Improving Security and Privacy in Biometric Systems

The achievement of perfect security is out of the question. Even if we are not yet aware of them, every security aimed technology has weaknesses which attackers can exploit in order to circumvent the system. We should hence direct our efforts to the development of applications whose security level make it infeasible for computationally bound attackers to break the systems. This Thesis is focused on improving the security and privacy provided by biometric systems. With the increased need for reliable and automatic identity verification, biometrics have emerged in the last decades as a pushing alternative to traditional authentication methods. Certainly, biometrics are very attractive and useful for the general public: forget about PINs and passwords, you are your own key. However, the wide deployment of biometric recognition systems at both large-scale applications (e.g., border management at European level or national ...

Gomez-Barrero, Marta — Universidad Autonoma de Madrid

Privacy Protecting Biometric Authentication Systems

As biometrics gains popularity and proliferates into the daily life, there is an increased concern over the loss of privacy and potential misuse of biometric data held in central repositories. The major concerns are about i) the use of biometrics to track people, ii) non-revocability of biometrics (eg. if a fingerprint is compromised it can not be canceled or reissued), and iii) disclosure of sensitive information such as race, gender and health problems which may be revealed by biometric traits. The straightforward suggestion of keeping the biometric data in a user owned token (eg. smart cards) does not completely solve the problem, since malicious users can claim that their token is broken to avoid biometric verification altogether. Put together, these concerns brought the need for privacy preserving biometric authentication methods in the recent years. In this dissertation, we survey existing ...

Kholmatov, Alisher — Sabanci University

Vulnerabilities and Attack Protection in Security Systems Based on Biometric Recognition

Absolute security does not exist: given funding, willpower and the proper technology, every security system can be compromised. However, the objective of the security community should be to develop such applications that the funding, the will, and the resources needed by the attacker to crack the system prevent him from attempting to do so. This Thesis is focused on the vulnerability assessment of biometric systems. Although being relatively young compared to other mature and long-used security technologies, biometrics have emerged in the last decade as a pushing alternative for applications where automatic recognition of people is needed. Certainly, biometrics are very attractive and useful for the final user: forget about PINs and passwords, you are your own key. However, we cannot forget that as any technology aimed to provide a security service, biometric systems are exposed to external attacks which ...

Javier Galbally — Universidad Autonoma de Madrid


,The term biometrics refers to the technologies that measure and analyze human intrinsic physical or behavioral characteristics for authenticating individuals. Nowadays, biometric technology is increasingly deployed in civil and commercial applications. The growing use of biometrics is raising security and privacy concerns. Storing biometric data, known as biometric templates, in a database leads to several privacy risks such as identity fraud and cross matching. A solution is to apply biometric template protection techniques, which aim to make it impossible to recover the biometric data from the templates. The goal of our research is to combine biometric systems with template protection. Aimed at fingerprint recognition, this thesis introduces the Spectral Minutiae Representation method, which enables the combination of a minutiae-based fingerprint recognition system with template protection schemes based on fuzzy commitment or helper data schemes. In this thesis, three spectral minutiae ...

Xu, Haiyung — University of Twente

Fingerprint Image Processing for Generating Biometric Cryptographic Key

Cryptography and biometrics have been identified as two of the most important aspects of digital security environment. For various types of security problems the merging between cryptography and biometrics has led to the development of Bio crypt technology. The new technology suffers from several limitations and this thesis, addresses the biometric information quality and the security weakness of cryptography. In many applications fingerprint has been chosen as a core of bio crypt combined technology due to it’s maturity in terms of availability, uniqueness, permanence, feasibility, ease of use and acceptance. Fingerprint has been studied from the point of view of information strength to suitability to the cryptographic requirement. The factors relating to generating and constructing combined bio crypt key such as biometric image validity, quality assessment and distinct feature extraction are studied to avoid corruptness of the source biometric images. ...

Al Tarawneh, Mokhled — Newcastle University


The use of biometrics looks promising as it is already being applied in electronic passports, ePassports, on a global scale. Because the biometric data has to be stored as a reference template on either a central or personal storage device, its wide-spread use introduces new security and privacy risks such as (i) identity fraud, (ii) cross-matching, (iii) irrevocability and (iv) leaking sensitive medical information. Mitigating these risks is essential to obtain the acceptance from the subjects of the biometric systems and therefore facilitating the successful implementation on a large-scale basis. A solution to mitigate these risks is to use template protection techniques. The required protection properties of the stored reference template according to ISO guidelines are (i) irreversibility, (ii) renewability and (iii) unlinkability. A known template protection scheme is the helper data system (HDS). The fundamental principle of the HDS ...

Kelkboom, Emile — University of Twente

Adapted Fusion Schemes for Multimodal Biometric Authentication

This Thesis is focused on the combination of multiple biometric traits for automatic person authentication, in what is called a multimodal biometric system. More generally, any type of biometric information can be combined in what is called a multibiometric system. The information sources in multibiometrics include not only multiple biometric traits but also multiple sensors, multiple biometric instances (e.g., different fingers in fingerprint verification), repeated instances, and multiple algorithms. Most of the approaches found in the literature for combining these various information sources are based on the combination of the matching scores provided by individual systems built on the different biometric evidences. The combination schemes following this architecture are typically based on combination rules or trained pattern classifiers, and most of them assume that the score level fusion function is fixed at verification time. This Thesis considers the problem of ...

Fierrez, Julian — Universidad Politecnica de Madrid

Direct Pore-based Identification For Fingerprint Matching Process

Fingerprint, is considered one of the most crucial scientific tools in solving criminal cases. This biometric feature is composed of unique and distinctive patterns found on the fingertips of each individual. With advancing technology and progress in forensic sciences, fingerprint analysis plays a vital role in forensic investigations and the analysis of evidence at crime scenes. The fingerprint patterns of each individual start to develop in early stagesof life and never change thereafter. This fact makes fingerprints an exceptional means of identification. In criminal cases, fingerprint analysis is used to decipher traces, evidence, and clues at crime scenes. These analyses not only provide insights into how a crime was committed but also assist in identifying the culprits or individuals involved. Computer-based fingerprint identification systems yield faster and more accurate results compared to traditional methods, making fingerprint comparisons in large databases ...

Vedat DELICAN, PhD — Istanbul Technical University

Voice biometric system security: Design and analysis of countermeasures for replay attacks

Voice biometric systems use automatic speaker verification (ASV) technology for user authentication. Even if it is among the most convenient means of biometric authentication, the robustness and security of ASV in the face of spoofing attacks (or presentation attacks) is of growing concern and is now well acknowledged by the research community. A spoofing attack involves illegitimate access to personal data of a targeted user. Replay is among the simplest attacks to mount - yet difficult to detect reliably and is the focus of this thesis. This research focuses on the analysis and design of existing and novel countermeasures for replay attack detection in ASV, organised in two major parts. The first part of the thesis investigates existing methods for spoofing detection from several perspectives. I first study the generalisability of hand-crafted features for replay detection that show promising results ...

Bhusan Chettri — Queen Mary University of London

Key Agreement with Physical Unclonable Functions and Biometric Identifiers

This thesis addresses security and privacy problems for digital devices and biometrics, where a secret key is generated for authentication, identification, or secure computa- tions. A physical unclonable function (PUF) is a promising solution for local security in digital devices. A low-complexity transform-coding algorithm is developed to make the information-theoretic analysis tractable and motivate a noisy (hidden) PUF source model. The optimal trade-offs between the secret-key, privacy-leakage, and storage rates for multiple measurements of hidden PUFs are characterized. The first optimal and low- complexity code constructions are proposed. Polar codes are designed to achieve the best known rate tuples. The gains from cost-constrained controllable PUF measurements are illustrated to motivate extensions.

Günlü, Onur — Technical University of Munich

Automatic Person Verification Using Speech and Face Information

Interest in biometric based identification and verification systems has increased considerably over the last decade. As an example, the shortcomings of security systems based on passwords can be addressed through the supplemental use of biometric systems based on speech signals, face images or fingerprints. Biometric recognition can also be applied to other areas, such as passport control (immigration checkpoints), forensic work (to determine whether a biometric sample belongs to a suspect) and law enforcement applications (e.g. surveillance). While biometric systems based on face images and/or speech signals can be useful, their performance can degrade in the presence of challenging conditions. In face based systems this can be in the form of a change in the illumination direction and/or face pose variations. Multi-modal systems use more than one biometric at the same time. This is done for two main reasons -- ...

Conrad Sanderson — Griffith University, Queensland, Australia

Video person recognition strategies using head motion and facial appearance

In this doctoral dissertation, we principally explore the use of the temporal information available in video sequences for person and gender recognition; in particular, we focus on the analysis of head and facial motion, and their potential application as biometric identifiers. We also investigate how to exploit as much video information as possible for the automatic recognition; more precisely, we examine the possibility of integrating the head and mouth motion information with facial appearance into a multimodal biometric system, and we study the extraction of novel spatio-temporal facial features for recognition. We initially present a person recognition system that exploits the unconstrained head motion information, extracted by tracking a few facial landmarks in the image plane. In particular, we detail how each video sequence is firstly pre-processed by semiautomatically detecting the face, and then automatically tracking the facial landmarks over ...

Matta, Federico — Eurécom / Multimedia communications

Privacy protection preserving the utility of visual surveillance

Due to some tragic events such as crime, bank robberies and terrorist attacks, an unparalleled surge in video surveillance cameras has occurred in recent years. In consequence, our daily life is overseen everywhere (e.g. on the street, in stations, in shops and in the workplace). For example, on average, people living in London can be caught on cameras more than 300 times a day. At the same time, automatic processing technology and quality of sensors have advanced significantly, which has even enabled automatic detection, tracking and identification of individuals. With the proliferation of video surveillance systems and the progress in automatic recognition, privacy protection is now becoming a significant concern. Video surveillance is intrusive because it allows the observation of certain information that is considered as private (i.e., identity or some characteristics such as age, race, gender). Nowadays, some processing ...

Ruchaud, Natacha — Eurecom

Decision threshold estimation and model quality evaluation techniques for speaker verification

The number of biometric applications has increased a lot in the last few years. In this context, the automatic person recognition by some physical traits like fingerprints, face, voice or iris, plays an important role. Users demand this type of applications every time more and the technology seems already mature. People look for security, low cost and accuracy but, at the same time, there are many other factors in connection with biometric applications that are growing in importance. Intrusiveness is undoubtedly a burning factor to decide about the biometrics we will used for our application. At this point, one can realize about the suitability of speaker recognition because voice is the natural way of communicating, can be remotely used and provides a low cost. Automatic speaker recognition is commonly used in telephonic applications although it can also be used in ...

Rodriguez Saeta, Javier — Universitat Politecnica de Catalunya

Facial Soft Biometrics: Methods, Applications and Solutions

This dissertation studies soft biometrics traits, their applicability in different security and commercial scenarios, as well as related usability aspects. We place the emphasis on human facial soft biometric traits which constitute the set of physical, adhered or behavioral human characteristics that can partially differentiate, classify and identify humans. Such traits, which include characteristics like age, gender, skin and eye color, the presence of glasses, moustache or beard, inherit several advantages such as ease of acquisition, as well as a natural compatibility with how humans perceive their surroundings. Specifically, soft biometric traits are compatible with the human process of classifying and recalling our environment, a process which involves constructions of hierarchical structures of different refined traits. This thesis explores these traits, and their application in soft biometric systems (SBSs), and specifically focuses on how such systems can achieve different goals ...

Dantcheva, Antitza — EURECOM / Telecom ParisTech

The current layout is optimized for mobile phones. Page previews, thumbnails, and full abstracts will remain hidden until the browser window grows in width.

The current layout is optimized for tablet devices. Page previews and some thumbnails will remain hidden until the browser window grows in width.