Title: A taxonomy of biometric system vulnerabilities and defences

Authors: Yogendra Narain Singh; Sanjay Kumar Singh

Addresses: Department of Computer Science and Engineering, Institute of Engineering and Technology, Gautam Buddh Technical University, Lucknow – 226 021, India ' Department of Computer Engineering, Indian Institute of Technology (BHU), Varanasi – 221 005, India

Abstract: The interest in biometric technology is received much attention in the recent years. However, the security issue still persists the main challenge for the reliable functioning of biometric-based authentication systems. Much has been reported on the vulnerabilities of biometric systems that breach the security and user privacy. We present a high-level classification of biometric system vulnerabilities and discuss the defence techniques of these vulnerabilities. We present a multidimensional threat environment of the biometric systems that includes faults, failures and security attacks. A framework of biometric security attacks on man-machine model is presented and the system vulnerabilities are represented using Ishikawa's diagram. The provable defence techniques such as biometric vitality detection and biometric template protection are critically evaluated, in particular, a classification of current state-of-the-art of vitality detection techniques of commonly used biometrics is proposed. Our main contributions include: (1) propose a taxonomy of biometric system vulnerabilities; (2) present a framework of biometric security attacks using man-machine model; (3) representation of vulnerabilities using Ishikawa's diagram; (4) an evaluation of defence techniques of these vulnerabilities.

Keywords: biometrics; authentication; vulnerabilities; vitality measures; template protection; security; defences.

DOI: 10.1504/IJBM.2013.052964

International Journal of Biometrics, 2013 Vol.5 No.2, pp.137 - 159

Received: 23 Dec 2011
Accepted: 25 Jul 2012

Published online: 14 Feb 2013 *

Full-text access for editors Access for subscribers Purchase this article Comment on this article