| Home | Research | Faculty | Students | Facilities | Contact | Links |
| Research Areas | |
| Liveness detection in biometric devices | |
| Other biometric research | |
| Life-threatening events in infants | |
| Implantable defibrillators | |
| Heart disease | |
| Funding | |
| Publications | |
| Spoofing and Liveness Dectection - Brief Background |
| Biometric devices, such as fingerprint, face, iris, voice, and handprint
recognition, have been suggested for use in applications from access
to personal computers, automated teller machines, credit card transactions,
electronic transactions to access control for airports, nuclear facilities,
and border control. Given this diverse array of potential applications,
biometric devices have the potential to provide additional security
over traditional security means such as passwords, keys, signatures,
picture identification, etc. While biometrics may improve security,
biometric systems also have vulnerabilities. System vulnerabilities
include attacks at the biometric sensor level, replay attacks on the
data communication stream, and attacks on the database, among others
[1]. Two recent highly publicized articles drew attention to the spoofing vulnerabilities of biometric devices [2, 3]. Other articles addressing spoofing include [4, 5]. The first is a group from Yokohama National University in Japan. Matsumoto and colleagues developed a method to spoof fingerprint devices [2] making a mold from plastic, originating from both a live finger and a latent fingerprint. Artificial fingers were then created from the casts using gelatin, commonly used for confectionary, where the resultant casts were termed “gummy fingers”. Secondly, Lisa Thalheim and Jan Krissler for c’t magazine [3], while in a less rigorous fashion, demonstrated the vulnerability of a variety of biometric technologies through simple techniques for fingerprint spoofing such as (1) by breathing on the fingerprint scanner to reactivate the latent fingerprint, (2) by using a bag of water on top of the latent fingerprint, (3) by dusting the latent fingerprint using graphite powder, stretching adhesive film over it and applying pressure, and (4) by using wax casts and silicon molds. For facial and iris recognition, use of high-resolution still images and/or video were able to fool the systems. One choice for anti-spoofing protection is something called liveness detection. Even though biometric devices use physiologic information for identification/verification purposes, these measurements rarely indicate liveness. The goal of liveness testing is to determine if the biometric being captured is an actual measurement from the authorized, live person who is present at the time of capture. Two overviews of liveness tests are given in [6, 7]. Liveness methods range from medical-based measurements like pulse oximetry and electrocardiogram [8-11] to lip reading [12]. This is a summary of an overview article on spoofing and liveness [7]. |
| 1. NK Ratha, “Enhancing Security and Privacy in Biometrics-Based
Authentication Systems,” IBM Systems Journal, v 40, n 3, 2001,
p 614-634. 2. T Matsumoto, H. Matsumoto, K. Yamada, S. Hoshino, “Impact of Artificial ‘Gummy’ Fingers on Fingerprint Systems”, Proceedings of SPIE, vol. 4677, January, 2002 3. L Thalheim, J Krissler, “Body Check: Biometric Access Protection Devices and their Programs Put to the Test”, c’t magazine, November 2002. 4. D Willis, M Lee, “Biometrics Under Our Thumb”, Network Computing, June 1, 1998. 5. T van der Putte, J Keuning, “Biometrical Fingerprint Recognition: Don’t Get Your Fingers Burned,” Proceedings of the Fourth Working Conference on Smart Card Research and Advanced Applications, Kluwer Academic Publishers, 2000, pp. 289-303. 6. Valorie Valencia, Chapter 8, "Biometric Liveness Testing," in Biometrics, editors: John D. Woodward, Jr., Nicholas M. Orlans, Peter T. Higgins, Osborne McGraw Hill, New York, 2002. 7. 3. Schuckers SAC, Spoofing and Anti-Spoofing Measures, Information Security Technical Report, Vol. 7, No. 4, pages 56 – 62, 2002. 8. L Biel, O Pettersson, L Philipson, P Wide, “ECG analysis: A new approach in human identification,” IEEE Transactions on Instrumentation and Measurement, v 50, n 3, June , 2001, p 808-812. 9. D Osten, HM Carim, MR Arneson, BL Blan, “Biometric, Personal Authentication System”, Minnesota Mining and Manufacturing Company, US Patent #5,719,950, February 17, 1998. 10. P Lapsley, JA Less, DF Pare, Jr., N Hoffman, “Anti-Fraud Biometric Sensor that Accurately Detects Blood Flow”, SmartTouch, LLC, US Patent #5,737,439, April 7, 1998. 11. Kallo, I Kiss, A Podmaniczky, J Talosi, “Detector for recognizing the living character of a finger in a fingerprint recognizing apparatus”, Dermo Corporation, Ltd. US Patent #6,175,64, January 16,2001. 12. CC Broun, X Zhang, RM Mersereau and MA Clements, “Automatic Speechreading with Application to Speaker Verification,” Proceedings of ICASSP, May 13-17 2002, Orlando, FL, p I/685-I/688. |
Site designed by Aliki Cooper Web Design