biometric spoofing and anti-spoofing - research … · biometric spoofing and anti-spoofing ......
TRANSCRIPT
Biometric Spoofing and Anti-SpoofingPresentation Attack Detection – part 1
Sebastien Marcel
Head of the Biometrics Security and Privacy grouphttp://www.idiap.ch/
~
marcel
IEEE Workshop on Information Forensics and Security,Rennes,
France – December 5, 2017
1/43
Outline
IdiapWhere is Idiap ?What is Idiap ?
IntroductionBiometrics SecurityPresentation Attacks in MoviesPresentation Attacks in realityDefinitionImportance
2/43
Where is Idiap ?
3/43
Where is Idiap ?
4/43
Where is Idiap ?
Altitude to ski ranges from 1400m to 3000m
5/43
What is Idiap ?
• Non-for-profit research institute founded in 1991
• A�liated with Ecole polytechnique federale de Lausanne(EPFL)
• Research, Education and Technology transfer
• 9 research groups in Human & Media Computing (computervision, speech and audio, machine learning, . . . ) and onegroup on Biometrics Security and Privacy
For more information:
www.idiap.ch
6/43
Biometrics Security
A biometric system is vulnerable to attacks 1
7
1
2
3
4
5
6
Sensor Feature Extractor Comparator
Database
Decision
8
biometric data biometric feature score
biometric
reference
• Indirect attacks (2-8)
• Direct attacks (1)
1NK Ratha et al., Enhancing security and privacy in biometrics-based authentication systems, IBM Systems
Journal, 40(3):614634, 2001
7/43
Biometrics Security
Indirect Attacks
7
1
2
3
4
5
6
Sensor Feature Extractor Comparator
Database
Decision
8
biometric data biometric feature score
biometric
reference
Indirect attacks are performed inside the system by:
• bypassing the feature extractor or the comparator (3, 5),
• manipulating the biometric references in the biometricreference database (6),
• exploiting possible weak points in communication channels (2,4, 7, 8).
8/43
Biometrics Security
Direct Attacks
7
1
2
3
4
5
6
Sensor Feature Extractor Comparator
Database
Decision
8
biometric data biometric feature score
biometric
reference
Direct attacks (presentation/spoofing attacks) are performed atthe sensor level: the sensor is fooled and not replaced nortampered.
In this lecture we are concerned with presentation attacks
9/43
Presentation Attacks in Movies
MacGyver - The Human Factor (S02E01 1986)
Using dust and jacket to simulate a hand on the hand printscanner !
10/43
Presentation Attacks in Movies
MacGyver - The Human Factor (S02E01 1986)
1 scraped some plaster o↵ the walls,
2 sprinkled the plaster dust over thepalm print reader revealing theColonels hand print,
3 laid a jacket down over the plasterhand print impression and lightlypressed down on the reader.
11/43
Presentation Attacks in Movies
Sneakers (1992)
Replay a voice recording in front of a speaker recognition system !
12/43
Presentation Attacks in Movies
Sneakers (1992)
13/43
Presentation Attacks in Movies
Demolition Man (1993)
Present an eyeball in front of a iris scanner !
14/43
Presentation Attacks in Movies
GATTACA (1997)
Injecting blood samples in a false finger tip to fool DNAidentification !
15/43
Presentation Attacks in Movies
Minority Report (2002)
Using eyeball-swapping surgery to avoid iris identification !
16/43
Presentation Attacks in Movies
X-Men 2 (2003)
High-tech iris spoofing !
17/43
Presentation Attacks in Movies
RED 2 (2013)
Iris spoofing (not retina) with a fake contact lens !
18/43
Presentation Attacks in reality
CVDazzle (Apr 2010)
Camouflage from face detection (Adam Harveyhttp://ahprojects.com/projects/cv-dazzle)
19/43
Presentation Attacks in reality
CVDazzle (Apr 2010)
Designed to confuse boosted weak-learners based on Haar-likefeatures (OpenCV implementation of Viola-Jones)
20/43
Presentation Attacks in reality
Bank robbery (2010)
Conrad Zdzierak used a silicon masks to pass himself o↵ as a blackcharacter ”SPFX The Player” during robberies !
21/43
Presentation Attacks in reality
Hong Kong - Vancouver (Jan 2011)
A passenger boarded a plane in Hong Kong with an old man maskand arrived in Canada !
22/43
Presentation Attacks in reality
Camoflash (Nov 2011)
Anti-paparazzi fashion accessory using high brightness LEDs(Adam Harvey http://ahprojects.com/projects/camoflash)
23/43
Presentation Attacks in reality
Blind Cameras
Blind Cameras with an Infrared LED Hat
24/43
Presentation Attacks in reality
Blind Cameras
25/43
Presentation Attacks in reality
Android 4.0 (Nov 2011)
Android 4.0 Face UnLock feature spoofed by photograph
26/43
Presentation Attacks in reality
Android 4.1 (Jun 2012)
Liveness check (eye blink) introduced in Android 4.1
27/43
Presentation Attacks in reality
Bank robbery again (2012)
Burglars who robbed a cash-checking store in Queens disguised ascops !
28/43
Presentation Attacks in reality
Brazil (March 2013)
Fake fingers used to fool Hospital clock-in scanner
29/43
Presentation Attacks in reality
More bank robbery (2013)
Steven Ray Milam robbed 11 banks in Texas with ”SPFY TheHandsome Guy” silicon mask
30/43
Presentation Attacks in reality
iPhone 5s - Touch ID (Sep 20 2013)
How many days will it take to spoof it ?
2 days !iPhone 5s spoofed by the Chaos Computer Club (1st public ...)
31/43
Presentation Attacks in reality
iPhone 5s - Touch ID (Sep 20 2013)
How many days will it take to spoof it ? 2 days !iPhone 5s spoofed by the Chaos Computer Club (1st public ...)
31/43
Presentation Attacks in reality
iPhone 5s spoofed by CCC (Sep 21 2013)
http://www.ccc.de/en/updates/2013/ccc-breaks-apple-touchid
32/43
Presentation Attacks in reality
Apple and fingerprints the full story
http://fingerchip.pagesperso-orange.fr/biometrics/types/
fingerprint_apple.htm
Jean-Francois Mainguet (Sep 22 2013)
33/43
Presentation Attacks in reality
Finger-vein (Oct 2014)
Finger-vein commercial system spoofed by a piece of paper
34/43
Presentation Attacks in reality
Samsung Galaxy S8 Iris spoofed by CCC (May 23 2017)
35/43
Presentation Attacks in reality
Samsung Galaxy S8 Iris spoofed by CCC (May 23 2017)
https://media.ccc.de/v/biometrie-s8-iris-en
36/43
Presentation Attacks in reality
iPhone X FaceID (Sep 2017)
37/43
Presentation Attacks in reality
iPhone X FaceID robust to masks (Sep 2017)
38/43
Presentation Attacks in reality
iPhone X spoofed by Bkav (Nov 27 2017)
http://www.bkav.com 39/43
Definitions
Spoofing AttackOutwitting a biometric sensor by presenting a counterfeit biometricevidence of a valid user2
Anti-SpoofingCountermeasure to spoofing attack
No common terminology so farspoofing, evasion/concealment, anti-spoofing, livenessdetection, presentation attack, presentation attack detection, . . .
2K. A. Nixon et al. Spoof Detection Schemes; Handbook of Biometrics, 2008
40/43
Definition by ISO 3
Presentation Attack – PApresentation to the biometric data capture subsystem with the goalof interfering with the operation of the biometric systemmethods: artefact, mutilations, replay, . . .goals: impersonation or not being recognized (concealment)
Normal (Bona Fide) Presentation
interaction of the biometric capture subject and the biometric datacapture subsystem in the fashion intended by the policy of thebiometric systemin short anything which is not a PA !
Presentation Attack Instrument – PAIbiometric characteristic or object used in a presentation attackeg. artefacts, dead bodies, altered fingerprints, . . .
Presentation Attack Detection – PADautomated determination of a presentation attack
3ISO/IEC 30107-1:2016, Biometric presentation attack detection – part 1, 2016
41/43
Importance
Presentation Attack is a major threat
7
1
2
3
4
5
6
Sensor Feature Extractor Comparator
Database
Decision
8
biometric data biometric feature score
biometric
reference
because it can be created and performed by anyone with nospecific skills in computer science
42/43
Importance
Funding programs/projects
• EU TABULA RASA ”Trusted Biometrics under SpoofingAttacks” (2010-2014)
www.tabularasa-euproject.org
• EU BEAT ”Biometrics Evaluation and Testing” (2012-2016)
www.beat-eu.org
• CH/VS: Swiss Center for Biometrics Research and Testing(2014–)
www.biometrics-center.ch
• NO: SWAN ”Secure Access Control Over Wide AreaNetwork” (2016-2019)
www.ntnu.edu/iik/swan
• US: IARPA Odin Thor/Loki red team approach (2017-2020)
www.iarpa.gov/index.php/research-programs/odin
43/43