Title: A taxonomy of biometric system vulnerabilities and defences
Authors: Yogendra Narain Singh; Sanjay Kumar Singh
Addresses: Department of Computer Science and Engineering, Institute of Engineering and Technology, Gautam Buddh Technical University, Lucknow – 226 021, India ' Department of Computer Engineering, Indian Institute of Technology (BHU), Varanasi – 221 005, India
Abstract: The interest in biometric technology is received much attention in the recent years. However, the security issue still persists the main challenge for the reliable functioning of biometric-based authentication systems. Much has been reported on the vulnerabilities of biometric systems that breach the security and user privacy. We present a high-level classification of biometric system vulnerabilities and discuss the defence techniques of these vulnerabilities. We present a multidimensional threat environment of the biometric systems that includes faults, failures and security attacks. A framework of biometric security attacks on man-machine model is presented and the system vulnerabilities are represented using Ishikawa's diagram. The provable defence techniques such as biometric vitality detection and biometric template protection are critically evaluated, in particular, a classification of current state-of-the-art of vitality detection techniques of commonly used biometrics is proposed. Our main contributions include: (1) propose a taxonomy of biometric system vulnerabilities; (2) present a framework of biometric security attacks using man-machine model; (3) representation of vulnerabilities using Ishikawa's diagram; (4) an evaluation of defence techniques of these vulnerabilities.
Keywords: biometrics; authentication; vulnerabilities; vitality measures; template protection; security; defences.
International Journal of Biometrics, 2013 Vol.5 No.2, pp.137 - 159
Received: 23 Dec 2011
Accepted: 25 Jul 2012
Published online: 28 Feb 2014 *