An Analysis of Enrollment and Query Attacks on Hierarchical Bloom Filter-Based Biometric Systems

A Hierarchical Bloom Filter (HBF)-based biometric framework was recently proposed to provide compact storage, noise tolerance, and fast query processing for resource-constrained environments, e.g., Internet of things (IoT). While security and privacy were also touted as features of the HBF, it was not thoroughly evaluated. Compared to the classical BFs, the HBF uses a threshold parameter to make robust authentication decisions when the HBF encounters noise in the biometric input which one would think might lead to security issues. In this paper, the attack vectors that could compromise the HBF security by increasing the false positive authentication of non-members and by leaking soft information about enrolled members are explored. With quantitative analyses, HBF-based biometric system security under these well-defined attack vectors is evaluated and it is concluded that the framework is more difficult to attack than the classical Bloom Filter. Further, experimental results show that soft biometric information is also kept private.

[1]  Kevin W. Bowyer,et al.  Does Face Recognition Accuracy Get Better With Age? Deep Face Matchers Say No , 2019, 2020 IEEE Winter Conference on Applications of Computer Vision (WACV).

[2]  Umarani Jayaraman,et al.  Efficient similarity search on multidimensional space of biometric databases , 2021, Neurocomputing.

[3]  Domenic Forte,et al.  Hierarchical Bloom Filter Framework for Security, Space-efficiency, and Rapid Query Handling in Biometric Systems , 2019, 2019 IEEE 10th International Conference on Biometrics Theory, Applications and Systems (BTAS).

[4]  Douglas A. Reynolds,et al.  SHEEP, GOATS, LAMBS and WOLVES A Statistical Analysis of Speaker Performance in the NIST 1998 Speaker Recognition Evaluation , 1998 .

[5]  N. Memon,et al.  Confusion/Diffusion Capabilities of Some Robust Hash Functions , 2006, 2006 40th Annual Conference on Information Sciences and Systems.

[6]  Narishige Abe,et al.  Irreversible fingerprint template using Minutiae Relation Code with Bloom Filter , 2015, 2015 IEEE 7th International Conference on Biometrics Theory, Applications and Systems (BTAS).

[7]  Wen Hu,et al.  Sequence Data Matching and Beyond: New Privacy-Preserving Primitives Based on Bloom Filters , 2020, IEEE Transactions on Information Forensics and Security.

[8]  Haryati Binti Jaafar,et al.  A methodology of nearest neighbor: Design and comparison of biometric image database , 2016, 2016 IEEE Student Conference on Research and Development (SCOReD).

[9]  Ramachandra Raghavendra,et al.  Multi-biometric template protection based on bloom filters , 2018, Inf. Fusion.

[10]  Christoph Busch,et al.  Towards cancelable multi-biometrics based on bloom filters: a case study on feature level fusion of face and iris , 2015, 3rd International Workshop on Biometrics and Forensics (IWBF 2015).

[11]  K. Paterson,et al.  Improved Reconstruction Attacks on Encrypted Data Using Range Query Leakage , 2018, 2018 IEEE Symposium on Security and Privacy (SP).

[12]  Anil K. Jain,et al.  Biometric Template Security , 2008, EURASIP J. Adv. Signal Process..

[13]  Christoph Busch,et al.  On application of bloom filters to iris biometrics , 2014, IET Biom..

[14]  Bart Mennink,et al.  When a Bloom filter is a Doom filter: Security assessment of a novel iris biometric template protection system , 2014, 2014 International Conference of the Biometrics Special Interest Group (BIOSIG).

[15]  Karl Ricanek,et al.  MORPH: a longitudinal image database of normal adult age-progression , 2006, 7th International Conference on Automatic Face and Gesture Recognition (FGR06).

[16]  Yang Song,et al.  Age Progression/Regression by Conditional Adversarial Autoencoder , 2017, 2017 IEEE Conference on Computer Vision and Pattern Recognition (CVPR).

[17]  Dipankar Dasgupta,et al.  A Locality Sensitive Hashing Based Approach for Generating Cancelable Fingerprints Templates , 2019, 2019 IEEE 10th International Conference on Biometrics Theory, Applications and Systems (BTAS).

[18]  Chu-Song Chen,et al.  Face Recognition and Retrieval Using Cross-Age Reference Coding With Cross-Age Celebrity Dataset , 2015, IEEE Transactions on Multimedia.

[19]  Julian Fiérrez,et al.  Protected Facial Biometric Templates Based on Local Gabor Patterns and Adaptive Bloom Filters , 2014, 2014 22nd International Conference on Pattern Recognition.

[20]  Christoph Busch,et al.  Towards Bloom filter-based indexing of iris biometric data , 2015, 2015 International Conference on Biometrics (ICB).

[21]  Jianfeng Ma,et al.  Towards Secure Approximate ${k}$ -Nearest Neighbor Query Over Encrypted High-Dimensional Data , 2018, IEEE Access.

[22]  Xu Tang,et al.  Face Aging with Identity-Preserved Conditional Generative Adversarial Networks , 2018, 2018 IEEE/CVF Conference on Computer Vision and Pattern Recognition.

[23]  Cédric Lauradoux,et al.  The Power of Evil Choices in Bloom Filters , 2015, 2015 45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks.

[24]  Kimmo Kärkkäinen,et al.  FairFace: Face Attribute Dataset for Balanced Race, Gender, and Age , 2019, ArXiv.

[25]  Christopher Patton,et al.  Probabilistic Data Structures in Adversarial Environments , 2019, CCS.

[26]  Ahmad-Reza Sadeghi,et al.  Efficient Privacy-Preserving Face Recognition , 2009, ICISC.

[27]  Roksana Boreli,et al.  How Much Is Too Much? Leveraging Ads Audience Estimation to Evaluate Public Profile Uniqueness , 2013, Privacy Enhancing Technologies.

[28]  Adam O'Neill,et al.  Generic Attacks on Secure Outsourced Databases , 2016, CCS.

[29]  Christoph Busch,et al.  Towards generating protected fingerprint templates based on bloom filters , 2015, 3rd International Workshop on Biometrics and Forensics (IWBF 2015).

[30]  Zhe Jin,et al.  Ranking-Based Locality Sensitive Hashing-Enabled Cancelable Biometrics: Index-of-Max Hashing , 2017, IEEE Transactions on Information Forensics and Security.

[31]  Burton H. Bloom,et al.  Space/time trade-offs in hash coding with allowable errors , 1970, CACM.

[32]  Tsuyoshi Takagi,et al.  Efficient outsourcing of secure k-nearest neighbour query over encrypted database , 2017, Comput. Secur..

[33]  Sanjay Kumar Singh,et al.  Providing robust security measures to Bloom filter based biometric template protection schemes , 2017, Comput. Secur..

[34]  Paolo Palmieri,et al.  Probabilistic Properties of the Spatial Bloom Filters and Their Relevance to Cryptographic Protocols , 2018, IEEE Transactions on Information Forensics and Security.

[35]  Farinaz Koushanfar,et al.  Sub-Linear Privacy-Preserving Near-Neighbor Search , 2016, IACR Cryptol. ePrint Arch..