Wolf Attack Probability: A New Security Measure in Biometric Authentication Systems
This paper will propose a wolf attack probability (WAP) as a new measure for evaluating security of biometric authentication systems. The wolf attack is an attempt to impersonate a victim by feeding “wolves” into the system to be attacked. The “wolf” means an input value which can be falsely accepted as a match with multiple templates. WAP is defined as a maximum success probability of the wolf attack with one wolf sample. In this paper, we give a rigorous definition of the new security measure which gives strengh estimation of an individual biometric authentication system against impersonation attacks. We show that if one reestimates using our WAP measure, a typical fingerprint algorithm is turned out to be much weaker than theoretically estimated by Ratha et al. Moreover, we apply the wolf attack to a finger-vein-pattern matching algorithm. Surprisingly, we show that there exists an extremely strong wolf which falsely matches all templates for any threshold values.
KeywordsSecurity Level Security Measure Speaker Recognition Impersonation Attack False Acceptance Rate
- 1.International Organization for Standardization (ISO), International Electrotechnical Commission (IEC): ISO/IEC CD 19792: Information technology – Security techniques – Security evaluation of biometrics (2006)Google Scholar
- 2.Matsumoto, T., Matsumoto, H., Yamada, K., Hoshino, S.: Impact of Artificial ’Gummy’ Fingers on Fingerprint Systems. In: Optical Security and Counterfeit Deterrence Techniques IV, Proc. SPIE, vol. 4677, pp. 275–289 (2002)Google Scholar
- 4.Miura, N., Nagasaka, A., Miyatake, M.: Feature Extraction of Finger Vein Patterns Based on Iterative Line Tracking and its Application to Personal Identification. IEICE Trans. Inf. & Syst (Japanese edn.) J-86-D-II, 678–687 (2003)Google Scholar
- 5.Doddington, G., Liggett, W., Martin, A., Przybocki, M., Reynolds, D.: SHEEP, GOATS, LAMBS and WOLVES: A Statistical Analysis of Speaker Performance in the NIST 1998 Speaker Recognition Evaluation. In: Proc. ICSLP, vol. 98, pp. 1351–1354 (1998)Google Scholar