Poisoning adaptive biometric systems

Authors:
Battista Biggio;Giorgio Fumera;Fabio Roli;Luca Didaci
Affiliations:
Department of Electrical and Electronic Engineering, University of Cagliari, Cagliari, Italy;Department of Electrical and Electronic Engineering, University of Cagliari, Cagliari, Italy;Department of Electrical and Electronic Engineering, University of Cagliari, Cagliari, Italy;Department of Electrical and Electronic Engineering, University of Cagliari, Cagliari, Italy
Venue:
SSPR'12/SPR'12 Proceedings of the 2012 Joint IAPR international conference on Structural, Syntactic, and Statistical Pattern Recognition
Year:
2012

Citing 6
Cited 0

Online Fingerprint Template Improvement

IEEE Transactions on Pattern Analysis and Machine Intelligence
Can machine learning be secure?

ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
Template Adaptation based Fingerprint Verification

ICPR '06 Proceedings of the 18th International Conference on Pattern Recognition - Volume 04
Eigenfaces for recognition

Journal of Cognitive Neuroscience
Machine learning in adversarial environments

Machine Learning
Semi-supervised PCA-Based face recognition using self-training

SSPR'06/SPR'06 Proceedings of the 2006 joint IAPR international conference on Structural, Syntactic, and Statistical Pattern Recognition

Quantified Score

Hi-index	0.00

Visualization

Abstract

Adaptive biometric recognition systems have been proposed to deal with natural changes of the clients' biometric traits due to multiple factors, like aging. However, their adaptability to changes may be exploited by an attacker to compromise the stored templates, either to impersonate a specific client, or to deny access to him. In this paper we show how a carefully designed attack may gradually poison the template gallery of some users, and successfully mislead a simple PCA-based face verification system that performs self-update.