Abstract
The traditional approach to evaluating the performance of a behavioral biometric such as handwriting or speech is to conduct a study involving human subjects (naïve and/or skilled “forgers”) and report the system’s False Reject Rate (FRR) and False Accept Rate (FAR). In this paper, we examine a different and perhaps more ominous threat: the possibility that the attacker has access to a generative model for the behavior in question, along with information gleaned about the targeted user, and can employ this in a methodical search of the space of possible inputs to the system in an attempt to break the biometric. We present preliminary experimental results examining the effectiveness of this line of attack against a published technique for constructing a biometric hash based on online handwriting data. Using a concatenative approach followed by a feature space search, our attack succeeded 49% of the time.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Bromme, A., Kronberg, M.: A conceptual framework for testing biometric algorithms within operating systems’ authentication. In: Proceedings of the ACM Symposium on Applied Computing, pp. 273–280 (2002)
Guyon, I.: Handwriting synthesis from handwritten glyphs. In: Proceedings of the Fifth International Workshop on Frontiers in Handwriting Recognition, pp. 140– 153 (1996)
Lindberg, J., Blomberg, M.: Vulnerability in speaker verification – a study of possible technical impostor techniques. In: Eurospeech, pp. 1211–1214 (1999)
Masuko, T., Tokuda, K., Kobayashi, T.: Imposture using synthetic speech against speaker verification based on spectrum and pitch. In: Proceedings of the Sixth International Conference on Spoken Language Processing, vol. 2, pp. 302–305 (2000)
Monrose, F., Reiter, M., Li, Q., Lopresti, D., Shih, C.: Towards speech-generated cryptographic keys on resource-constrained devices. In: Proceedings of the Eleventh USENIX Security Symposium, pp. 283–296 (2002)
Plamondon, R.: A delta-lognormal model for handwriting generation. In: Proceedings of the Seventh Biennal Conference of the International Graphonomics Society, pp. 126–127 (1995)
Vielhauer, C., Steinmetz, R., Mayerhöfer, A.: Transitivity based enrollment strategy for signature verification systems. In: Proceedings of the Sixth International Conference on Document Analysis and Recognition, vol. 2, pp. 1263–1266 (2001)
Vielhauer, C., Steinmetz, R., Mayerhofer, A.: Biometric hash based on statistical features of online signatures. In: Proceedings of the Sixteenth International Conference on Pattern Recognition, vol. 1, pp. 123–126 (2002)
Vielhauer, C., Zöbisch, F.: A test tool to support brute-force online and offline signature forgery tests on mobile devices. In: Proceedings of the International Conference on Multimedia and Expo, vol. 3, pp. 225–228 (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Lopresti, D.P., Raim, J.D. (2005). The Effectiveness of Generative Attacks on an Online Handwriting Biometric. In: Kanade, T., Jain, A., Ratha, N.K. (eds) Audio- and Video-Based Biometric Person Authentication. AVBPA 2005. Lecture Notes in Computer Science, vol 3546. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11527923_113
Download citation
DOI: https://doi.org/10.1007/11527923_113
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-27887-0
Online ISBN: 978-3-540-31638-1
eBook Packages: Computer ScienceComputer Science (R0)