Biometrics: 3.1. Biometric Sample Recovery Attacks | Saylor Academy

3. Main Threats against Privacy-Preserving Biometric Authentication Systems

3.1. Biometric Sample Recovery Attacks

Biometric sample recovery attacks are performed in two main ways: via template spoofing (e.g., extracting the fingerprint left on a glass) or via brute-force techniques. The most common way to bypass a BAS is by using a spoof of a biometric trait. A spoof refers to a fake or an artificial biometric template that does not correspond to a live person. These include, for instance, gummy fingers, residual fingerprint impressions of legitimate users, photographs of legitimate users, or voice recordings of legitimate users. The only alternative to these practical techniques is to estimate a valid biometric sample using brute-force strategies.

Below, we list the possible brute-force strategies that could be adopted in recovering a valid biometric template. Luckily, all the approaches run in exponential time and thus most of the current biometric authentication systems are secure.

In the following, we assume that the adversary can see the result of the authentication process

$OUT_{\mathscr{A}\mathcal{S}}$ at each trial and that the templates are binary vectors. Binary representation of biometric traits is not far from reality since this is the case for biometric authentication based on iris templates.

Blind Brute-Force. The easiest algorithm to find a matching template from scratch is the blind brute-force. In this case, the attacker picks biometric traits at random. This corresponds to randomly selecting and trying biometric templates from the available space (i.e.,

$b^{\prime} \stackrel{R}{\leftarrow} \mathbb{Z}_{q}^{n}$ ) until one template gets accepted by the system.

Set-Covering. This attack strategy represents the optimal brute-force solution: pick a random trial template from the set of potential candidates (which at the beginning is the whole space

$\mathbb{Z}_{q}^{n}$ ). If the trial template is rejected, remove from

$C$ all the points that are within

$\tau$ distance from it, and pick another point at random from the updated set

$C$ . Although this method possibly eliminates from

$C$ some of the matching points (if the trial templates are picked with a distance of

$2\tau$ one from the other) if such an algorithm exists and was efficient, it would be exponentially fast in finding a matching template. Such an algorithm could also be used to solve the set-covering problem, which is known to be NP-hard . An intuition of this geometrical challenge is given in Figure. The points on the plane are biometric templates, and the trial samplings are the centres of the green circles. The green circles delimit the acceptance region around the tried point and have radius equal to the threshold

$\tau$ of the system. Greedy approximations to the optimal solution of the set-covering problem are reachable in an efficient way, in which case the number of trials the adversary needs to perform is only a factor of

$O(\tau 1n(n+1))$ more than the optimal cover.

Figure 2

An intuitive example of what the set-covering problem is. The aim is to cover the largest possible area in the space

$\mathbb{Z}_{10}^{2}$ using 5 circles. On (a), the centres of the circles are chosen at random (the covered area is less than

$70%$ ), while on (b), we provide a better covering of the space (the covered area is about

$85%$ ). Finding the optimal covering corresponds to solving an NP-hard problem for large dimensions of the space.

General

Course Syllabus

Unit 1: Introduction to Information Security

1.1: The History and Evolution of Information Security

Information Security History

Timeline of the History of Information Security

1.2: Confidentiality, Integrity, and Availability – The CIA Triad

The CIA Triad

1.3: Threats, Vulnerabilities, and Risks

Threats and Vulnerabilities

The Elements of Security: Vulnerability, Threat, Risk

1.4: The Risk Management Process

NIST SP 800-39

Risk Management

More on Risk Management

1.5: The Incident Response Process

NIST SP 800-61

Incident Response

1.6: Security Control

Security Control

Security Control Types

Security Control Functions

1.7: Defense-in-Depth

Introduction to Defense-in-Depth

Defense-in-Depth Example

Defense-in-Depth

1.8: Human Behavioral Risks

The Human Factor

Humans are the Weakest Link

Security Awareness, Training, and Education

Security Threats and the Human Factor

1.9: Security Frameworks

Security Frameworks

Center for Internet Security (CIS) Controls

Payment Card Industry Data Security Standard (PCI DSS)

Unit 1 Assessment

Unit 1 Assessment

Unit 2: Threats and Attack Modes

2.1: Threat Terminology

Threat Terminology

An Overview of Threats

Privacy Threats

2.2: Types of Attacks

Types of Attacks

Classifying Threats

Birthday Attacks

What is a Botnet?

More on Botnets

Man-in-the-Middle Attacks

Teardrop Attacks

What is War Dialing?

More on War Dialing

Zero-Day Exploits

2.3: Spoofing Attacks

Spoofing Attacks

A Comprehensive Analysis of Spoofing

Email Spoofing

Caller ID Spoofing

IP Address Spoofing

2.4: Social Engineering

An Overview of Social Engineering

Dumpster Diving

One Man's Trash is Another Man's Treasure

Shoulder Surfing

Tailgating

How to Protect Against Tailgating

Phishing, Spear-phishing, and Whaling

Pretexting

2.5: Application Attacks

Application Attacks

Types of Application Attacks

The Basics of Buffer Overflows

More on Buffer Overflows

Time of Check to Time of Use

Application and Escalation of Privilege

Escalation of Privilege

2.6: Web Application Attacks

Types of Application Attacks

Cross-Site Scripting

Examples of Cross-Site Scripting