Wolf Attack Probability: A New Security Measure in Biometric Authentication Systems
This paper will propose a wolf attack probability (WAP) as a new measure for evaluating security of biometric authentication systems. The wolf attack is an attempt to impersonate a victim by feeding “wolves” into the system to be attacked. The “wolf” means an input value which can be falsely accepted as a match with multiple templates. WAP is defined as a maximum success probability of the wolf attack with one wolf sample. In this paper, we give a rigorous definition of the new security measure which gives strengh estimation of an individual biometric authentication system against impersonation attacks. We show that if one reestimates using our WAP measure, a typical fingerprint algorithm is turned out to be much weaker than theoretically estimated by Ratha et al. Moreover, we apply the wolf attack to a finger-vein-pattern matching algorithm. Surprisingly, we show that there exists an extremely strong wolf which falsely matches all templates for any threshold values.
Unable to display preview. Download preview PDF.
- 1.International Organization for Standardization (ISO), International Electrotechnical Commission (IEC): ISO/IEC CD 19792: Information technology – Security techniques – Security evaluation of biometrics (2006)Google Scholar
- 2.Matsumoto, T., Matsumoto, H., Yamada, K., Hoshino, S.: Impact of Artificial ’Gummy’ Fingers on Fingerprint Systems. In: Optical Security and Counterfeit Deterrence Techniques IV, Proc. SPIE, vol. 4677, pp. 275–289 (2002)Google Scholar
- 4.Miura, N., Nagasaka, A., Miyatake, M.: Feature Extraction of Finger Vein Patterns Based on Iterative Line Tracking and its Application to Personal Identification. IEICE Trans. Inf. & Syst (Japanese edn.) J-86-D-II, 678–687 (2003)Google Scholar
- 5.Doddington, G., Liggett, W., Martin, A., Przybocki, M., Reynolds, D.: SHEEP, GOATS, LAMBS and WOLVES: A Statistical Analysis of Speaker Performance in the NIST 1998 Speaker Recognition Evaluation. In: Proc. ICSLP, vol. 98, pp. 1351–1354 (1998)Google Scholar