fingerprint minutiae attack system - danish biometrics · 14 minutiae presence probabilities...

The Biometric Consortium Conference - September 20, 2004 – Arlington, VA 1

Fingerprint Minutiae Attack System

Umut Uludag and Prof. Anil K. Jain

Computer Science and Engineering

Michigan State University

[email protected]

http://biometrics.cse.msu.edu


Overview

• Introduction

• Attacks Against Biometric Systems

• Proposed System Architecture

• Hill-Climbing in Fingerprint Minutiae Feature Space

• Class Priors

• Minutiae Presence Probabilities based on Classes

• Orientation Fields based on Classes

• Experimental Results

• Conclusions


Biometric System Attacks

Sensor

Feature extractor

Matcher Template database

Decision

1: fake finger

2: replay

3

45

8

76

Proposed system

Attack 3: Trojan horse; Attack 4: Synthetic features; Attack 5: Trojan horse; Attack 6: Compromised database; Attack 7: Compromised transmission channel; Attack 8: Overridden matching result.

[Ratha et al. AVBPA 2001]


Proposed System Architecture

Hill-Climbing in Fingerprint Minutiae Feature Space

• Hill climbing-based attacker for a minutiae-based fingerprint authentication system

• Location (r,c) and orientation θ of the minutiae used

• Template information unknown to the attacker

• This is the secret data that attacker wants to mimic

• Synthetic minutiae sets input to the matcher

• Attacker tries to generate a minutia set that results in a high matching score using the scores returned by the matcher


Template Database

To other modules

(multimodalfusion…)

Attack System Target System

Fingerprint Matcher

Synthetic Template Generator

Attack Module

jiT

iD( , )j

i iS D T

Block Diagram

iDj

iT1 1 1

2 2 2

ij ij ij

j j ji i i

j j ji i ij

i

n n nj j ji i i

r c

r cT

r c

: Database template corresponding to user i : jth synthetic template generated for user i

θ

θ

θ

⎡ ⎤⎢ ⎥⎢ ⎥= ⎢ ⎥⎢ ⎥⎢ ⎥⎣ ⎦

ijn : Number of minutia in Tij

( , )ji iS D T : Matching score between Di & Ti

j


Attack Steps

• Step 1 (Initial guessing): Generate a fixed number of synthetic templates: Ti

1, Ti2 , … , Ti

100 with 25 minutiae

• Step 2 (Try initial guesses): Attack user account with the templates; accumulate the matching scores: S(Di,Ti

1), S(Di,Ti2), … , S(Di,Ti

100)

• Step 3 (Choose the best): Pick the best guess (Tibest) and the

corresponding score (Sbest(Di))

• Step 4 (Modify): Modify Tibest by

• (i) perturbing an existing minutia• (ii) adding a new minutia• (iii) replacing an existing minutia; and• (iv) deleting an existing minutia

Update Tibest and Sbest(Di), if score improves

• Step 5 (Loop): Repeat Step 4 until success (Sbest(Di) > Sthreshold)

• or until a predefined attempt number is reached


Modifications(A) Perturbing an existing minutiae: Pick a minutiae randomly:

• With 0.5 probability, perturb the location (randomly to a neighbor cell), leave the angle intact

• With 0.5 probability, perturb the angle (randomly to a neighborangle quantum), leave the location intact

• We want to see the effect of a single move operation


Modifications

(B) Add a new minutiae:

• Add a randomly generated (r,c,θ ) minutiae to the current synthetic template

(C) Replace an existing minutiae with a new minutiae:

• Pick a minutiae randomly, delete it, for its place add a randomly generated (r,c,θ ) minutiae to the current synthetic template

(D) Delete an existing minutiae:

• Pick a minutiae randomly, delete it


Class Priors• Attacker guesses the class of the target template according to the prior probabilities:

• P(ATA) = 0.066, P(LL) = 0.338, P(RL) = 0.317, P(W) = 0.279

Left loopArch Tented arch

Right loop Whorl

core

delta

[Handbook of Fingerprint Recognition, Maltoni et al., 2003]


Minutiae Presence Probabilities based on Classes• Minutiae can be generated with uniform spatial probability on the 2D grid.

• Inter-ridge distance is 9 pixels, 300x300 target images have 33x33blocks: hence, uniform probability dictates that a minutia can occur in any block with 0.00092 probability.


Minutiae Presence Probabilities based on Classes

• Experiment:

• NIST 4 database

• Find the image sets for 4 classes: LL, RL, W, T by also including cross-referenced images.

• For each of the 4 classes:

• Find the minutiae locations (r,c) of the fingerprint images.

• Find the core location of the fingerprint images.

• If more than one core is present, pick the uppermost one

• Register images based on core location

• Estimate the spatial probability of minutiae by accumulating the minutiae evidence on a 2D grid, using registered minutiae sets


Minutiae Presence Probabilities3x3 box filter is used for smoothing the original PDF’ s

smoothedOriginal (histogram-based)LL


Minutiae Presence Probabilities

smoothedOriginal (histogram-based)RL



Original (histogram-based) smoothed

W



smoothedOriginal (histogram-based)

ATA


Minutiae Presence Probabilities: 2D images

LL RL

ATAW


Orientation Fields based on Classes

LL

RL


Orientation Fields based on Classes

W

ATA


Experimental Results

• 160 users, 4 impressions/finger, obtained with a VERIDICOM solidstate sensor, 500 dpi, 300x300 images; average # of minutiae is 25

• Operating point of the system: FAR = 0.1%, GAR = 87.6%

FAR & FRR vs. threshold ROC curve

operating point

threshold=12.22


Sample Images from the Target Database

LL RL

W ATA


Experimental Results

• FAR=0.1% on the average, 1 in 1,000 imposter attempts will be accepted as a genuine match

• Attacker broke all of the 160 accounts with less than 1,000 attempts for each account

• The minimum, mean, and the maximum number of required attack attempts are: 128, 195, and 488, respectively

• The minimum, mean, and the maximum number of minutiae in the templates that broke the accounts are: 10, 14.2, and 21

• The minimum, mean and the maximum number of matching minutiae between the original template and the templates that broke the accounts are: 5, 6.8, and 10


Histogram of Number of Attempts

Attempt #: minimum: 128, mean: 195, maximum: 488

(mean of means for 20 different random seed instances: 198)


Sample account: account# 11

Original image with minutiae

Progression of matching scoresAccount broken at iteration# 192: original template has 16 minutia; synthetic template has 10 minutia; 5 minutiae match; final matching score: 13.3.

Synthetic ( ) and original (o) minutiae


Evolution of the Synthetic TemplateEvolution of the Synthetic Template

Original image with minutiae

Best initial guess (score: 5.6)

Iteration 192 (score: 13.3)

Iteration 125 (score: 7)




Conclusions

• The proposed attack system is quite effective when breaking the accounts of the large real-world fingerprint database (160 users) considered.

• It needed 195 iterations, on the average, to break all of the accounts.

• Utilization of class priors, minutiae presence probabilities and the class-based orientation fields improved the effectiveness of the attacker greatly.

• The developed minutiae presence probabilities can also be used in fingerprint minutiae individuality studies.

fingerprint minutiae attack system - danish biometrics · 14 minutiae presence probabilities...

Documents