Abstract
A general hill-climbing attack to biometric systems based on a modification of the downhill simplex algorithm is presented. The scores provided by the matcher are used in this approach to adapt iteratively an initial estimate of the attacked template to the specificities of the client being attacked. The proposed attack is evaluated on a competitive feature-based signature verification system over both the MCYT and the BiosecurID databases (comprising 330 and 400 users, respectively). The results show a very high efficiency of the hill-climbing algorithm, which successfully bypassed the system for over 90% of the attacks with a remarkably low number of scores needed.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Jain, A.K., Ross, A., Pankanti, S.: Biometrics: a tool for information security. IEEE Trans. on Information Forensics and Security 1, 125–143 (2006)
Van der Putte, T., Keuning, J.: Biometrical fingerprint recognition: don’t get your fingers burned. In: Proc. Conference on Smart Card Research and Advanced Applications (CARDIS), pp. 289–303 (2000)
Pacut, A., Czajka, A.: Aliveness detection for iris biometrics. In: Proc. IEEE Int. Carnahan Conf. on Security Technology (ICCST), vol. 1, pp. 122–129 (2006)
Soutar, C., Gilroy, R., Stoianov, A.: Biometric system performance and security. In: Proc. IEEE Automatic Identification Advanced Technologies, AIAT (1999)
Ratha, N.K., Connell, J.H., Bolle, R.M.: An analysis of minutiae matching strength. In: Bigun, J., Smeraldi, F. (eds.) AVBPA 2001. LNCS, vol. 2091, pp. 223–228. Springer, Heidelberg (2001)
Galbally, J., Fierrez, J., Rodriguez-Gonzalez, J., Alonso-Fernandez, F., Ortega-Garcia, J., Tapiador, M.: On the vulnerability of fingerprint verification systems to fake fingerprint attacks. In: Proc. IEEE Int. Carnahan Conf. on Security Technology (ICCST), pp. 130–136 (2006)
Adler, A.: Sample images can be independently restored from face recognition templates. In: Proc. Canadian Conference on Electrical and Computer Engineering (CCECE), vol. 2, pp. 1163–1166 (2003)
Uludag, U., Jain, A.: Attacks on biometric systems: a case study in fingerprints. In: Proc. SPIE Seganography and Watermarking of Multimedia Contents VI, vol. 5306, pp. 622–633 (2004)
Martinez-Diaz, M., Fierrez, J., Alonso-Fernandez, F., Ortega-Garcia, J., Siguenza, J.A.: Hill-climbing and brute force attacks on biometric systems: a case study in match-on-card fingerprint verification. In: Proc. IEEE Int. Carnahan Conf. on Security Technology (ICCST), vol. 1, pp. 151–159 (2006)
Galbally, J., Fierrez, J., Ortega-Garcia, J.: Bayesian hill-climbing attack and its application to signature verification. In: Lee, S.-W., Li, S.Z. (eds.) ICB 2007. LNCS, vol. 4642, pp. 386–395. Springer, Heidelberg (2007)
Nelder, J.A., Mead, R.: A simplex method for function minimization. Computer Journal 7, 313–368 (1965)
Ortega-Garcia, J., Fierrez-Aguilar, J., et al.: MCYT baseline corpus: a bimodal biometric database. IEE Proc. Vis. Image Signal Process. 150, 395–401 (2003)
Fierrez, J., Galbally, J., Ortega-Garcia, J., Freire, M.R., Alonso-Fernandez, F., Ramos, D., Toledano, D.T., Gonzalez-Rodriguez, J., Siguenza, J.A., Garrido-Salas, J., Anguiano, E., de Rivera, G.G., Ribalda, R., Faundez-Zanuy, M., Ortega, J.A., Cardeoso-Payo, V., Viloria, A., Vivaracho, C.E., Moro, Q.I., Igarza, J.J., Sanchez, J., Hernaez, I., Orrite-Uruuela, C., Martinez-Contreras, F., Gracia-Roche, J.J.: BiosecurID: a multimodal biometric database. Pattern Analysis and Applications 13, 235–246 (2009)
Fierrez-Aguilar, J., Nanni, L., et al.: An On-Line Signature Verification System Based on Fusion of Local and Global Information. In: Kanade, T., Jain, A., Ratha, N.K. (eds.) AVBPA 2005. LNCS, vol. 3546, pp. 523–532. Springer, Heidelberg (2005)
Jain, A.K., Nandakumar, K., Ross, A.: Score normalization in multimodal biometric systems. Pattern Recognition 38, 2270–2285 (2005)
Galbally, J.: Vulnerabilities and Attack Protection in Security Systems Based on Biometric Recognition. PhD thesis (2009)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Gomez-Barrero, M., Galbally, J., Fierrez, J., Ortega-Garcia, J. (2011). Hill-Climbing Attack Based on the Uphill Simplex Algorithm and Its Application to Signature Verification. In: Vielhauer, C., Dittmann, J., Drygajlo, A., Juul, N.C., Fairhurst, M.C. (eds) Biometrics and ID Management. BioID 2011. Lecture Notes in Computer Science, vol 6583. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-19530-3_8
Download citation
DOI: https://doi.org/10.1007/978-3-642-19530-3_8
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-19529-7
Online ISBN: 978-3-642-19530-3
eBook Packages: Computer ScienceComputer Science (R0)