Biometric attack vectors and defences

Much has been reported on attempts to fool biometric sensors with false fingerprints, facial overlays and a myriad of other spoofing approaches. Other attack vectors on biometric systems have, however, had less prominence. This paper seeks to present a broader and more practical view of biometric system attack vectors, placing them in the context of a risk-based systems approach to security and outlining defences.

[1]  J. Fierrez-Aguilar,et al.  Hill-Climbing and Brute-Force Attacks on Biometric Systems: A Case Study in Match-on-Card Fingerprint Verification , 2006, Proceedings 40th Annual 2006 International Carnahan Conference on Security Technology.

[2]  M. Petró‐Turza,et al.  The International Organization for Standardization. , 2003 .

[3]  L Rudolf,et al.  Optical Security and Counterfeit Deterrence Techniques III , 1996 .

[4]  Nalini K. Ratha,et al.  Enhancing security and privacy in biometrics-based authentication systems , 2001, IBM Syst. J..

[5]  H. Damasio,et al.  IEEE Transactions on Pattern Analysis and Machine Intelligence: Special Issue on Perceptual Organization in Computer Vision , 1998 .

[6]  Arun Ross,et al.  Biometric template security: Challenges and solutions , 2005, 2005 13th European Signal Processing Conference.

[7]  D. Blayney,et al.  Challenges and solutions. , 2007, Journal of oncology practice.

[8]  Ping Pan,et al.  Internet Engineering Task Force , 1995 .

[9]  日本規格協会 情報技術-セキュリティ技術-情報セキュリティマネジメントシステム-要求事項 : 国際規格ISO/IEC 27001 = Information technology-Security techniques-Information security management systems-Requirements : ISO/IEC 27001 , 2005 .

[10]  Standards New Zealand.,et al.  Risk management guidelines: companion to AS/NZS 4360:2004 , 2004 .

[11]  Sharath Pankanti,et al.  Verification watermarks on fingerprint recognition and retrieval , 1999, Electronic Imaging.

[12]  David W. Roberts Evaluation Criteria for IT Security , 1991, Computer Security and Industrial Cryptography.

[13]  David Willis,et al.  Six biometric devices point the finger at security , 1998 .

[14]  Anil K. Jain,et al.  Hiding Biometric Data , 2003, IEEE Trans. Pattern Anal. Mach. Intell..