View
2.254
Download
1
Embed Size (px)
DESCRIPTION
Citation preview
Pattern Recognition and Applications Group Department of Electrical and Electronic Engineering University of Cagliari, Italy
Security of Multimodal Biometric Systems against Spoof Attacks
Zahid Akhtar
Advisor: Prof. Fabio Roli
PhD in Electronic and Computer Engineering
Dr. Gian Luca Marcialis Co-advisors: Dr. Giorgio Fumera
2
Outline
06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar
• Background concepts biometric systems and their security issues
• Contributions of this thesis Robustness evaluation of multimodal biometric systems against real spoof attacks Proposed methods for security evaluation of multimodal biometric systems against spoof attacks Experiments
• Conclusions and future works
3
Biometrics
06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar
• Examples of body traits that can be used for biometric recognition
Face Fingerprint Iris Hand geometry
Palmprint Signature Voice Gait
4 06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar
• Enrollment Phase
• Verification Phase
` Feature Extractor
Biometric Sensor
System Database
XTemplate
User Identity
User
Feature Extractor
Biometric Sensor
System Database Yes
No
Score
Score > Threshold
Genuine
Impostor
XQuery
Claimed user Identity
Matcher
XTemplate
User
Biometric authentication systems
5
Biometric authentication systems
06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar
• Unimodal Biometric System
• Multimodal Biometric System
Feature Extractor
Biometric Sensor
Fingerprint Matcher
System Database
Yes
No
Score
Score > Threshold
Genuine
Impostor
Feature Extractor
Biometric Sensor
Face Matcher
Feature Extractor
Biometric Sensor
Fingerprint Matcher
System Database
Score Fusion Rule
f(s1,s2)
s1
s2
Yes
No
Score
Score > Threshold
Genuine
Impostor
6
Spoof (Direct) Attacks
06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar
• Spoof attacks attacks at the user interface (sensor) presentation of a fake biometric trait
• Countermeasures Liveness detection methods Multimodal biometric Systems “intrinsically” robust?
7
State-of-the-art
06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar
• Vulnerability identification contrary to a common belief, a multimodal biometric system can be evaded even if only one biometric trait is spoofed [Rodrigues et al. JVLC 2009, Rodrigues et al. BTAS 2010, P. A. Jonhson et al. WIFS 2010]
• Robustness evaluation against spoof attacks evaluation under working worst-case hypothesis
“worst-case” scenario, where it is assumed that the attacker is able to fabricate a perfect replica of a biometric trait
Fake scores are simulated under a worst-case scenario, resampling genuine user scores p(score|Impostor, spoofing) = p(score|Genuine)
p(score|Genuine) p(score|Impostor) p(score|Fake)
0 0.1 0.2 0.3 0.4 0.5 0.6 0.7 0.8 0.9 10
1
2
3
4
5
6
score
8
State-of-the-art
06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar
• Defense strategies against spoof attacks two robust fusion rule under a worst-case hypothesis [Rodrigues et al. JVLC 2009]
• No methodology exist to evaluate the performance of biometric systems against real spoof attack
9
Open issues
06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar
1. Vulnerability identification against real spoof attacks vulnerability of multimodal biometric systems to real spoof attacks that may be exploited by an attacker to mislead the system
2. Performance evaluation methods against spoof attacks standard performance evaluation does not provide information about the security1 of a system against spoof attack
3. Robust system design current theory and design methods of biometric systems do not take into account the vulnerability to such adversary attacks.
1 In this thesis, we will use both “security” and “robustness” terms interchangeably, to indicate performance of biometric systems against spoof attacks.
10
Main contributions of this thesis
06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar
1. Security of multimodal biometric systems against real spoof attacks to provide empirical proof that multimodal systems are not intrinsically robust against real spoof attacks
2. Worst-case hypothesis validation to verify that current worst-case scenario is not realistic under “real” attacks
3. Security evaluation method to provide an estimate of the performance of multimodal biometric system against real spoof attack without fabrication of fake traits to select a more robust score fusion rule according to its performance under spoof attack
11
Problems
06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar
• Can multimodal biometric systems be actually cracked by attacking only one sensor via real spoof attacks?
to validate the state-of-the-art results obtained under “worst-case” spoof attack scenario
The scope of state-of-the-art results are very limited since they were obtained by simulating the scores of spoofed traits under worst-case
scenario.
12
Problems
06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar
To what extent the drop in performance under the “worst-case” attack scenario is representative of the performance under real spoof attacks.
• Is the “worst-case” scenario hypothesized in literature for spoofing biometrics representative of real spoof attacks?
whether and to what extend the “worst-case” scenario is realistic
• How can the security of multimodal systems be evaluated, under realistic attacks, without fabricating spoofed traits?
a current issue is to have a measurements of the performance drop under spoofing attacks for uni and multimodal systems
collecting “attack” samples is a non-trivial task
13
Problems
06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar
It is of interest to evaluate robustness of biometric systems under different qualities of fake traits.
14
Experiments
06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar
• Multimodal system with face and fingerprint matchers
Fingerprint: Bozorth3 (NIST) and Verifinger (Neurotechnology)
Face: Elastic Bunch Graph Matching - EBGM
Feature Extractor
Biometric Sensor
Face Matcher
Feature Extractor
Biometric Sensor
Fingerprint Matcher
System Database
Score Fusion Rule
f(s1,s2)
s1
s2
Yes
No
Score
Score > Threshold
Genuine
Impostor
15
Experiments
06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar
Score fusion rules
5. Weighted Product s =
1. Sum s = s1 + s2
€
s1w × s2
1−w
€
α3 (1− c1)(1+ c2)p(s1 |G)p(s2 | I)
€
+ α3 (1+ c1)(1− c2)p(s1 | I)p(s2 |G)
+ α3 (1− c1)(1− c2)p(s1 |G)p(s2 |G)
[(1−α) + α3 (c1 + c2 + c1c2)]p(s1 | I)p(s2 | I)
2. Product s = s1 × s2
3. Bayesian s = ( s1 × s2 ) / [(1- s1)(1- s2) + (s1 × s2)]
4. Weighted Sum (LDA) s = w0 + w1s1 × w2s2
6. Perceptron s = 1 / 1 + exp[(w0 + w1s1 × w2s2)]
7. Likelihood ratio (LLR) s = p(s1,s2|G) / p(s1,s2|I)
8. Extended LLR (ExtLLR)
p(s1,s2|I) = explicitly models the distribution of spoof attacks (worst-case) [Rodrigues et al. JVLC 2009]
16
Experiments
06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar
Fake biometric traits • Fake fingerprints by “consensual method”
mould: plasticine-like material cast: silicon, latex, gelatin and alginate
Live Fake (latex) Fake (silicon) !
!
!
!
!
!
!
!
!
Live Fake (photo) Fake (personal ) !
!
!
!
!
!
• Fake faces by “photo-attack”, “personal photo attack” and “print-attack” photo displayed on a laptop screen to camera Personal photos (like those appearing an social networks) video clips of printed-photo attacks
17
Experiments
06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar
Data sets
Data Set Number Number Number of clients of spoofs of live per client per client
Silicon 142 20 20 Latex 80 3 5 Gelatin 80 3 5 Alginate 80 3 5
Photo Attack 40 60 60 Personal Photo Attack 25 3(avg.) 60 Print Attack 50 12 16
12 chimerical multimodal data sets with 8 fusion rules 12 × 8 = 96 multimodal biometric systems
18
Robustness evaluation against real spoof attacks
06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar
19
Experiments
06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar
• can multimodal systems be cracked by attacking only one modality via real spoof attacks?
Fakes: latex (fingerprint) and photo (faces)
@1% FAR operational point (LDA): FAR under attacks: 64.91% (fingerprint spoofing) and 2.17% (face spoofing)
10!1
100
101
102
10!1
100
101
102
FAR (%)
FR
R (
%)
LDA
10−1
100
101
102
10−1
100
101
102
FAR (%)
FR
R (
%)
LLR
no spoof fing. face both w-fing. w-face
Results
20
Experiments
06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar
however the considered multimodal systems are more robust than unimodal ones, even when all biometric traits are spoofed
Fakes: silicon (fingerprint) and photo (faces)
10−1
100
101
102
10−1
100
101
102
FAR (%)
FR
R (
%)
LLR
fing. + face (no spoof) fing.+ face spoof fing. (no spoof) fing. spoof face (no spoof) face spoof
10−1
100
101
102
10−1
100
101
102
FAR (%)
FR
R (
%)
Product
Results
Zahid Akhtar, Battista Biggio, Giorgio Fumera, Gian Luca Marcialis, “Robustnessof Multi-modal Biometric Systems under Realistic Spoof Attacksagainst All Traits”, In IEEE Workshop on Biometric Measurements and Systems for Security and Medical Applications (BioMS), pp. 5–10, 2011.
21
Worst-case hypothesis validation
06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar
22
Experiments
06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar
Results
10−1
100
101
102
10−1
100
101
102
FAR (%)
FR
R (
%)
Extended LLR
10−1
100
101
102
10−1
100
101
102
FAR (%)
FR
R (
%)
LLR
no spoof fing. face both w-fing. w-face
worst case assumption (dashed lines) holds to some extent for face spoofing but not for fingerprint spoofing
• Is the “worst-case” scenario for spoofing biometrics representative of real spoof attacks?
Fakes: latex (fingerprint) and photo (faces)
Battista Biggio, Zahid Akhtar, Giorgio Fumera, Gian Luca Marcialis, FabioRoli, “Robustness of multi-modal biometric verification systems under realistic spoofing attacks”, In International Joint Conference on Biometrics (IJCB), 2011.
Fake fingerprints silicon alginate
23
Experiments
06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar
• Matching score distributions
Fake faces photo personal photo
! !"# !"$ !"% !"& '!
!"!'
!"!#
!"!(
!"!$
!"!)
!"!%
*
*+,-./-,
/0123425
678,
! !"# !"$ !"% !"& '!
!"!'
!"!#
!"!(
!"!$
!"!)
!"!%
*
*+,-./-,
/0123425
678,
! !"# !"$ !"% !"& '!
!"!(
!"'
!"'(
!"#
!"#(
!")
!")(
!"$*+,-./''!01213/4)!0+15./3+67!8+*+91:
;
;<.:=+:.
+5>18/13
?76.
! !"# !"$ !"% !"& '!
!"!(
!"'
!"'(
!"#
!"#(
!")
!")(
!"$*+,-./''!01213/4)!0+15./3+67!7*8+97/
:
:8.9;+9.
+5<1=/13
>76.
Results
Extended LLR can be less robust than LLR to real fingerprint spoof attacks
24
Experiments
06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar
Fakes: silicon (fingerprint) and personal photo (faces)
no spoof fing. face both w-fing. w-face
10−1
100
101
102
10−1
100
101
102
FAR (%)
FR
R (
%)
Extended LLR
10!1
100
101
102
10!1
100
101
102
FAR (%)
FR
R (
%)
LLR
Results
Battista Biggio, Zahid Akhtar, Giorgio Fumera, Gian Luca Marcialis, FabioRoli, “Security evaluation of biometric authentication systems under realistic spoofing attacks”, In IET Biometrics, In press, 2012.
25
Security evaluation method
06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar
26
Security evaluation
06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar
• Security evaluation is required to have a more complete understanding of multimodal biometric systems’ performance
to assess the robustness of the multimodal systems to design novel fusion rules robust to spoof attacks to choose the most robust fusion rule
• Fabricating spoof attacks may be very difficult task
costly and time consuming
• We thus propose to simulate the effect of spoof attacks on corresponding matching score distribution
27
Attack simulation
06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar
• Factors: biometric trait spoofed, matching algorithm, forgery techniques and ability
• Sets of matching scores from genuine users and impostors distributions are given
• Baseline assumptions
worst-case for the system (best-case for the attacker) p(score|Fake) = p(score|Genuine) State-of-the-art
best-case for the system (worst-case for the attacker) p(score|Fake) = p(score|Impostor)
intermediate cases p(score|Fake) lies between p(score|Genuine) and p(score|Impostor)
28
Attack simulation
06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar
• Models of spoof attacks match score distribution based on baseline assumption
• Parametric model
Fake: same parametric form as Genuine and Impostor ones
µFake = α µGenuine + (1- α) µImpostor
σFake = α σGenuine + (1- α) σImpostor
α ∈ [0,1] : “Attack Strength”
state-of-the-art (worst-case) α = 1
0 0.1 0.2 0.3 0.4 0.5 0.6 0.7 0.8 0.9 10
1
2
3
4
5
6
7
score
p(score|Genuine)
p(score|Impostor)
p(score|Fake)
α = 0.5
• Non-Parametric model
scoreFake = (1 - α) scoreImpostor + α scoreGenuine
Zahid Akhtar, Giorgio Fumera, Gian Luca Marcialis, and Fabio Roli, “Robustness Evaluation of Biometric Systems under Spoof Attacks”, In 16th International Conference Image Analysis and Processing (ICIAP), pp.159–168, 2011.
29
Security evaluation method
06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar
State-of-the-art p(score|Fake) = p(score|Genuine)
0 0.1 0.2 0.3 0.4 0.5 0.6 0.7 0.8 0.9 10
1
2
3
4
5
6
score
p(score|Genuine) p(score|Impostor) p(score|Fake)
0 0.1 0.2 0.3 0.4 0.5 0.6 0.7 0.8 0.9 10
1
2
3
4
5
6
score
p(score|Genuine) p(score|Impostor)
Threshold
Fused score distribution
Training Phase Testing Phase
Matchers under attack
0 0.1 0.2 0.3 0.4 0.5 0.6 0.7 0.8 0.9 10
1
2
3
4
5
6
score
p(score|Genuine) p(score|Impostor) p(score|Fake)
Matchers under attack
Our method Parametric
µFake = α µGenuine + (1- α) µImpostor σFake = α σGenuine + (1- α) σImpostor
Non-parametric scoreFake = (1 - α) scoreImpostor + α scoreGenuine
0 0.1 0.2 0.3 0.4 0.5 0.6 0.7 0.8 0.9 10
1
2
3
4
5
6
score
p(score|Genuine) p(score|Impostor)
Matchers not attacked
0 0.1 0.2 0.3 0.4 0.5 0.6 0.7 0.8 0.9 10
1
2
3
4
5
6
score
p(score|Genuine) p(score|Impostor)
Matchers not attacked
accu
racy
attack strength (α)
multimodal biometric system
0 0.1 0.2 0.8 0.9 …………..…. 1
Score Fusion Rule
Score Fusion Rule
Zahid Akhtar, Giorgio Fumera, Gian Luca Marcialis and Fabio Roli, “Robustness analysis of Likelihood Ratio score fusion rule for multi-modal biometric systems under spoof attacks”, In 45th IEEE Intl. Carnahan Conference on Security Technology (ICCST), pp. 237–244, 2011.
30
Experiments
06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar
score distribution of fake trait is lying between Genuine and Impostor distributions
0.4 0.5 0.6 0.7 0.8 0.9 10
0.01
0.02
0.03
0.04
0.05
0.06
0.07
0.08
0.09
score
Frequency
Genuine
Impostor
Fake
0.49 0.5 0.51 0.52 0.53 0.54 0.550
0.05
0.1
0.15
0.2
0.25
0.3
0.35
0.4
0.45
score
Frequency
Genuine
Impostor
Fake
Results • Matching score distributions
Fake faces: Photo Fake fingerprints: silicon
31
Experiments
06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar
• Can our method reasonably approximate a real fake score distribution?
Hellinger Distance: ∈ [0 , 2]
Non-parametric model
Data set Hellinger Distance α
Face 0.0939 0.9144 Fingerprint 0.4397 0.0522
Face System Fingerprint System
!"# !"## !"$ !"$# !"% !"%# !"& !"&# !"' !"'# (!
(
)
*
+
#
$
,-./0
1/02304-5
!
!
67839:;0<=,-./0,
1:>0=,-./0,
!"#$% !"% !"%!% !"%& !"%&% !"%'!
&!!
'!!
(!!
#!!
%!!
)!!
*+,-.
/-.01.2+3
!
!
4561789.:;*+,-.*
/8<.;*+,-.*
Results
32
Experiments
06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar
Face System Fingerprint System
0.5 0.55 0.6 0.65 0.7 0.75 0.8 0.85 0.9 0.95 10
10
20
30
40
50
60
70
80
90
100
Threshold
Fa
lse
Ac
ce
pta
nc
e R
ate
! F
AR
(%)
the real Performance
the estimated performance by our model
the estimated performance by state!of!the!art
0.5 0.51 0.52 0.53 0.54 0.55 0.56 0.57 0.58 0.59 0.60
10
20
30
40
50
60
70
80
90
100
Threshold
Fa
lse
Ac
ce
pta
nc
e R
ate
! F
AR
(%)
the real Performance
the estimated performance by our model
the estimated performance by state!of!the!art
Results • Does our method provide a good estimate of the performance under attacks?
Performance measure: False Acceptance Rate (FAR)
Performance estimation of unimodal biometric systems under spoof attack
33
Experiments
06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar
Comparison with the worst-case spoof attacks
Operational Real Approximated Approximated Point FAR FAR FAR (our model) (worst-case assumption)
4.80 23.50
50.60 60.00
4.20 23.30
62.50 80.80
11.40 24.30
94.80 95.10
zeroFAR 1%FAR
zeroFAR 1%FAR
Face System
Fingerprint System
Results
34
Experiments
06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar
Performance estimation of multimodal biometric systems under spoof attack
Results
Operational Real Approximated Approximated Point FAR FAR FAR (our model) (worst-case assumption)
2.51
5.13 5.20
6.27
2.70
8.93 4.83
6.35
5.91
11.24 95.05
98.01
zeroFAR
1%FAR zeroFAR
1%FAR
Face System Fingerprint
System
!"!#
!"!$
!"!%
!"!&
!""
"
!"
&"
'"
%"
("
$"
)"
#"
*"
!""
+,-./,012
341/.5677.894:7.5;49.5!536;<=>
!
!
:0549947?
-.415/800@549947?5<@47.>
/ABC149.25/800@549947?5<@47.>
! !"# !"$ !"% !"& !"' !"( !") !"* !"+ #!
#!
$!
%!
&!
'!
(!
)!
*!
+!
#!!
,-./0-123
4520/6788/9:5;8/6<5:/6!647<=>?
!
!
;165::58@
./5260911A65::58@6=AB;C/.9.B;:?
0BDE25:/360911A65::58@6=AB;C/.9.B;:?
Face System Fingerprint System
Comparison with the worst-case spoof attacks
35
Experiments
06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar
€
= logσ I s1
σ I s 2
σGs1σGs 2
+12(s1 −µI s1
)2
σ I s12 +
(s2 −µI s 2)2
σ I s 22 −
(s1 −µGs1)2
σGs1
2 −(s2 −µGs 2
)2
σGs 2
2
€
z(s1,s2) = log p(s1 |G)p(s2 |G)p(s1 | I)p(s2 | I)
• Robustness analysis of likelihood ratio score fusion rule using parametric model
a bi-modal system using LLR fusion rule with Gaussian distribution
Case study
€
z(s1,s2) − log t = As12 + Bs1s2 + Cs2
2 + Ds1 + Es2 + F
€
z(s1,s2) − log t = 0
B2 - 4AC < 0 : an ellipse B2 - 4AC = 0 : a parabola B2 - 4AC > 0 : an hyperbola
€
FAR(t) = p(s1 | I)p(s2 | I)G∫∫ ds1ds2
FAR under spoof attack: when only matcher 1 is spoofed
€
FAR(t) = p(s1 |F)p(s2 | I)G∫∫ ds1ds2
36
Experiments
06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar
• NIST Biometric score set Release 1(BSSR1)
two different face matchers (C & G)
one fingerprint matchers (LI & RI)
no. of clients: 517 for each client 1 genuine & 516 impostor samples
• Four multimodal systems: G-RI, G-LI, C-RI, and C-LI
• α (attack strength) values: 0 (best-case) to 1 (worst-case) scenario
Data sets
37
Experiments
06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar
Performance measure: False Acceptance Rate (FAR) α = 0 absence of attacks α = 1 worst-case scenario (state-of-the-art)
FAR under attacks increases as the fake strength increases
! !"# !"$ !"% !"& !"' !"( !") !"* !"+ ##!
!$
#!!#
#!!
#!#
#!$
,-./0123/4526
,-78/09::/;2-4:/0<-2/0!0,9<0=>?
!
!
@@<0!0,A45/3;3A4201;BBC/D
@@<0!0,-:/01;BBC/D
! !"# !"$ !"% !"& !"' !"( !") !"* !"+ ##!
!
#!#
#!$
,-./0123/4526,-78/09::/;2-4:/0<-2/0!0,9<0=>?
!
!
@@<0!0,A45/3;3A4201;BBC/D
@@<0!0,-:/01;BBC/D
At 0.01% FAR operational point At 1% FAR operational point
Results
38
Experiments
06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar
fingerprint spoofing: FAR increases very quickly
face spoofing: relatively a more graceful increase of FAR
multimodal biometric systems can be vulnerable to spoof attacks against only one matcher
! !"# !"$ !"% !"& !"' !"( !") !"* !"+ ##!
!$
#!!#
#!!
#!#
#!$
,-./0123/4526
,-78/09::/;2-4:/0<-2/0!0,9<0=>?
!
!
@@<0!0,A45/3;3A4201;BBC/D
@@<0!0,-:/01;BBC/D
! !"# !"$ !"% !"& !"' !"( !") !"* !"+ ##!
!
#!#
#!$
,-./0123/4526
,-78/09::/;2-4:/0<-2/0!0,9<0=>?
!
!
@@<0!0,A45/3;3A4201;BBC/D
@@<0!0,-:/01;BBC/D
At 0.01% FAR operational point At 1% FAR operational point
Results
39
Score fusion rules ranking method
06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar
40
Score fusion rule ranking method
06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar
Training Phase Testing Phase Our method
Parametric µFake = α µGenuine + (1- α) µImpostor σFake = α σGenuine + (1- α) σImpostor
Non-parametric scoreFake = (1 - α) scoreImpostor + α scoreGenuine
0 0.1 0.2 0.3 0.4 0.5 0.6 0.7 0.8 0.9 10
1
2
3
4
5
6
score
p(score|Genuine) p(score|Impostor) p(score|Fake)
rank
ing
attack strength (α) 0 0.1 0.2 0.8 0.9 1 …………..….
1
2
3
……
..….
Rule 1
Rule 2
Rule 3
……
..….
Rule 1
Rule 2
Rule 3
……
..….
…………..…. 0 0.1 0.2 0.3 0.4 0.5 0.6 0.7 0.8 0.9 10
1
2
3
4
5
6
score
p(score|Genuine) p(score|Impostor)
Threshold
Fused score distribution Matchers under attack
0 0.1 0.2 0.3 0.4 0.5 0.6 0.7 0.8 0.9 10
1
2
3
4
5
6
score
p(score|Genuine) p(score|Impostor)
Matchers not attacked
0 0.1 0.2 0.3 0.4 0.5 0.6 0.7 0.8 0.9 10
1
2
3
4
5
6
score
p(score|Genuine) p(score|Impostor) p(score|Fake)
Score Fusion Rules
Zahid Akhtar, Giorgio Fumera, Gian Luca Marcialis and Fabio Roli, “Evaluation of multimodal biometric score fusion rules under spoof attacks”, In 5th IAPR/IEEE Intl. Conf. on Biometrics (ICB), 2012.
Threshold
41
Experiments
06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar
• Ranking of fusion rules according to their FAR under real spoof attacks
Fakes: silicon (fingerprint) and photo (faces)
Face Spoofing zeroFAR FAR(%) Rules
0.04 ExtLLR 0.05 LLR 0.27 W. Product 0.48 W. Sum 1.30 Perceptron 6.75 Bayesian 6.80 Sum 6.82 Product
1% FAR FAR(%) Rules
2.26 ExtLLR 2.29 LLR 10.72 W. Product 18.37 W. Sum 20.95 Perceptron 23.47 Bayesian 23.49 Sum 23.57 Product
Fingerprint Spoofing zeroFAR FAR(%) Rules
0.00 Bayesian 0.00 Sum 0.00 Product 24.56 W. Sum 27.73 Perceptron 34.87 W. Product 50.42 ExtLLR 50.43 LLR
1% FAR FAR(%) Rules
1.05 Bayesian 1.15 Sum 1.33 Product 42.59 W. Sum 44.11 Perceptron 51.10 W. Product 60.31 ExtLLR 60.32 LLR
our method always predicted the correct ranking corresponding to the optimal α value
Results
42
Experiments
06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar
Fakes: silicon (fingerprint) and photo (faces)
Optimal α values : face 0.9144 fingerprint
fingerprint spoofing predicted ranking of each rule remains constant bayesian rule always exhibits the best ranking
Results
0.0522
! !"# !"$ !"% !"& !"' !"( !") !"* !"+ #
*
)
(
'
&
%
$
#
,--./012-3456-7
8.50956
!
!
:.;4<9.5
2=>
?3@A=/-
B"12=>
?43/4C-3@5
B"1?3@A=/-
DE-FF8
FF8
! !"# !"$ !"% !"& !"' !"( !") !"* !"+ #
*
)
(
'
&
%
$
#
,--./012-3456-7
8.50956
!
!
:.;4<9.5
2=>
?3@A=/-
B"12=>
?43/4C-3@5
B"1?3@A=/-
DE-FF8
FF8
Face spoofing Fingerprint spoofing
43
Experiments
06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar
Fakes: silicon (fingerprint) and photo (faces)
Optimal α values : face 0.9144 fingerprint
face spoofing two different rankings are predicted: one for α < 0.5, and the other α ≥ 0.5 weighted sum or weighted product rule can be reasonable choice
Results
0.0522
! !"# !"$ !"% !"& !"' !"( !") !"* !"+ #
*
)
(
'
&
%
$
#
,--./012-3456-7
8.50956
!
!
:.;4<9.5
2=>
?3@A=/-
B"12=>
?43/4C-3@5
B"1?3@A=/-
DE-FF8
FF8
! !"# !"$ !"% !"& !"' !"( !") !"* !"+ #
*
)
(
'
&
%
$
#
,--./012-3456-7
8.50956
!
!
:.;4<9.5
2=>
?3@A=/-
B"12=>
?43/4C-3@5
B"1?3@A=/-
DE-FF8
FF8
Face spoofing Fingerprint spoofing
44
Conclusions and future works
06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar
• Multimodal biometric systems are not intrinsically robust
• Multimodal systems can be more robust than unimodal systems
• Worst-case hypothesis does not hold in real scenarios
• Methodology for security evaluation without fabrication of spoof attacks
two models for fake score distribution based on the concept of “Attack strength”
developed models are a good alternative to the worst-case assumption
• Methodology for Ranking the score fusion rule under spoof attacks
45
Conclusions and future works
06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar
• Experimental results provide useful insights for the design of robust multimodal biometric systems
• Future works
more accurate modelling and simulation of fake score distributions
extensive validation of our models on data sets with significant spoof attacks of different biometric traits
development of robust score fusion rules
46
Thank you
06-03-2012 Security of Multimodal Biometric Systems against Spoof Attacks - Zahid Akhtar