Poisoning attacks to compromise face templates

TitlePoisoning attacks to compromise face templates
Publication TypeConference Paper
Year of Publication2013
AuthorsBiggio, B, Didaci, L, Fumera, G, Roli, F
Conference Name6th IAPR Int'l Conf. on Biometrics (ICB)
Date Published06/2013
Conference LocationMadrid, Spain

Adaptive biometric systems update clients’ templates during operation to account for natural changes over time (e.g., aging of biometric templates). Recently, it has been shown that this update can be exploited by an attacker to compromise the clients’ templates: by presenting a proper sequence of fake biometric traits to the sensor, the attacker may eventually impersonate the targeted clients without any fake trait, and even force the system to deny access to them. This attack has however been shown only for PCA-based face verification, with one template per client, under worst-case assumptions about the attacker’s knowledge of the system. In this paper, we show that it can be successful even in the case of multiple templates per client, for different matchers, and under more realistic scenarios, and validate it by experiments to highlight its practical relevance.

Citation Keybiggio13-icb
biggio-ICB2013.pdf844.61 KB