Hill-climbing attack: Parametric optimization and possible countermeasures. An application to on-line signature recognition

Although biometric recognition systems provide many advantages over traditional recognition methods, they can be vulnerable to specific attacks which may considerably decrease their security. In this paper we focus on the hill-climbing attack which is peculiar of biometric systems. Specifically, we evaluate the effectiveness of general approaches relying on parametric functions optimization for performing this kind of attack, and propose possible countermeasures which can be used for increasing the system robustness without significantly affecting its recognition performance. An application to on-line signature biometrics is taken into account to test both the proposed attacks and some possible countermeasures.

[1]  S. P. Lloyd,et al.  Least squares quantization in PCM , 1982, IEEE Trans. Inf. Theory.

[2]  Julian Fiérrez,et al.  Hill-Climbing Attack Based on the Uphill Simplex Algorithm and Its Application to Signature Verification , 2011, BIOID.

[3]  J. Spall Implementation of the simultaneous perturbation algorithm for stochastic optimization , 1998 .

[4]  Andy Adler Sample images can be independently restored from face recognition templates , 2003, CCECE 2003 - Canadian Conference on Electrical and Computer Engineering. Toward a Caring and Humane Technology (Cat. No.03CH37436).

[5]  Nalini K. Ratha,et al.  An Analysis of Minutiae Matching Strength , 2001, AVBPA.

[6]  Anil K. Jain,et al.  Biometric cryptosystems: issues and challenges , 2004, Proceedings of the IEEE.

[7]  Boris Skoric,et al.  Security with Noisy Data: Private Biometrics, Secure Key Storage and Anti-Counterfeiting , 2007 .

[8]  Alessandro Neri,et al.  Feature Selection and Binarization for On-Line Signature Recognition , 2009, ICB.

[9]  Anil K. Jain,et al.  Biometric Template Security , 2008, EURASIP J. Adv. Signal Process..

[10]  J. Spall Multivariate stochastic approximation using a simultaneous perturbation gradient approximation , 1992 .

[11]  Julian Fiérrez,et al.  Face verification put to test: A hill-climbing attack based on the uphill-simplex algorithm , 2012, 2012 5th IAPR International Conference on Biometrics (ICB).

[12]  Enrique Argones-Rúa,et al.  Biometric Template Protection Using Universal Background Models: An Application to Online Signature , 2012, IEEE Transactions on Information Forensics and Security.

[13]  Alessandro Neri,et al.  Adaptive and distributed cryptography for signature biometrics protection , 2007, Electronic Imaging.

[14]  Juan J. Igarza,et al.  MCYT baseline corpus: a bimodal biometric database , 2003 .

[15]  Julian Fiérrez,et al.  Bayesian Hill-Climbing Attack and Its Application to Signature Verification , 2007, ICB.

[16]  Julian Fierrez,et al.  Hill-climbing attack to an Eigenface-based face verification system , 2009, 2009 First IEEE International Conference on Biometrics, Identity and Security (BIdS).

[17]  Daigo Muramatsu,et al.  Online Signature Verification Algorithm Using Hill-Climbing Method , 2008, 2008 IEEE/IFIP International Conference on Embedded and Ubiquitous Computing.

[18]  John A. Nelder,et al.  A Simplex Method for Function Minimization , 1965, Comput. J..

[19]  F. Roli,et al.  Security evaluation of biometric authentication systems under real spoofing attacks , 2012, IET Biom..

[20]  Julian Fiérrez,et al.  Cancelable Templates for Sequence-Based Biometrics with Application to On-line Signature Recognition , 2010, IEEE Transactions on Systems, Man, and Cybernetics - Part A: Systems and Humans.

[21]  Katya Scheinberg,et al.  Introduction to derivative-free optimization , 2010, Math. Comput..

[22]  Andy Adler,et al.  Biometric System Security , 2008 .

[23]  J. Fierrez-Aguilar,et al.  Hill-Climbing and Brute-Force Attacks on Biometric Systems: A Case Study in Match-on-Card Fingerprint Verification , 2006, Proceedings 40th Annual 2006 International Carnahan Conference on Security Technology.

[24]  Julian Fiérrez,et al.  On the Vulnerability of Iris-Based Systems to a Software Attack Based on a Genetic Algorithm , 2012, CIARP.

[25]  Loris Nanni,et al.  An On-Line Signature Verification System Based on Fusion of Local and Global Information , 2005, AVBPA.