Wolf Attack Probability: A New Security Measure in Biometric Authentication Systems

Abstract: Abstract. This paper will propose a wolf attack probability (W AP ) as a new measure for evaluating security of biometric authentication systems. The wolf attack is an attempt to impersonate a victim by feeding "wolves" into the system to be attacked. The "wolf" means an input value which can be falsely accepted as a match with multiple templates. W AP is defined as a maximum success probability of the wolf attack with one wolf sample. In this paper, we give a rigorous definition of the new security measure wh… Show more

“…There are two differences between the above definition and the original definition in Une et al's papers [22] and [23].…”

“…However, in the real world, this assumption is unreasonable, and we should consider more skillful attacker. In the next section, we will introduce a theory on wolf attack, an intentional impersonation attack stronger than zero-effort attack, proposed by Une, Otsuka, Imai [22], [23].…”

“…First, Une et al [22] and [23] define a wolf as a sample. In this paper, we define a wolf as an object of A, in order to precisely formulate wolf attack probability (WAP) by using the distribution X w of feature data generated from the wolf w (cf.…”

“…However, if the attacker has some information about algorithms used in the system, he might be able to find a strange object which shows high similarity to many templates and, by presenting such a fake object * * , successfully impersonate a user with extremely higher probability than FAR. Une, Otsuka, Imai [22], [23] formulated such a stronger impersonation attack (called wolf attack) and defined a security metric (called wolf attack probability, WAP) to be the upper bound of the success probability of wolf attack (see Definition 1, 2, 3). They suggested that WAP can be used as a security measure to evaluate the lower bound of a security level in a biometric authentication system.…”

“…However, when the attacker has some information about algorithms in the biometric authentication system, he might be able to find a "strange" sample (called a wolf ) which shows high similarity to many templates and attempt to impersonate a user by presenting a wolf. Une, Otsuka, Imai [22], [23] formulated such a stronger impersonation attack (called it wolf attack), defined a new security metric (called wolf attack probability, WAP), and showed that WAP is extremely higher than FAR in a fingerprint-minutiae matching algorithm proposed by Ratha et al [19] and in a finger-vein-patterns matching algorithm proposed by Miura et al [15]. Previously, we constructed secure matching algorithms based on a feature-dependent threshold approach [8] and showed that if the score distribution is perfectly estimated for each input feature data, then the proposed algorithms can lower WAP to a small value almost the same as FAR.…”

A Theoretical Framework for Constructing Matching Algorithms Secure against Wolf Attack

“…There are two differences between the above definition and the original definition in Une et al's papers [22] and [23].…”

“…However, in the real world, this assumption is unreasonable, and we should consider more skillful attacker. In the next section, we will introduce a theory on wolf attack, an intentional impersonation attack stronger than zero-effort attack, proposed by Une, Otsuka, Imai [22], [23].…”

“…First, Une et al [22] and [23] define a wolf as a sample. In this paper, we define a wolf as an object of A, in order to precisely formulate wolf attack probability (WAP) by using the distribution X w of feature data generated from the wolf w (cf.…”

“…However, if the attacker has some information about algorithms used in the system, he might be able to find a strange object which shows high similarity to many templates and, by presenting such a fake object * * , successfully impersonate a user with extremely higher probability than FAR. Une, Otsuka, Imai [22], [23] formulated such a stronger impersonation attack (called wolf attack) and defined a security metric (called wolf attack probability, WAP) to be the upper bound of the success probability of wolf attack (see Definition 1, 2, 3). They suggested that WAP can be used as a security measure to evaluate the lower bound of a security level in a biometric authentication system.…”

“…However, when the attacker has some information about algorithms in the biometric authentication system, he might be able to find a "strange" sample (called a wolf ) which shows high similarity to many templates and attempt to impersonate a user by presenting a wolf. Une, Otsuka, Imai [22], [23] formulated such a stronger impersonation attack (called it wolf attack), defined a new security metric (called wolf attack probability, WAP), and showed that WAP is extremely higher than FAR in a fingerprint-minutiae matching algorithm proposed by Ratha et al [19] and in a finger-vein-patterns matching algorithm proposed by Miura et al [15]. Previously, we constructed secure matching algorithms based on a feature-dependent threshold approach [8] and showed that if the score distribution is perfectly estimated for each input feature data, then the proposed algorithms can lower WAP to a small value almost the same as FAR.…”

A Theoretical Framework for Constructing Matching Algorithms Secure against Wolf Attack

Fog Computing Application for Biometric-Based Secure Access to Healthcare Data

Enhancing Security in IoT Instruments Using Artificial Intelligence