Embed Size (px)
Citation preview
BiometricsBiometricsHiroki MorimotoHiroki Morimoto
OverviewOverview DefinitionDefinition Advantages/Disadvantages and Ideal BiometricsAdvantages/Disadvantages and Ideal Biometrics Usage and System of BiometricsUsage and System of Biometrics Current application in real worldCurrent application in real world Biometrics ErrorsBiometrics Errors Possible AttacksPossible Attacks ExamplesExamples
– FingerprintFingerprint– Hand GeometryHand Geometry– Iris ScanIris Scan– Voice RecognitionVoice Recognition
ConclusionConclusion ReferencesReferences
DefinitionDefinition
BiometricsBiometrics refers to methods for uniquely refers to methods for uniquely recognizing or verifying a person based recognizing or verifying a person based upon one or more physical characteristics upon one or more physical characteristics or behavioral traits or behavioral traits
BiometricsBiometrics identifies the person by what identifies the person by what he or she is, not by what she knows (i.e. he or she is, not by what she knows (i.e. passwords) nor what he has (i.e. ID cards)passwords) nor what he has (i.e. ID cards)
Behavioral basedBehavioral based Behavioral-based methodsBehavioral-based methods perform perform
the identification task by recognizing the identification task by recognizing people's behavioral patternspeople's behavioral patterns
– Examples: Examples: signatures, keyboard typing, and voice printsignatures, keyboard typing, and voice print
– Advantage:Advantage: they are sometimes more acceptable to users and they are sometimes more acceptable to users and
generally cost less to implementgenerally cost less to implement– Disadvantage: Disadvantage:
they all have high variations, which are difficult to they all have high variations, which are difficult to cope with. cope with.
they can be difficult to measure because of they can be difficult to measure because of influences such as stress, fatigue, or illness,. influences such as stress, fatigue, or illness,.
Physiological basedPhysiological based Physiological-based methodsPhysiological-based methods verify a verify a
person's identity by means of his or her person's identity by means of his or her physiological characteristics physiological characteristics – Examples:Examples:
fingerprint, iris pattern (eye blood vessel pattern), fingerprint, iris pattern (eye blood vessel pattern), palm geometry, DNA, or facial featurespalm geometry, DNA, or facial features
– Advantages: Advantages: in general, physiological traits are more stable in general, physiological traits are more stable
because most physiological features are virtually because most physiological features are virtually nonalterable nonalterable
difficult to forge.difficult to forge.– Disadvantages:Disadvantages:
some of them are time consuming some of them are time consuming some people don't feel comfortable with itsome people don't feel comfortable with it
ComparisonComparison Generally, physiological characteristics provide higher Generally, physiological characteristics provide higher
recognition accuracy than behavioral featuresrecognition accuracy than behavioral features– average error rate of behavioral methods is 10 to 100 times average error rate of behavioral methods is 10 to 100 times
higher than physiological one higher than physiological one Intrusiveness: measure of users psychological discomfortIntrusiveness: measure of users psychological discomfort Convenience: measure of users physical discomfortConvenience: measure of users physical discomfort There is tradeoff between these two factors and error rate There is tradeoff between these two factors and error rate
Why Biometrics?Why Biometrics? Biometrics seen as desirable replacement Biometrics seen as desirable replacement
for passwords and IDsfor passwords and IDs– Users no longer have to Users no longer have to
remember passwordsremember passwords carry IDscarry IDs worry about losing/forgetting themworry about losing/forgetting them update them update them
More Secure because difficult to steal and More Secure because difficult to steal and forgeforge
Need no human resource expenses due to Need no human resource expenses due to lockout or password reset. Thus, it lockout or password reset. Thus, it decreases system management costdecreases system management cost
Why Biometrics? (cont)Why Biometrics? (cont)
Very active area of researchVery active area of research Total revenue likely to reach $1 Total revenue likely to reach $1
billion in the year 2003billion in the year 2003 It offers two important features:It offers two important features:
– Fraud detectionFraud detection: easy to discover : easy to discover multiple registration multiple registration
– Fraud deterrenceFraud deterrence: introduce the : introduce the psychological effect not to do multiple psychological effect not to do multiple registrationregistration
Problems of BiometricsProblems of Biometrics Biometrics are not widely accepted becauseBiometrics are not widely accepted because
– Some devices are still costly and time consumingSome devices are still costly and time consuming– Some people find their use as intrusive and/or Some people find their use as intrusive and/or
invasiveinvasive– Privacy and confidentially issues of bio recordsPrivacy and confidentially issues of bio records– It can be a single point of failure so that secondary It can be a single point of failure so that secondary
way must be provided (such as password/ID)way must be provided (such as password/ID)– Cancelation, erase, and reset are (almost) Cancelation, erase, and reset are (almost)
impossible. Thus, once it is stolen or opened to impossible. Thus, once it is stolen or opened to public, all other systems can be accessed/attackedpublic, all other systems can be accessed/attacked
– Forgeries are possibleForgeries are possible
Ideal BiometricIdeal Biometric UniversalityUniversality everyone should have the characteristic everyone should have the characteristic
– In reality, no biometric applies to everyoneIn reality, no biometric applies to everyone UniquenessUniqueness distinguish with certainty distinguish with certainty
– In reality, cannot hope for 100% certaintyIn reality, cannot hope for 100% certainty PermanencePermanence physical characteristic being measured never physical characteristic being measured never
changeschanges– In reality, want it to remain valid for a long timeIn reality, want it to remain valid for a long time
CollectabilityCollectability easy to collect required data easy to collect required data – Depends on whether subjects are cooperativeDepends on whether subjects are cooperative
AcceptabilityAcceptability degree of approval of a technology. degree of approval of a technology.– In reality, everyone doesn’t feel comfortable with it In reality, everyone doesn’t feel comfortable with it
SafetySafety assurance of confidentially and Integrity of collected assurance of confidentially and Integrity of collected datadata– Still is a current subject Still is a current subject
CircumventionCircumvention ease of use of a substitute ease of use of a substitute– Tradeoff between cost and goalTradeoff between cost and goal
Biometrics UsageBiometrics Usage IdentificationIdentification Who goes there? Who goes there?
– Compare one to manyCompare one to many– Example: The FBI fingerprint databaseExample: The FBI fingerprint database
AuthenticationAuthentication Is that really you? Is that really you?– Compare one to oneCompare one to one– Example: Thumbprint mouseExample: Thumbprint mouse
Identification problem more difficult (high Identification problem more difficult (high error rate)error rate)– Because more “random” matches since more Because more “random” matches since more
comparisonscomparisons Authentication needs less computational Authentication needs less computational
resources resources
Biometrics StrategyBiometrics Strategy The common basic process of a biometrics system:The common basic process of a biometrics system:
Enrollment:Enrollment: capture raw data capture raw data Feature ExtractionFeature Extraction: encode the raw data into the : encode the raw data into the
distinctive characteristics on the specific systemdistinctive characteristics on the specific system Template CreationTemplate Creation: system specific template is created: system specific template is created
– A template is a small file derived from the distinctive A template is a small file derived from the distinctive features of a user's bio datafeatures of a user's bio data
There are two types of template:There are two types of template:– Enrollment templateEnrollment template: generated during the user’s first : generated during the user’s first
interaction and stored in the enrollment database for future interaction and stored in the enrollment database for future useuse
– Matching templateMatching template: generated during : generated during identification/authentication attempts, to be compared with identification/authentication attempts, to be compared with the enrollment template and discarded each time the enrollment template and discarded each time
Biometrics MatchingBiometrics Matching: two temples compare statistically : two temples compare statistically to determine the degree of correlation. The resulting to determine the degree of correlation. The resulting score is compared against the threshold to determine score is compared against the threshold to determine math or mismatchmath or mismatch
Enrollment vs. RecognitionEnrollment vs. Recognition Enrollment phaseEnrollment phase
– Subject’s biometric info put into databaseSubject’s biometric info put into database– Must carefully measure the required infoMust carefully measure the required info– OK if slow and repeated measurement neededOK if slow and repeated measurement needed– Must be very precise for good recognitionMust be very precise for good recognition– A weak point of many biometric schemesA weak point of many biometric schemes
Recognition phaseRecognition phase– Biometric detection when used in practiceBiometric detection when used in practice– Must be quick and simpleMust be quick and simple– But must be reasonably accurate But must be reasonably accurate
Biometrics in our worldBiometrics in our world
In the past, it was used to In the past, it was used to protect highly sensitive protect highly sensitive informationinformation
Now it is more familiar to usNow it is more familiar to us– Palm print for secure entryPalm print for secure entry
West Virginia University implemented West Virginia University implemented it at 2002 in a dominant building it at 2002 in a dominant building
McDonald’s use for timekeeping of McDonald’s use for timekeeping of workersworkers
– Fingerprint to unlock car door and Fingerprint to unlock car door and log into the computer log into the computer
Application of BiometricsApplication of Biometrics
Biometrics application can be Biometrics application can be categorized in horizontal categories categorized in horizontal categories and vertical marketsand vertical markets
Biometrics CategoriesBiometrics Categories Citizen IdentificationCitizen Identification
– identify/authenticate citizens interacting with government agencies identify/authenticate citizens interacting with government agencies PC/Network Access PC/Network Access
– secure access to PCs, Network and other computer resource secure access to PCs, Network and other computer resource Physical Access / Time and AttendancePhysical Access / Time and Attendance
– secure access to a given area at a given timesecure access to a given area at a given time Surveillance and ScreeningSurveillance and Screening
– identify/authenticate individual presence in a given location identify/authenticate individual presence in a given location Retail ATM / Point of SaleRetail ATM / Point of Sale
– provide identification/authentication for in-person transactions for provide identification/authentication for in-person transactions for goods/servicesgoods/services
E-Commerce / TelephonE-Commerce / Telephon– provide identification/authentication for remote transactions for provide identification/authentication for remote transactions for
goods/servicesgoods/services Criminal Identification Criminal Identification
– identify/verify individual in law enforcement application identify/verify individual in law enforcement application
* Descending order of estimated annual revenues generated 2003-2007 * Descending order of estimated annual revenues generated 2003-2007
Biometrics MarketsBiometrics Markets
Government SectorGovernment Sector Travel and TransportationTravel and Transportation Financial SectorFinancial Sector Health CareHealth Care Law EnforcementLaw Enforcement
* Descending order of estimated * Descending order of estimated annual revenues generated 2003-annual revenues generated 2003-2007 2007
Market Share of BiometricsMarket Share of Biometrics
ErrorsErrors False acceptance rateFalse acceptance rate: user : user AA miss-authenticated miss-authenticated
as user as user BB– Sometime called type1 error, fraud rate, ...Sometime called type1 error, fraud rate, ...
– FAR = 1 – sensitivity = 1 – TPRFAR = 1 – sensitivity = 1 – TPR – sensitivity, true positive rate (TPR), is the percentage that sensitivity, true positive rate (TPR), is the percentage that
an authorized person is admitted an authorized person is admitted
False rejection rateFalse rejection rate: user : user AA not authenticated as not authenticated as user user AA– Also known as type2 error, insult rate, …Also known as type2 error, insult rate, …
– FRR = 1 – specialty = 1 – TNRFRR = 1 – specialty = 1 – TNR– specificity, true negative rate (TNR), is the percentage that specificity, true negative rate (TNR), is the percentage that
an unauthorized person is correctly rejected an unauthorized person is correctly rejected
ErrorsErrors
A good system should have both low A good system should have both low FRR (high sensitivity) and low FAR FRR (high sensitivity) and low FAR (high specificity) (high specificity)
However, for any biometric, there is However, for any biometric, there is tradeofftradeoff– can decrease one, but other will increasecan decrease one, but other will increase
Tradeoff is illustrated by so-called Tradeoff is illustrated by so-called receiver operation characteristic receiver operation characteristic (ROC) curves(ROC) curves or by the or by the detection detection error tradeoff (DET) curveserror tradeoff (DET) curves
(a) ROC, (b) (DET)(a) ROC, (b) (DET) FAR is plotted against FRR by varying the thresholdFAR is plotted against FRR by varying the threshold For examples:For examples:
– at (*), FAR and FRR are equal about 20%at (*), FAR and FRR are equal about 20%– at (o), FRR is 10% and FAR is 50%. at (o), FRR is 10% and FAR is 50%.
Dropping threshold will move the operating point toward the right Dropping threshold will move the operating point toward the right of both curves, of both curves, – which means the system will be less sensitive and more specificwhich means the system will be less sensitive and more specific
Raising the threshold is vise versa Raising the threshold is vise versa
ErrorsErrors
Equal error rate:Equal error rate: rate where FAR rate where FAR == FRR== FRR– The best measure for comparing The best measure for comparing
biometricsbiometrics
AttacksAttacks
Mainly, there are three possible attacks:Mainly, there are three possible attacks:– Presenting artificial created samplesPresenting artificial created samples– Eavesdropping the communication between Eavesdropping the communication between
the sensor device and the systemthe sensor device and the system– Exploiting the template databaseExploiting the template database
The first scenario has proven to be the The first scenario has proven to be the easiest and the most successfuleasiest and the most successful
The other two can help to obtain data The other two can help to obtain data required to create the artificial samplerequired to create the artificial sample
FingerprintsFingerprints
Fingerprints have four important Fingerprints have four important features: loops, whorls, arches, and features: loops, whorls, arches, and tentstents
Thus, extracting these features to Thus, extracting these features to create the minutiaecreate the minutiae
Loop Whorl Arch Tent
Implementation of Implementation of fingerprintsfingerprints
Implementation StepsImplementation Steps1.1. Capture image of fingerprintCapture image of fingerprint2.2. Enhance imageEnhance image3.3. Identify minutiaIdentify minutia
Implementation of Implementation of fingerprintsfingerprints
1.1. Compares the extracted minutiae with the Compares the extracted minutiae with the data in the databasedata in the database
2.2. The result is calculated by graph mating The result is calculated by graph mating statically statically
Features of Fingerprints Features of Fingerprints Advantages:Advantages:
– Its EER of about Its EER of about 5%5%– Unique even for identical twins (not genetics dependent)Unique even for identical twins (not genetics dependent)– Popular, cheap, ease of use, quick, …Popular, cheap, ease of use, quick, …
Disadvantages:Disadvantages:– Not permanent and universal due to injury, aging or other Not permanent and universal due to injury, aging or other
factorsfactors– Less acceptable because it is often associated with Less acceptable because it is often associated with
”forensic application” ”forensic application”
Attack:Attack:– Extracting/Reproducing achieved by using bond and Extracting/Reproducing achieved by using bond and
gelatingelatin– i.e. the Japanese mathematician, T. Mastumoto, i.e. the Japanese mathematician, T. Mastumoto,
succeeded in fooling a finger print device using an succeeded in fooling a finger print device using an artificial gelatin fingerartificial gelatin finger
Hand GeometryHand Geometry Hand GeometryHand Geometry is a popular form of biometric: is a popular form of biometric:
– Widely used for authentication but not useful for Widely used for authentication but not useful for identificationidentification
Implementation of Hand Implementation of Hand ScanScan
1.1. Take a picture to capture a Take a picture to capture a silhouette imagesilhouette image
2.2. Top and side views of hand are Top and side views of hand are capturedcaptured
3.3. Measures shape of hand/fingersMeasures shape of hand/fingers– Width, length, curvature, and thicknessWidth, length, curvature, and thickness
Features of Hand Geometry Features of Hand Geometry
Advantages:Advantages:– Ease of useEase of use– Wide public acceptanceWide public acceptance
Disadvantages:Disadvantages:– Hands are not unique Hands are not unique – Not permanent because of growing, injury, and Not permanent because of growing, injury, and
so onso on
Attack:Attack:– Creating the artificial hand is very easyCreating the artificial hand is very easy
Iris ScanIris Scan Iris ScanIris Scan is utilized in highly-secure facilities such as is utilized in highly-secure facilities such as
bank or military bank or military
Implantation:Implantation: Scan eye with infrared rays Scan eye with infrared rays Create the b/w photo of irisCreate the b/w photo of iris Apply 2-D wavelet translationApply 2-D wavelet translation Change the data of iris into 256 bytes iris codeChange the data of iris into 256 bytes iris code Compare the created matching template with enrollment Compare the created matching template with enrollment
template in the database with hamming distancetemplate in the database with hamming distance
Features of Iris Features of Iris Advantages:Advantages:
– Safe because it shows smallest error rate (EER of about Safe because it shows smallest error rate (EER of about 1010--
6) 6) and it is difficult to spoof and it is difficult to spoof – Very unique (more random than fingerprint) and little or no Very unique (more random than fingerprint) and little or no
genetic influence (phenotypic)genetic influence (phenotypic)– Permanent where pattern is stable through lifetime and Permanent where pattern is stable through lifetime and
protected/cleared by cornea and eyelidprotected/cleared by cornea and eyelid– Very quick Very quick
Disadvantages:Disadvantages:– Low Acceptability because some think it is intrusive and Low Acceptability because some think it is intrusive and
invasive invasive
Attack:Attack:– Attacks by using high-quality photo/image have succeededAttacks by using high-quality photo/image have succeeded
Voice RecognitionVoice Recognition
Sometimes called Sometimes called speaker recognitionspeaker recognition Voice Recognition is both a behavioral Voice Recognition is both a behavioral
and a physiologically based methodand a physiologically based method– behavioral: motion of mouse, pronunciationbehavioral: motion of mouse, pronunciation– physiological: vocal tractphysiological: vocal tract
Mostly used for remote authentication Mostly used for remote authentication due to its availably of device to collect due to its availably of device to collect samplesample
– i.e. telephone network, computer microphonei.e. telephone network, computer microphone
Implementation of Voice Implementation of Voice RecognitionRecognition
1.1. Speaker says pass-phrase (fixed) or Speaker says pass-phrase (fixed) or repeats a word (prompted)repeats a word (prompted)
2.2. Components of the voice are broken Components of the voice are broken down into three categories called down into three categories called phonemes:phonemes:─ pitch, intonation, and pronunciationpitch, intonation, and pronunciation─ sometimes more: duration, loudness, sometimes more: duration, loudness,
etc… etc…
3.3. Compare statistically Compare statistically
Features of Voice Features of Voice RecognitionRecognition
Advantages:Advantages:– Can be combined with password-based method (verbal Can be combined with password-based method (verbal
information) by asking/answering question such as “what is information) by asking/answering question such as “what is your name?” or “how old are you?”your name?” or “how old are you?”
– Very quick and easy to collect sample Very quick and easy to collect sample
Disadvantages:Disadvantages:– Not universalNot universal– Not permanent and reliable because it is sensitive to its Not permanent and reliable because it is sensitive to its
background and environment; illness, emotion, aging, device, background and environment; illness, emotion, aging, device, and one’s environment and one’s environment
– Need larger storage for its templateNeed larger storage for its template
Attack:Attack:– Can impersonates an authenticated user’s voiceCan impersonates an authenticated user’s voice– Record and playback the voiceRecord and playback the voice
ConclusionConclusion
The attacker uses very easy and The attacker uses very easy and inexpensive means to crack inexpensive means to crack biometrics systems biometrics systems
No cut off finger or artificial eyes as No cut off finger or artificial eyes as shown Hollywood movieshown Hollywood movie
Templates and bio record databases Templates and bio record databases need the highest possible degree of need the highest possible degree of protection because renewing, protection because renewing, resetting, and/or cancelling them are resetting, and/or cancelling them are impossible impossible
ConclusionConclusion Rapid advances on technology/algorithm as Rapid advances on technology/algorithm as
well as the availability of industry standards well as the availability of industry standards will certainly assure a bright futurewill certainly assure a bright future
High needs for countries worldwide to protect High needs for countries worldwide to protect border, people, organization, and resources border, people, organization, and resources
However, will this be the end of traditional However, will this be the end of traditional system (i.e. password) ?system (i.e. password) ?– No because biometrics is not the perfect solutionNo because biometrics is not the perfect solution– Biometrics shows the tradeoff between ease of Biometrics shows the tradeoff between ease of
use and securityuse and security Therefore, current/future trend of security Therefore, current/future trend of security
features combination of different features combination of different technologies technologies
ReferencesReferences
Anderson R. “Security Engineering.” Anderson R. “Security Engineering.” 2001. 2001.
Biometrics.gov. Biometrics.gov. http://http://www.biometrics.govwww.biometrics.gov//
Boatwright, M. and Luo, X. “What Do Boatwright, M. and Luo, X. “What Do We Know About Biometrics We Know About Biometrics Authentication?” 2007.Authentication?” 2007.
Bubeck, U. and Sanchez, D. Bubeck, U. and Sanchez, D. “Biometrics Authentication” 2003.“Biometrics Authentication” 2003.
Pfleeger, C. and Pfleeger, S. “Security Pfleeger, C. and Pfleeger, S. “Security in Computing.” 2007.in Computing.” 2007.
