The achievement of perfect security is out of the question. Even if we are not yet aware of them, every security aimed technology has weaknesses which attackers can exploit in order to circumvent the system. We should hence direct our efforts to the development of applications whose security level make it infeasible for computationally bound attackers to break the systems. This Thesis is focused on improving the security and privacy provided by biometric systems. With the increased need for reliable and automatic identity verification, biometrics have emerged in the last decades as a pushing alternative to traditional authentication methods. Certainly, biometrics are very attractive and useful for the general public: forget about PINs and passwords, you are your own key. However, the wide deployment of biometric recognition systems at both large-scale applications (e.g., border management at European level or national ...

This thesis has two main parts. The first part deals with security and privacy analysis of biometric hashing. The second part introduces a method for fixed-length feature vector extraction and hash generation from fingerprint minutiae. The upsurge of interest in biometric systems has led to development of biometric template protection methods in order to overcome security and privacy problems. Biometric hashing produces a secure binary template by combining a personal secret key and the biometric of a person, which leads to a two factor authentication method. This dissertation analyzes biometric hashing both from a theoretical point of view and in regards to its practical application. For theoretical evaluation of biohashes, a systematic approach which uses estimated entropy based on degree of freedom of a binomial distribution is outlined. In addition, novel practical security and privacy attacks against face image hashing ...

As biometrics gains popularity and proliferates into the daily life, there is an increased concern over the loss of privacy and potential misuse of biometric data held in central repositories. The major concerns are about i) the use of biometrics to track people, ii) non-revocability of biometrics (eg. if a fingerprint is compromised it can not be canceled or reissued), and iii) disclosure of sensitive information such as race, gender and health problems which may be revealed by biometric traits. The straightforward suggestion of keeping the biometric data in a user owned token (eg. smart cards) does not completely solve the problem, since malicious users can claim that their token is broken to avoid biometric verification altogether. Put together, these concerns brought the need for privacy preserving biometric authentication methods in the recent years. In this dissertation, we survey existing ...

Human recognition has become an important topic as the need and investments for security applications grow continuously. Biometrics enable reliable and efficient identity management systems by using physical and behavioral characteristics of the subjects that are permanent, universal and easy to access. This is why, the topic of biometrics attracts higher attention today. Numerous biometric systems exist which utilize various human characteristics. Among all biometrics traits, face recognition is advantageous in terms of accessibility and reliability. It allows identification at relatively high distances for unaware subjects that do not have to cooperate. In this dissertation, two challenges in face recognition are analyzed. The first one is face spoofing. Initially, spoofing in face recognition is explained together with the countermeasure techniques that are proposed for the protection of face recognition systems against spoofing attacks. The second challenge explored in this thesis ...

This Thesis is focused on the quality assessment of biometric signals and its application to multimodal biometric systems. Since the establishment of biometrics as an specific research area in late 90s, the biometric community has focused its efforts in the development of accurate recognition algorithms and nowadays, biometric recognition is a mature technology that is used in many applications. However, we can notice recent studies that demonstrate how performance of biometric systems is heavily affected by the quality of biometric signals. Quality measurement has emerged in the biometric community as an important concern after the poor performance observed in biometric systems on certain pathological samples. We first summarize the state-of-the-art in the biometric quality problem. We present the factors influencing biometric quality, which mainly have to do with four issues: the individual itself, the sensor used in the acquisition, the ...

,The term biometrics refers to the technologies that measure and analyze human intrinsic physical or behavioral characteristics for authenticating individuals. Nowadays, biometric technology is increasingly deployed in civil and commercial applications. The growing use of biometrics is raising security and privacy concerns. Storing biometric data, known as biometric templates, in a database leads to several privacy risks such as identity fraud and cross matching. A solution is to apply biometric template protection techniques, which aim to make it impossible to recover the biometric data from the templates. The goal of our research is to combine biometric systems with template protection. Aimed at fingerprint recognition, this thesis introduces the Spectral Minutiae Representation method, which enables the combination of a minutiae-based fingerprint recognition system with template protection schemes based on fuzzy commitment or helper data schemes. In this thesis, three spectral minutiae ...

Cryptography and biometrics have been identified as two of the most important aspects of digital security environment. For various types of security problems the merging between cryptography and biometrics has led to the development of Bio crypt technology. The new technology suffers from several limitations and this thesis, addresses the biometric information quality and the security weakness of cryptography. In many applications fingerprint has been chosen as a core of bio crypt combined technology due to it’s maturity in terms of availability, uniqueness, permanence, feasibility, ease of use and acceptance. Fingerprint has been studied from the point of view of information strength to suitability to the cryptographic requirement. The factors relating to generating and constructing combined bio crypt key such as biometric image validity, quality assessment and distinct feature extraction are studied to avoid corruptness of the source biometric images. ...

Voice biometric systems use automatic speaker verification (ASV) technology for user authentication. Even if it is among the most convenient means of biometric authentication, the robustness and security of ASV in the face of spoofing attacks (or presentation attacks) is of growing concern and is now well acknowledged by the research community. A spoofing attack involves illegitimate access to personal data of a targeted user. Replay is among the simplest attacks to mount - yet difficult to detect reliably and is the focus of this thesis. This research focuses on the analysis and design of existing and novel countermeasures for replay attack detection in ASV, organised in two major parts. The first part of the thesis investigates existing methods for spoofing detection from several perspectives. I first study the generalisability of hand-crafted features for replay detection that show promising results ...

This Thesis is focused on the combination of multiple biometric traits for automatic person authentication, in what is called a multimodal biometric system. More generally, any type of biometric information can be combined in what is called a multibiometric system. The information sources in multibiometrics include not only multiple biometric traits but also multiple sensors, multiple biometric instances (e.g., different fingers in fingerprint verification), repeated instances, and multiple algorithms. Most of the approaches found in the literature for combining these various information sources are based on the combination of the matching scores provided by individual systems built on the different biometric evidences. The combination schemes following this architecture are typically based on combination rules or trained pattern classifiers, and most of them assume that the score level fusion function is fixed at verification time. This Thesis considers the problem of ...

Fingerprint, is considered one of the most crucial scientific tools in solving criminal cases. This biometric feature is composed of unique and distinctive patterns found on the fingertips of each individual. With advancing technology and progress in forensic sciences, fingerprint analysis plays a vital role in forensic investigations and the analysis of evidence at crime scenes. The fingerprint patterns of each individual start to develop in early stagesof life and never change thereafter. This fact makes fingerprints an exceptional means of identification. In criminal cases, fingerprint analysis is used to decipher traces, evidence, and clues at crime scenes. These analyses not only provide insights into how a crime was committed but also assist in identifying the culprits or individuals involved. Computer-based fingerprint identification systems yield faster and more accurate results compared to traditional methods, making fingerprint comparisons in large databases ...

This Thesis is focused on dealing with the variability factors in biometric recognition and applications of biometrics at a distance. In particular, this PhD Thesis explores the problem of variability factors assessment and how to deal with them by the incorporation of soft biometrics information in order to improve person recognition systems working at a distance. The proposed methods supported by experimental results show the benefits of adapting the system considering the variability of the sample at hand. Although being relatively young compared to other mature and long-used security technologies, biometrics have emerged in the last decade as a pushing alternative for applications where automatic recognition of people is needed. Certainly, biometrics are very attractive and useful for video surveillance systems at a distance, widely distributed in our lifes, and for the final user: forget about PINs and passwords, you ...

Automatic speaker recognition is the use of a machine to identify an individual from a spoken sentence. Recently, this technology has been undergone an increasing use in applications such as access control, transaction authentication, law enforcement, forensics, and system customisation, among others. One of the central questions addressed by this field is what is it in the speech signal that conveys speaker identity. Traditionally, automatic speaker recognition systems have relied mostly on short-term features related to the spectrum of the voice. However, human speaker recognition relies on other sources of information; therefore, there is reason to believe that these sources can play also an important role in the automatic speaker recognition task, adding complementary knowledge to the traditional spectrum-based recognition systems and thus improving their accuracy. The main objective of this thesis is to add prosodic information to a traditional ...

The proliferation of handheld devices such as smartphones and tablets brings a new scenario for biometric authentication, and in particular to automatic signature verification. Research on signature verification has been traditionally carried out using signatures acquired on digitizing tablets or Tablet-PCs. This PhD Thesis addresses the problem of user authentication on handled devices using handwritten signatures and graphical passwords based on free-form doodles, as well as the effects of biometric aging on signatures. The Thesis pretends to analyze: (i) which are the effects of mobile conditions on signature and doodle verification, (ii) which are the most distinctive features in mobile conditions, extracted from the pen or fingertip trajectory, (iii) how do different similarity computation (i.e. matching) algorithms behave with signatures and graphical passwords captured on mobile conditions, and (iv) what is the impact of aging on signature features and verification ...

Ten years after its infancy, digital watermarking is still considered as a young technology. Despite the fact that it has been introduced for security-related applications such as copyright protection, almost no study has been conducted to assert the survival of embedded watermarks in a hostile environment. In this thesis, it will be shown that this lack of evaluation has led to critical security pitfalls against statistical analysis, also referred to as collusion attacks. Such attacks typically consider several watermarked documents and combine them to produce unwatermarked content. This threat is all the more relevant when digital video is considered since each individual video frame can be regarded as a single watermarked document by itself. Next, several countermeasures are introduced to combat the highlighted weaknesses. In particular, motion compensated watermarking and signal coherent watermarking will be investigated to produce watermarks which ...

The use of biometrics looks promising as it is already being applied in electronic passports, ePassports, on a global scale. Because the biometric data has to be stored as a reference template on either a central or personal storage device, its wide-spread use introduces new security and privacy risks such as (i) identity fraud, (ii) cross-matching, (iii) irrevocability and (iv) leaking sensitive medical information. Mitigating these risks is essential to obtain the acceptance from the subjects of the biometric systems and therefore facilitating the successful implementation on a large-scale basis. A solution to mitigate these risks is to use template protection techniques. The required protection properties of the stored reference template according to ISO guidelines are (i) irreversibility, (ii) renewability and (iii) unlinkability. A known template protection scheme is the helper data system (HDS). The fundamental principle of the HDS ...