Fingerprint Minutiae Attack System - Danish Biometrics · 14 Minutiae Presence Probabilities...
Transcript of Fingerprint Minutiae Attack System - Danish Biometrics · 14 Minutiae Presence Probabilities...
The Biometric Consortium Conference - September 20, 2004 – Arlington, VA 1
Fingerprint Minutiae Attack System
Umut Uludag and Prof. Anil K. Jain
Computer Science and Engineering
Michigan State University
http://biometrics.cse.msu.edu
The Biometric Consortium Conference - September 20, 2004 – Arlington, VA 2
Overview
• Introduction
• Attacks Against Biometric Systems
• Proposed System Architecture
• Hill-Climbing in Fingerprint Minutiae Feature Space
• Class Priors
• Minutiae Presence Probabilities based on Classes
• Orientation Fields based on Classes
• Experimental Results
• Conclusions
The Biometric Consortium Conference - September 20, 2004 – Arlington, VA 3
Biometric System Attacks
Sensor
Feature extractor
Matcher Template database
Decision
1: fake finger
2: replay
3
45
8
76
Proposed system
Attack 3: Trojan horse; Attack 4: Synthetic features; Attack 5: Trojan horse; Attack 6: Compromised database; Attack 7: Compromised transmission channel; Attack 8: Overridden matching result.
[Ratha et al. AVBPA 2001]
The Biometric Consortium Conference - September 20, 2004 – Arlington, VA 4
Proposed System Architecture
Hill-Climbing in Fingerprint Minutiae Feature Space
• Hill climbing-based attacker for a minutiae-based fingerprint authentication system
• Location (r,c) and orientation θ of the minutiae used
• Template information unknown to the attacker
• This is the secret data that attacker wants to mimic
• Synthetic minutiae sets input to the matcher
• Attacker tries to generate a minutia set that results in a high matching score using the scores returned by the matcher
The Biometric Consortium Conference - September 20, 2004 – Arlington, VA 5
Template Database
To other modules
(multimodalfusion…)
Attack System Target System
Fingerprint Matcher
Synthetic Template Generator
Attack Module
jiT
iD( , )j
i iS D T
Block Diagram
iDj
iT1 1 1
2 2 2
ij ij ij
j j ji i i
j j ji i ij
i
n n nj j ji i i
r c
r cT
r c
: Database template corresponding to user i : jth synthetic template generated for user i
θ
θ
θ
⎡ ⎤⎢ ⎥⎢ ⎥= ⎢ ⎥⎢ ⎥⎢ ⎥⎣ ⎦
ijn : Number of minutia in Tij
( , )ji iS D T : Matching score between Di & Ti
j
The Biometric Consortium Conference - September 20, 2004 – Arlington, VA 6
Attack Steps
• Step 1 (Initial guessing): Generate a fixed number of synthetic templates: Ti
1, Ti2 , … , Ti
100 with 25 minutiae
• Step 2 (Try initial guesses): Attack user account with the templates; accumulate the matching scores: S(Di,Ti
1), S(Di,Ti2), … , S(Di,Ti
100)
• Step 3 (Choose the best): Pick the best guess (Tibest) and the
corresponding score (Sbest(Di))
• Step 4 (Modify): Modify Tibest by
• (i) perturbing an existing minutia• (ii) adding a new minutia• (iii) replacing an existing minutia; and• (iv) deleting an existing minutia
Update Tibest and Sbest(Di), if score improves
• Step 5 (Loop): Repeat Step 4 until success (Sbest(Di) > Sthreshold)
• or until a predefined attempt number is reached
The Biometric Consortium Conference - September 20, 2004 – Arlington, VA 7
Modifications(A) Perturbing an existing minutiae: Pick a minutiae randomly:
• With 0.5 probability, perturb the location (randomly to a neighbor cell), leave the angle intact
• With 0.5 probability, perturb the angle (randomly to a neighborangle quantum), leave the location intact
• We want to see the effect of a single move operation
The Biometric Consortium Conference - September 20, 2004 – Arlington, VA 8
Modifications
(B) Add a new minutiae:
• Add a randomly generated (r,c,θ ) minutiae to the current synthetic template
(C) Replace an existing minutiae with a new minutiae:
• Pick a minutiae randomly, delete it, for its place add a randomly generated (r,c,θ ) minutiae to the current synthetic template
(D) Delete an existing minutiae:
• Pick a minutiae randomly, delete it
The Biometric Consortium Conference - September 20, 2004 – Arlington, VA 9
Class Priors• Attacker guesses the class of the target template according to the prior probabilities:
• P(ATA) = 0.066, P(LL) = 0.338, P(RL) = 0.317, P(W) = 0.279
Left loopArch Tented arch
Right loop Whorl
core
delta
[Handbook of Fingerprint Recognition, Maltoni et al., 2003]
The Biometric Consortium Conference - September 20, 2004 – Arlington, VA 10
Minutiae Presence Probabilities based on Classes• Minutiae can be generated with uniform spatial probability on the 2D grid.
• Inter-ridge distance is 9 pixels, 300x300 target images have 33x33blocks: hence, uniform probability dictates that a minutia can occur in any block with 0.00092 probability.
The Biometric Consortium Conference - September 20, 2004 – Arlington, VA 11
Minutiae Presence Probabilities based on Classes
• Experiment:
• NIST 4 database
• Find the image sets for 4 classes: LL, RL, W, T by also including cross-referenced images.
• For each of the 4 classes:
• Find the minutiae locations (r,c) of the fingerprint images.
• Find the core location of the fingerprint images.
• If more than one core is present, pick the uppermost one
• Register images based on core location
• Estimate the spatial probability of minutiae by accumulating the minutiae evidence on a 2D grid, using registered minutiae sets
The Biometric Consortium Conference - September 20, 2004 – Arlington, VA 12
Minutiae Presence Probabilities3x3 box filter is used for smoothing the original PDF’ s
smoothedOriginal (histogram-based)LL
The Biometric Consortium Conference - September 20, 2004 – Arlington, VA 13
Minutiae Presence Probabilities
smoothedOriginal (histogram-based)RL
The Biometric Consortium Conference - September 20, 2004 – Arlington, VA 14
Minutiae Presence Probabilities
Original (histogram-based) smoothed
W
The Biometric Consortium Conference - September 20, 2004 – Arlington, VA 15
Minutiae Presence Probabilities
smoothedOriginal (histogram-based)
ATA
The Biometric Consortium Conference - September 20, 2004 – Arlington, VA 16
Minutiae Presence Probabilities: 2D images
LL RL
ATAW
The Biometric Consortium Conference - September 20, 2004 – Arlington, VA 17
Orientation Fields based on Classes
LL
RL
The Biometric Consortium Conference - September 20, 2004 – Arlington, VA 18
Orientation Fields based on Classes
W
ATA
The Biometric Consortium Conference - September 20, 2004 – Arlington, VA 19
Experimental Results
• 160 users, 4 impressions/finger, obtained with a VERIDICOM solidstate sensor, 500 dpi, 300x300 images; average # of minutiae is 25
• Operating point of the system: FAR = 0.1%, GAR = 87.6%
FAR & FRR vs. threshold ROC curve
operating point
threshold=12.22
The Biometric Consortium Conference - September 20, 2004 – Arlington, VA 20
Sample Images from the Target Database
LL RL
W ATA
The Biometric Consortium Conference - September 20, 2004 – Arlington, VA 21
Experimental Results
• FAR=0.1% on the average, 1 in 1,000 imposter attempts will be accepted as a genuine match
• Attacker broke all of the 160 accounts with less than 1,000 attempts for each account
• The minimum, mean, and the maximum number of required attack attempts are: 128, 195, and 488, respectively
• The minimum, mean, and the maximum number of minutiae in the templates that broke the accounts are: 10, 14.2, and 21
• The minimum, mean and the maximum number of matching minutiae between the original template and the templates that broke the accounts are: 5, 6.8, and 10
The Biometric Consortium Conference - September 20, 2004 – Arlington, VA 22
Histogram of Number of Attempts
Attempt #: minimum: 128, mean: 195, maximum: 488
(mean of means for 20 different random seed instances: 198)
The Biometric Consortium Conference - September 20, 2004 – Arlington, VA 23
Sample account: account# 11
Original image with minutiae
Progression of matching scoresAccount broken at iteration# 192: original template has 16 minutia; synthetic template has 10 minutia; 5 minutiae match; final matching score: 13.3.
Synthetic ( ) and original (o) minutiae
The Biometric Consortium Conference - September 20, 2004 – Arlington, VA 24
Evolution of the Synthetic TemplateEvolution of the Synthetic Template
Original image with minutiae
Best initial guess (score: 5.6)
Iteration 192 (score: 13.3)
Iteration 125 (score: 7)
Iteration 150 (score: 8.6)
Iteration 175 (score: 10.5)
The Biometric Consortium Conference - September 20, 2004 – Arlington, VA 25
Conclusions
• The proposed attack system is quite effective when breaking the accounts of the large real-world fingerprint database (160 users) considered.
• It needed 195 iterations, on the average, to break all of the accounts.
• Utilization of class priors, minutiae presence probabilities and the class-based orientation fields improved the effectiveness of the attacker greatly.
• The developed minutiae presence probabilities can also be used in fingerprint minutiae individuality studies.