Bio Metric System Security
-
Upload
beerncheers -
Category
Documents
-
view
219 -
download
0
Transcript of Bio Metric System Security
-
8/8/2019 Bio Metric System Security
1/57
1
Anil K. Jain
Michigan State [email protected]
http:/ / biometrics.cse.msu.edu
Biometric System SecurityBiometric System Security
-
8/8/2019 Bio Metric System Security
2/57
2
Introduction
Biometric System Architecture
Attacks against Biometric Systems
Taxonomy of Attacks
Attack Examples
Solutions to Attacks
Liveness Detection
Challenge/Response
Watermarking
Summary
OutlineOutline
-
8/8/2019 Bio Metric System Security
3/57
3
Enrollment: Users biometric data is captured and a salient
feature set is extracted; these features are associated with theuser identity and stored as a template in a database
Authentication: Users biometric data is captured and theextracted feature set is compared with either (i) all thetemplates in the database (identification), or (ii) the templatesassociated with a claimed identity (verification)
Enrollment
Sensor Feature Extractor DatabaseUser
identity
Authentication
Sensor Feature Extractor DatabaseUser
identity
Matcher
retrieved identityaccept/reject
Biometric System OperationBiometric System Operation
-
8/8/2019 Bio Metric System Security
4/574
The number of installed biometric systems in bothcommercial and government sectors is increasing
The size of the population that uses these systems isincreasing (tens of millions in the US VISIT program)
New application areas are emerging (visa, border control,e-commerce, health care records, entertainment )
Hence, the potential damage resulting from securitybreaches in biometric systems can be enormous
Security analysis of biometric systems is critical
Biometric System SecurityBiometric System Security
-
8/8/2019 Bio Metric System Security
5/575
Circumvention: An attacker gains access to the systemprotected by biometric authentication
Privacy attack: Attacker accesses the data that she was notauthorized (e.g., accessing the medical records of another user)
Subversive attack: Attacker manipulates the system (e.g.,submitting bogus insurance claims)
Repudiation: An attacker denies accessing the system
A bank clerk modifies the financial records and later claims thather biometric data was stolen and denies that she is responsible
Contamination (covert acquisition): An attacker illegallyobtains biometric data of genuine users and uses it to accessthe system
Lifting a latent fingerprint and constructing a synthetic finger
Maltoni et al. 2003 &Uludag, Jain 2004 (1)
Six major types of threats
Types of ThreatsTypes of Threats
-
8/8/2019 Bio Metric System Security
6/57
6
Collusion: A user with wide super user privileges (e.g.,system administrator) illegally modifies the system
Coercion: An attacker forces a legitimate user to access thesystem (e.g., using a fingerprint to access ATM at a gunpoint)
Denial of Service (DoS): An attacker corrupts the biometricsystem so that legitimate users cannot use it
A server that processes access requests can bebombarded with many bogus access requests, to thepoint where the servers computational resources can not
handle valid requests any more.
Maltoni et al. 2003 &Uludag, Jain 2004 (1)
Types of ThreatsTypes of Threats
-
8/8/2019 Bio Metric System Security
7/57
7
Sensor
Feature extractor
Matcher Database
Decision
1
2
3
4
5
8
76
Adapted from Ratha et al. 2001 (1)
Points of attack for a generic biometric system
Attacks Against Biometric SystemsAttacks Against Biometric Systems
-
8/8/2019 Bio Metric System Security
8/57
8
Attack 1: A fake biometric (e.g., an artificial finger) is presentedat the sensor
Attack 2: Illegally intercepted data is resubmitted (replay)
Attack 3: Feature detector is replaced by a Trojan horse program
It produces feature sets chosen by the attacker
Attack 4: Legitimate features are replaced with a syntheticfeature set
Attack 5: Matcher is replaced by a Trojan horse program
It produces scores chosen by the attacker
Attack 6: Templates in the database are modified, removed, or
new templates are added Attack 7: The transferred template information is altered in the
communication channel
Attack 8: The matching result (e.g., accept/reject) is overridden
Attacks Against Biometric SystemsAttacks Against Biometric Systems
-
8/8/2019 Bio Metric System Security
9/57
9
Attack 1: Synthetic Biometric Submission
No detailed system knowledge or access privileges is necessary Digital protection mechanisms (e.g., encryption) are not
applicable
Putte, Keuning 2000: 6 fingerprint verification systems attacked
5 out of 6 accepted the dummy finger in the first attempt
Dummy finger created withcooperation of the user in a fewhours with liquid silicon rubber
Dummy finger created from a lifted
impression of the finger withoutcooperation of the user in eighthours with silicon cement
Attack ExamplesAttack Examples
-
8/8/2019 Bio Metric System Security
10/57
10
Attack 1: Synthetic Biometric Submission
Matsumoto et al. 2002:
11 fingerprint verification systems attacked withartificial gelatin fingerprints
Gelatin fingers accepted with a probability of 67-100%
With cooperation (fingerpressed to plastic mold)
Without cooperation (residualfingerprint lifted from a glass)
live gelatin mold gelatin
-
8/8/2019 Bio Metric System Security
11/57
11
Malaysia car thieves steal finger, by Jonathan
Kent, BBC NewsPolice in Malaysia are hunting for members of a violentgang who chopped off a car owner's finger to get round thevehicle's hi-tech security system.
The car, a Mercedes S-class, was protected by a fingerprint
recognition system. Accountant K. Kumaran's ordeal began whenhe was run down by four men in a small car as he was about to getinto his Mercedes in a Kuala Lumpur suburb. The gang, armed withlong machetes, demanded the keys to his car. It is worth around$75,000 second-hand on the local market, where prices are highbecause of import duties.
The attackers forced Mr. Kumaran to put his finger on the securitypanel to start the vehicle, bundled him into the back seat anddrove off. But having stripped the car, the thieves becamefrustrated when they wanted to restart it. They found they againcould not bypass the immobiliser, which needs the owner'sfingerprint to disarm it. They stripped Mr. Kumaran naked and lefthim by the side of the road - but not before cutting off the end ofhis index finger with a machete.
Police believe the gang is responsible for a series of thefts in thearea.
http://news.bbc.co.uk/2/hi/asia-pacific/4396831.stm
Attack 1: Dislocated Biometric Submission
k 2 S
-
8/8/2019 Bio Metric System Security
12/57
12
Attack 2: Bypass Sensor
Soutar 2002:
Hill-climbing attack for a simple image recognition system
Matching: Template images create correlation filters,these filters are then used with input images.
Attack: Synthetic images are input to the system:
At each iteration, randomly alter the gray level (8bits) of 64 pixels: if matching score improves, keepthe new image
Continue till the system is compromised
Unknown template image Initial input image Image after 7 millioniterations
Att k 2 B S
-
8/8/2019 Bio Metric System Security
13/57
13
Attack 2: Bypass Sensor
Adler 2003:
Hill-climbing attack for three well known commercialface recognition systems
Attack:
Select an initial image from a local database,based on the highest matching score
At each iteration, successively add an eigenfacemultiplied with 6 constants (-3c, -2c, -c, c, 2c,
3c) to the current synthetic image: keep thechange that results in the best matching scoreimprovement
Crop the gray scale values if they are outside theimage capacity (8 bit 0-255 values areallowed)
Continue till the system is compromised
I i i l S S t 2 S t 3I i i l S S t 2 S t 3
-
8/8/2019 Bio Metric System Security
14/57
14
Target
Initial System 1 System 2 System 3
Target
Initial System 1 System 2 System 3
Each row correspondsto images at the200th, 500th and
4000th
iterations
-
8/8/2019 Bio Metric System Security
15/57
S t Bl k
-
8/8/2019 Bio Metric System Security
16/57
16
iD : Database template corresponding to user ij
iT : jth synthetic template generated for user i
1 1 1
2 2 2
ij ij ij
j j ji i i
j j ji i ij
i
n n nj j ji i i
r c
r cT
r c
=
( , )ji iS D T : Matching score between Di &Tij
ijn : Number of minutia in Tij
TemplateDatabase
Output
Attack System Target System
FingerprintMatcher
SyntheticTemplateGenerator
AttackModule
j
iT
iD
( , )j
i iS D T
System BlockDiagram
Attack Steps
-
8/8/2019 Bio Metric System Security
17/57
17
Attack Steps
Step 1 (Initial guess): Generate a fixed number (say 100) of
synthetic templates: Ti1, Ti2 , , Ti100 with 25 minutiae
Step 2 (Try all initial guesses): Attack user account with thetemplates; accumulate the matching scores: S(Di,Ti
1), S(Di,Ti2),
, S(Di,Ti100)
Step 3 (Choose the best): Pick the best guess (Tibest) and the
corresponding score (Sbest(Di))
Step 4 (Modify): Modify Tibest by
(A) perturbing an existing minutia
(B) adding a new minutia
(C) replacing an existing minutia; and
(D) deleting an existing minutia
Update Tibest and Sbest(Di), if score improves
Step 5 (Loop): Repeat Step 4 until success (Sbest(Di) > Sthreshold)
or until a predefined umber of attempts is reached
Modifying the Input Template
-
8/8/2019 Bio Metric System Security
18/57
18
Modifying the Input Template
(A) Perturb an existing minutiae: Pick a minutiae randomly:
With 0.5 probability, perturb the location (randomly to aneighboring cell); leave the angle intact
With 0.5 probability, perturb the angle (randomly to a
neighbor angle quantum); leave the location intact We want to see the effect of a single move operation
perturb location perturb angle
-
8/8/2019 Bio Metric System Security
19/57
19
(B) Add a new minutiae:
Add a randomly generated (r,c, ) minutiae to thecurrent synthetic template
(C) Replace an existing minutiae with a new minutiae:
Pick a minutiae randomly and delete it. Add arandomly generated (r,c, ) minutiae to the currentsynthetic template
(D) Delete an existing minutiae:
Pick a minutiae randomly and delete it
Modifying the Input Template
Fingerprint Class Prior Probabilities
-
8/8/2019 Bio Metric System Security
20/57
20
Fingerprint Class Prior P robabilities
Attacker guesses the class of the target template accordingto the prior probabilities:
P(ATA) = 0.066, P(LL) = 0.338, P(RL) = 0.317, P(W) = 0.279
Arch Tented arch Left loop
Right loop WhorlMaltoni et al. 2003
core
delta
Class-conditional Minutiae Presence Probabilities
-
8/8/2019 Bio Metric System Security
21/57
21
Class conditional Minutiae Presence Probabilities
Minutiae can be generated with uniform spatial probabilityon a 2D grid
Inter-ridge distance is 9 pixels, 300x300 target images have33x33 blocks: hence, uniform probability dictates that aminutia can occur in any block with 0.00092 probability
-
8/8/2019 Bio Metric System Security
22/57
22
Experiment:
NIST 4 database; contains fingerprint images for 4classes: LL, RL, W, T
For each of the 4 classes:
Find the minutiae locations (r,c)
Find the core location
Register images based on core
Estimate the spatial probability of minutiae byaccumulating the minutiae evidence on a 2D grid,using registered minutiae sets
Class-conditional Minutiae Presence Probabilities
Minutiae Presence Probabilities for Left Loop
-
8/8/2019 Bio Metric System Security
23/57
23
Minutiae Presence Probabilities for Left Loop
Original (histogram-based) smoothed
3x3 box filter is used for smoothing the original PDF s
f
-
8/8/2019 Bio Metric System Security
24/57
24
smoothed
Minutiae Presence Probabilities for Right Loop
Original (histogram-based)
Mi ti P P b biliti f Wh l
-
8/8/2019 Bio Metric System Security
25/57
25
smoothed
Minutiae Presence Probabilities for Whorl
Original (histogram-based)
Minutiae Presence Probabilities for Arch
-
8/8/2019 Bio Metric System Security
26/57
26
smoothed
Minutiae Presence Probabilities for Arch
Original (histogram-based)
Minutiae Presence Probabilities: 2D images
-
8/8/2019 Bio Metric System Security
27/57
27
Minutiae Presence Probabilities: 2D images
LL RL
W ATA
Fingerprint Orientation Fields
-
8/8/2019 Bio Metric System Security
28/57
28
LL
RL
g p
Used to estimate the orientation of the synthetic minutiae
Fingerprint Orientation Fields
-
8/8/2019 Bio Metric System Security
29/57
29
W
ATA
g p
Experimental Results
-
8/8/2019 Bio Metric System Security
30/57
30
160 users, 4 impressions/finger; used VERIDICOM capacitive
sensor, 500 dpi, 300x300 images; avg. # of minutiae = 25 Operating point of the system: FAR = 0.1%, GAR = 87.6%
FAR & FRR vs.threshold
ROCcurve
operating
point
threshold=12.22
Experimental Results
-
8/8/2019 Bio Metric System Security
31/57
31
FAR=0.1% implies that, on the average, 1 in 1,000imposter attempts will be accepted as a genuine match
Attacker broke all the 160 user accounts with much fewerthan 1,000 attempts/account
The minimum, mean, and the maximum number ofrequired attempts are: 128, 195, and 488, respectively
The minimum, mean, and the maximum number of
minutiae in the templates that broke the accounts are: 10,14.2, and 21
The minimum, mean and the maximum number ofmatching minutiae between the original template and the
templates that broke the accounts are: 5, 6.8, and 10
Experimental Results
Histogram of Number of Attempts
-
8/8/2019 Bio Metric System Security
32/57
32
Attempt #: minimum: 128, mean: 195, maximum: 488
Needed to Crack an Account
Sample Account: account# 11
-
8/8/2019 Bio Metric System Security
33/57
33
Original image with minutiae
Progression of matching scores
Synthetic () and original (o) minutiae
Account broken at iteration# 192: originaltemplate has 16 minutia; synthetictemplate has 10 minutia; 5 minutiaematch; final matching score: 13.3.
Evolution of the Synthetic Template
-
8/8/2019 Bio Metric System Security
34/57
34
Original image withminutiae
Best initial guess(score: 5.6)
Iteration 192(score: 13.3)
Iteration 125(score: 7)
Iteration 150(score: 8.6)
Iteration 175(score: 10.5)
Attacks 6 & 7: Generate Biometric from Template Data
-
8/8/2019 Bio Metric System Security
35/57
35
Attacks 6 & 7: Generate Biometric from Template Data
Hill 2001:
Synthetic images generated from reverse engineeredminutiae template data from a commercial (undisclosed)fingerprint authentication system:
Author accessed unencrypted template data from acomputer hard drive
The format of the accessed template discovered bytrial/error and by introducing controlled changes in
input images. For each minutiae, its 2D location,angle and ridge curvature was found
Orientation field of the target image estimated basedon core and delta point locations.
Lines starting at minutiae points are drawn, bytaking into account the orientation field
Synthetic images are not very realistic, but still theywere accepted as genuine template images
Hill 2001:
-
8/8/2019 Bio Metric System Security
36/57
36
Target images Synthetic images
Attack 6 & 7: Generate Biometric from Template Data
-
8/8/2019 Bio Metric System Security
37/57
37
Ross et al. 2005:
Synthetic images are generatedfrom minutiae location andangle:
Use minutia triplets andestimate orientation fieldsinside the triangles usingminutiae angles at 3 vertices
A neural network is used toestimate the fingerprint classfrom features of minutiaepairs
Estimated orientation fieldsare used as inputs to Gabor-like filters to generatesynthetic images
?
Ross et al 2005:
-
8/8/2019 Bio Metric System Security
38/57
38
Original image Synthetic imageEstimated orientation field
Ross et al. 2005:
Solutions to AttacksSolutions to Attacks
-
8/8/2019 Bio Metric System Security
39/57
39
Solution to Attack 1: Fingerprint Liveness Detection
Hardware-based systems:
Temperature: The temperature of the epidermis is about8-10 0C above the room temperature
Conductivity: Typical skin conductivity is nearly 200 kOhm.
Dielectric constant: Relative Dielectric Constant of humanskin (in the range 20-50) is different from that of silicon
Heart Beat: Can be used against fingers from cadavers
Lumidigm: Analyzes signals thatare backscattered from skin layerswhen illuminated with multiplewavelengths of visible and near-
infrared light
Solution to Attack 1: Fingerprint Liveness Detection
-
8/8/2019 Bio Metric System Security
40/57
40
Derakhshani et al. 2003:
Software-based system
Static (periodicity of sweat pores along the ridges) anddynamic (sweat diffusion pattern along the ridges over
time) features are used for liveness detection Input to liveness detection module is 5 sec. video of the
finger
Live fingers, fingers from cadavers, and dummy fingers
made up ofplay dough are used in the experiments Neural network is trained for classification:
Static method leads to an Equal Error Rate (EER) of
nearly 10%; dynamic methods lead to EER of11-39% False accept: cadaver/dummy finger classified as live
False reject: live finger classified as cadaver/dummy
Derakhshani et al. 2003: Image @ t=0 s. Image @ t=5 s.
-
8/8/2019 Bio Metric System Security
41/57
41
Live finger
Cadaver finger
Dummy finger
Solution to Attack 2: Eliminate Replay
-
8/8/2019 Bio Metric System Security
42/57
42
Ratha et al. 2001 (1): A challenge-response based system guarantees that image
is really coming from the fingerprint sensor (i.e., theattacker has not bypassed the sensor):
Server generates a pseudo-random challenge aftertransaction gets initiated by the client
Secure server sends the challenge to intelligent sensor
The sensor acquires the fingerprint image andcomputes the response to the challenge
The challenge can be the checksum of a segment of theimage, a set of samples from the image, etc.
The response and the sensed image are sent to theserver
The validity ofresponse/image pair is checked
Ratha et al. 2001 (1):
-
8/8/2019 Bio Metric System Security
43/57
43
Assume that the challenge C is: Image pixel values atlocations (10,10), (20,20) and (50,50)
The sensor computes the response to the challenge using theimage it acquires (I): assume this response is: C(I) = 100,
85, 240 Assume an attacker is replaying a previously intercepted
image (I*), bypassing the sensor image (I)
Server computes C(I*) = 120, 60, 110
Since C(I) C(I*), validity check fails
Solution to Attacks 2 & 4: Eliminate Hill-Climbing
S t 2002
-
8/8/2019 Bio Metric System Security
44/57
44
Soutar 2002:
Do not reveal the actual matching scores; only reveal acoarsely quantized version:
This may render the hill-climbing based attackinfeasible or impossible
Unknowntemplate image
Initial input image
Images after 7 millioniterations
Withoutquantization
Withquantization
Soln. to Attacks 6 & 7: Protect Templates via CancelableBiometrics
-
8/8/2019 Bio Metric System Security
45/57
45
Ratha et al. 2001 (2):
Apply repeatable (but noninvertible) distortions to thebiometric signal or the feature vector:
If a specific representation of biometric template iscompromised, replace that distortion with another onefrom a distortion database.
Every application can use different distortions (e.g.,health care, visa) so the privacy concerns related todatabase sharing between institutions can be addressed
image morphing block scrambling
Solutions to Attacks 6 & 7: Watermarking Templates
-
8/8/2019 Bio Metric System Security
46/57
46Paper watermark and mold used to generate the watermark
Digital Watermarking:
Embed extra information (e.g., origin, access level,destination) into the host data itself.
Applications: Copyright protection, authentication, datamonitoring, transmission of value-added services
Traditional Watermarking:
Digital Watermarking in Biometrics
-
8/8/2019 Bio Metric System Security
47/57
47
Yeung, Pankanti 1999:
Use fragile watermarking (if the image is altered,watermark is changed) of fingerprint images to verifyintegrity:
The decoded mark can indicate image alteration after it has
been marked by an authorized agent (i.e., a secure sensor) Watermark insertion: Merge input image I(i,j) with a
watermark image W(i,j) to produce the watermarkedimage I(i,j):
Each pixel is input to a watermark extraction WX() functionto yield extracted watermark value b(i,j). If b(i,j) is equal toW(i,j), the processing moves to the next source pixel. If not,the value of pixel at (i,j) is modified until they are equal.
Watermark extraction: Apply WX() to the watermarkedimage I(i,j) to produce output watermark image b(i,j).
The tampering of the watermarked image leads to distortionsin the decoded watermark image.
-
8/8/2019 Bio Metric System Security
48/57
-
8/8/2019 Bio Metric System Security
49/57
Fi i t
Jain, Uludag 2003:
-
8/8/2019 Bio Metric System Security
50/57
50
Fingerprint analysisFingerprint
image
Watermark encoder Secret keyE-face coeff.
Watermarked fingerprint
Database
Watermark decoder Secret key
Authentication
Decision
Recovered face imageReconstructed fingerprint
Watermark Embedding
-
8/8/2019 Bio Metric System Security
51/57
51
( ) ( ) ( ) ( )
( ) ( )
( )
, ,
, , 2 1 , 1 1 ,
SD GM
WM
P i j P i j
P i j P i j s P i j q i jA B
= + + +
),( jiPWM : watermarked pixel value
),( jiP : original pixel values: watermark bit value ([0,1])
q: watermark embedding strength
),( jiPSD
: standard deviation around (i,j)
: weight for SD
: weight for GM
),( ji : feature factor ([0,1])
Locations: generated randomly;generator is initialized with secretkey.
Redundancy: every bit isembedded to multiple locations.
Reference bits: Two bits (0 & 1)are also embedded in addition to
watermark data.),( jiP
GM
: gradient magnitude at (i,j)
Watermark Decoding
-
8/8/2019 Bio Metric System Security
52/57
52
Secret key used in encoding generates locations:
( ) ( ) ( ) ( )
++ +=
==
jiPkjiPjkiPjiPWM
kWM
kWM
,2,,8
1,
2
2
2
2
( )jiP , : estimated pixel valuehost image (e.g., fingerprint)reconstruction
( ) ( )jiPjiPWM
,, = : watermarked-estimated pixel difference
: difference average for an individual watermark bit
0R
1R : difference averages for two reference bits, 0 and 1, respectively,
: estimated watermark bit
decoded data(e.g., eigen-facecoefficients)
+
>=otherwise.0
2if1
10
s
RR
Experimental Results
-
8/8/2019 Bio Metric System Security
53/57
53
input face
watermark face
eigen-facecoefficients
minutiae overlaid host
fingerprint
minutiae feature image
ridge feature image watermarked image
watermarked image
reconstructed face
minutiae
overlaid
reconstructed
fingerprint
-
8/8/2019 Bio Metric System Security
54/57
54
minutiae featurebased
ridge feature
based
watermarkedoriginal Inverted difference
-
-
=
=
SummarySummary
-
8/8/2019 Bio Metric System Security
55/57
55
Security of biometric systems is of major concern
An attack on a biometric system can result in loss ofprivacy, monetary damage, and security breach
Biometric systems are vulnerable to a number of attacks
These attacks are rather simple to implement and aremore successful than biometric experts imagined
Solutions to these attacks exist, but there is still room forimprovement.
New security problems associated with biometric systems
may be identified as their use becomes more widespread In spite of this, biometric systems offer better security than
existing approaches and serve as a deterrent
Ratha et al 2001 (1): N K Ratha J H Connell and R M Bolle An analysis
ReferencesReferences
-
8/8/2019 Bio Metric System Security
56/57
56
Ratha et al. 2001 (1): N.K. Ratha, J.H. Connell, and R.M. Bolle, An analysisof minutiae matching strength, Proc. AVBPA 2001, pp. 223-228.
Maltoni et al. 2003: D. Maltoni, D. Maio, A.K. Jain, and S. Prabhakar,Handbook of Fingerprint Recognition, Springer, 2003.
Uludag, Jain 2004 (1): U. Uludag and A.K. Jain, Attacks on biometricsystems: a case study in fingerprints, Proc. SPIE-EI 2004, Security,
Steganography and Watermarking of Multimedia Contents VI, vol. 5306, pp.622-633.
Putte, Keuning 2000: T. Putte and J. Keuning, Biometrical fingerprintrecognition: dont get your fingers burned, Proc. IFIP TC8/WG8.8, Fourth
Working Conf. Smart Card Research and Adv. App., pp. 289-303, 2000. Matsumoto et al. 2002: T. Matsumoto, H. Matsumoto, K. Yamada, and S.
Hoshino, Impact of Artificial Gummy Fingers on Fingerprint Systems, Proc.of SPIE, Optical Security and Counterfeit Deterrence Techniques IV, vol. 4677,pp. 275-289, 2002.
Soutar 2002: C. Soutar, Biometric system security,http://www.bioscrypt.com/assets/security_soutar.pdf
Adler 2003: A. Adler, Sample images can be independently restored fromface recognition templates, http://www.site.uottawa.ca/~adler/publications/2003/adler-2003-fr-templates.pdf
Uludag Jain 2004 (2): U Uludag and A K Jain Fingerprint Minutiae Attack
ReferencesReferences
-
8/8/2019 Bio Metric System Security
57/57
57
Uludag, Jain 2004 (2): U. Uludag and A.K. Jain, Fingerprint Minutiae AttackSystem, The Biometric Consortium Conference, Virginia, September 2004.
Hill 2001: C.J. Hill, Risk of masquerade arising from the storage ofbiometrics, B.S. Thesis, http://chris.fornax.net/biometrics.html
Ross et al. 2005: A. Ross, J. Shah, A. Jain, Towards Reconstructing
Fingerprints From Minutiae Points, Submitted to SPIE Biometrics Conference,2005.
Derakhshani et al. 2003: R. Derakhshani, S.A.C. Schuckers, L.A. Hornak, andL.O. Gorman, Determination of vitality from a non-invasive biomedicalmeasurement for use in fingerprint scanners, Pattern Recognition, vol. 36,
pp. 383-396, 2003.
Ratha et al. 2001 (2): N.K. Ratha, J.H. Connell, and R.M. Bolle, Enhancingsecurity and privacy in biometrics-based authentication systems, IBMSystems Journal, vol. 40, no. 3, pp. 614-634, 2001.
Yeung, Pankanti 1999: M.M. Yeung and S. Pankanti, Verification watermarkson fingerprint recognition and retrieval,Proc. SPIE EI 1999, vol. 3657, pp.66-78.
Jain, Uludag 2003: A. K. Jain and U. Uludag, Hiding biometric data, IEEE
Trans. PAMI, vol. 25, no. 11, pp. 1494-1498, November 2003.