received much attention in the recent years. However, the security issue still persists the main challenge for the reliable functioning of biometric-based authentication systems. Much has been reported on the vulnerabilities of biometric systems that breach the security and user privacy. We present a high-level classification of biometric system vulnerabilities and discuss the defence techniques of these vulnerabilities. We present a multidimensional threat environment of the biometric systems that includes faults, failures and security attacks. A framework of biometric security attacks on man-machine model is presented and the system vulnerabilities are represented using Ishikawa's diagram. The provable defence techniques such as biometric vitality detection and biometric template protection are critically evaluated, in particular, a classification of current state-of-the-art of vitality detection techniques of commonly used biometrics is proposed. Our main contributions include: (1) propose a taxonomy of biometric system vulnerabilities; (2) present a framework of biometric security attacks using man-machine model; (3) representation of vulnerabilities using Ishikawa's diagram; (4) an evaluation of defence techniques of these vulnerabilities.

show abstract

Vulnerability assessment

Cited by 5 publications

References 0 publications

Measuring and mitigating targeted biometric impersonation

Measuring and mitigating targeted biometric impersonation

Targeted biometric impersonation

A taxonomy of biometric system vulnerabilities and defences

Contact Info

Product

Resources

About