A Survey in Presentation Attack and Presentation Attack Detection
Summary (7 min read)
- This is for you, Dad. IV Acknowledgements.
- The state-of-the-art languages do not have the capacity to put my gratitude into a form of written speech for those who supported me to achieving this thesis.
- Nevertheless, I still feel the necessity of not skipping this page.
- Anas Husseis, Judith Liu-Jimenez, Ines Goicoechea-Telleria, Raul Sanchez-Reillo, “Dynamic Fingerprint Statistics: Application in Presentation Attack Detection” in IEEE Access, 2018.
- Experimental planning, collecting data, performing the experiment, reporting results, and writing the paper, also known as o Published o Role.
- Anas Husseis, Judith Liu-Jimenez, Raul Sanchez-Reillo, “Fingerprint Presentation Attack Detection Utilizing Spatio-Temporal Feature”.
- O Submitted to Sensors (under review) o Role: performing the experiment, reporting results, and writing the paper.
- Chapter 5. Anas Husseis, Judith Liu-Jimenez, Raul Sanchez-Reillo, “The Impact of Pressure on the Fingerprint Impression: Presentation Attack Detection Scheme”.
- The different subsystems within the biometric system are connected through multiple communication channels, points 2, 4, 6, and 8, which transmit the signal/s from one subsystem to the next.
- The attacker seeks to modify the transmitted signal with the 11 objective of manipulating the recognition decision.
- Thus, biometric systems are designed in a fashion that secures the data during transmission to avoid potential attacks.
- The biometric system includes a sequence of subsystems that perform the different tasks of biometric recognition .
- These subsystems can be targeted by the attacker seeking to manipulate the recognition process as follows: a) Data Capture Subsystem: Besides the presentation attack, the biometric sensor, point 1, is subject to indirect attacks.
- The feature extractor might be replaced to perform a hell climbing attack.
- The matching process compares the captured sample with a stored template in the database.
- The integrity of the authorized administrator/s on controlling: the decision thresholds, the quality check criteria, and the enrollment process, reflects the integrity of the overall system.
ATTACK DETECTION TAXONOMIES
- Each biometric system utilizes a specific physiological and/or behavioral characteristic for the recognition process.
- Additionally, each biometric modality has different types of sensors that vary with other technologies in terms of data acquisition methods.
- This variety inquires the attacker to perform the presentation attack using a specific Presentation Attack Instrument (PAI) species that is adjusted to the target biometric system.
- The next subsections propose general taxonomies for presentation attack and presentation attack detection.
- On the contrary, the vascular pattern needs to be captured directly from the bona fide subject using an infrared imaging capture device, as the pattern is not exposed either leaves traces.
- As stated in the previous section, many investigations are being undertaken in order to study presentation attacks seeking to propose detection mechanisms to eliminate or mitigate those attacks.
- There is a vast amount of literature on presentation attack and presentation attack detection evaluations, which the authors introduce in this section and link those investigations to the proposed taxonomy.
- The PAD mechanisms in this class are basically developed to investigate the influence of the natural biometric phenomena on the acquired presentation.
- Table 2.6 lists the proposed PAD mechanisms that consider natural phenomena as distinguishing basis to address the issue of PA.
- 22 As stated in Section 2, this category includes the mechanisms that exploit secondary information that distinguishes genuine presentations from attacks.
- Performance evaluation of a PAD mechanism is essential to characterize its technical capabilities such as security and ease-of-use.
- Essentially, PAD evaluation determines the technical competence of a PAD mechanism considering specific attack potential.
- Figure 3.1 illustrates the corresponding reference at each part of the proposed methodology.
- This chapter provides the required framework to perform the evaluations, details the data collection process, and provides a vulnerability assessment for the Target of Evaluation (ToE).
- Class of presentation attack instruments created using a standard production method and based on different biometric characteristics, also known as PAI species.
- The biometric system is a combination of multiple subsystems that work jointly to provide the final recognition score/decision including the PAD result.
- Thus, PAD evaluations shall completely describe the ToE, i.e. system or subsystem that is the subject of evaluation, including the details of PAD implementation and the evaluator’s attributes.
- The evaluator would have access to the capture decision and might obtain further details depending on the acquisition tool provided by the manufacturer.
- In addition to the vulnerability analysis, 28 vulnerability assessment analyzes the attack potential by exploring different factors that affect the potential of attacks.
188.8.131.52.1 Reporting BPCER at Fixed APCER Value
- This allows determining the ease-of-use measures at certain levels of security making the comparison between different mechanisms more evident and accurate.
- BPCER can be computed when APCER=5% and then reported as BPCER20.
- The opposite is also valid where APCER can be calculated at fixed levels of BPCER.
184.108.40.206.2 Detection Error Tradeoff (DET) Curve
- The DET curve  is a graphical representation for APCER versus BPCER.
- This representation describes the trade-off between security and ease-of-use, and helps to define a decision threshold that suits the security/ease-of-use requirements.
220.127.116.11.3 Tradeoff Equal Error Rate (TEER)
- The conventional EER measure has been used in the evaluations of biometric systems performance.
- The usage of TEER is not recommended since it reports the accuracy of different mechanisms at different levels of security/ ease-of-use.
- As stated in Chapter 1, this thesis was undertaken in order to investigate the dynamic fingerprint characteristics as the PAD features.
- For the initiation of PAD testing process, the primary step is to define the test target including the biometric modality, sensing technology, operational scenarios, and the ToE.
- Afterward, the required data to perform the testing should be determined.
- Eleven capture subjects, four females and seven males, have participated in the data collection.
- Each subject donated his/her biometric samples from 6 fingers: thumb, index, and middle of both hands.
- Initially, the participants were given a brief overview of the typical use cases of fingerprint sensors.
- They then were asked to present their fingerprints to the sensors, knowing that each sensor acquires the complete placement over its surface as a video.
- The presentations were collected assuming two different operational scenarios: (1) ordinary presentations and (2) presentations with additional pressure on the sensor’s surface.
- Two sensing technologies with different capabilities are utilized to collect the data.
- The sensors produce different characteristics for the captured videos due to their distinctions in Table 3.4.
- The attacker has extensive knowledge about fingerprint sensors, fingerprint security, and presentation attacks.
- The attacker has participated in an experiment to attack fingerprint sensors in mobile devices .
- Moreover, the attacker had tested different PAI species on the thermal and optical sensors as training before conducting the formal investigation.
- Based on those bases, following the discussion on Section 18.104.22.168, the attacker is classified as an expert.
- The attacks are conducted in cooperation with the subjects.
- 3-D silicon molds were collected from the selected 66 fingerprints.
- Only one mold was collected from each fingerprint.
- Accordingly, the attacker performed attack presentations using seven PAI species, specifically: Play-Doh, white glue, spray rubber, nail polish, nail hardener, gelatin, and latex.
- Table 3.6 lists the details of the attacks following the recommendations of ISO/IEC 30107-3.
- Following the steps in Section 22.214.171.124, the evaluator defined the vulnerability at the surface of the fingerprint sensor.
- Then, the potential attacks were defined following two steps: creating testing PAIs from different materials and select the species that can be detected by the sensors.
- The process of analyzing the defined vulnerability is illustrated in Figure 3.2. 40.
- The assumed attack potential is characterized in Table 3.7.
- The elapsed time is calculated considering the seven PAI species; defined in Figure 3.5.
- At the moment of performing the attacks, the evaluator had only access to the public information about the ToE.
- All the used equipment in this experiment were purchased from online shops, local shops, and supermarkets; thus, the equipment is reported as standard.
- The following chapters conduct several experiments proposing fingerprint PAD mechanisms.
Application in Presentation Attack Detection
- Fingerprint is typically perceived as the static pattern of the fingertip’s impression.
- This section focuses on analyzing the complete interaction between the fingerprint and the sensor surface rather than analyzing a single fingerprint image.
- These classifiers were selected after examining seven machine learning algorithms with different configuration modes, as shown in Table 4.2.
- Different attack types are expected to have different attack potentials, a PAD mechanism may not succeed to distinguish specific attack types, while performs more successfully with other types .
- 56 Table 4.5 and Table 4.6 report the PAD performance after feature selection by showing BPCER at fixed APCER and the equal error rate.
Detection Utilizing Spatio-Temporal Features
- In the previous chapter, the experiment was conducted by analyzing the fingerprint as a sequence of dependent frames.
- The dynamic features were extracted from the video frames in the spatial domain, then the variation of those spatial features was used to describe each fingerprint video.
- There is a vast amount of literature on dynamic texture recognition with application to biometric recognition and analysis, this section highlights the most related works in this domain.
- The authors had evaluated their PAD mechanism considering printed and replay attacks (video attacks).
- 60 Additionally, various dynamic descriptors were suggested to categorize human actions.
- The proposed PAD subsystem is designed in a fashion that leverages the dynamic information provided during the fingerprint presentation .
- Five feature extractors are therefore selected to achieve a description that discriminates genuine from attack presentations.
- The first mode investigates dynamic fingerprint features in the frequency domain whereas a 3-D filter bank is utilized to extract spectral features in a diverse range of scales and orientations.
- Figure 5.2 illustrates these modes and Figure 5.3 shows an example of a fingerprint video and its sampling into 3-D patches and TOPs.
- The feature extractors were selected in order to be in accordance with the proposed modes, moreover, to analyze the features in spatio-temporal and spectral domains.
1) Segmentation of thermal subset
- The thermal sensor’s SDK provides a capturing mode that acquires only the central region of the sensor sized 90×128 pixels.
- Thus, the acquired sequence is already segmented as a stack of 7 frames sized 90×128 Figure 5.4.
2) Segmentation of optical subset
- Since their study analyzes the formation of fingerprints, the authors have implemented a simple volume segmentation tool that creates the boundaries of the entire Interaction between a fingerprint and the sensor.
- The first set of analyses examined the impact of (i) the size of 3-D samples used in the processing mode, and (ii) selecting rotation invariant or uniform features, on the feature extractor performance.
- The authors separately evaluate the feature extraction time for optical and thermal sensors in Table 5.9 and Figure 5.9.
- The significance of the proposed approach is integrating the effect of natural fingerprint phenomena from the acquired video using dynamic descriptors, for instance, the intensity variation caused by the perspiration and pressure, and the ridge/valley pattern's formation caused by the 3- D form and elasticity of genuine fingerprints.
- Moreover, the approach has the capacity to detect anomalous patterns caused by the various PAI species, consequently, enhance the PAD subsystem's accuracy.
- As explained in earlier chapters, the fundamental research question in the development of novel PAD mechanisms concerns the distinct features that segregate genuine from malicious biometric traits.
- Presentation instructions, which might be referred to as challenge-response in the context of PAD, are used to trigger the biometric trait aiming to obtain a unique reaction pattern/s that, ideally, cannot be achieved by attacks, also known as 78 I. Presentation instruction.
- Further analysis of fingerprint elasticity was performed by Jia et al. , analyzing the variations in the fingerprint area, intensity, and standard deviation.
- The variations in area and intensity were justified by the applied pressure and skin’s moistness.
- Thus, a detailed analysis of the impact of different attack species on the PAD subsystem performance is shown in the results section.
126.96.36.199.1 DISTORTION-BASED FEATURES
- This feature extractor analyzes the impact of pressure on the fingerprint ridge/valley dynamicpattern considering both bona fide and attack presentations.
- Frames are taken to demonstrate the variations at the beginning, mid, end of the presentation (left to right).
- Peak Signal to Noise Ratio (𝑃𝑆𝑁𝑅) measures the peak error between two images.
- In the fingerprint sequence, image degradation is caused by the applied pressure during a presentation.
- Finally, the defined four features (i.e. PSNR, r, SSIM, and I) in addition to the eight statistics introduced in , are combined to form the final PAD features.
188.8.131.52.2 SPATIO-TEMPORAL FEATURES
- In their previous work (Chapter 5), dynamic texture has shown a high capacity to provide discriminative descriptions for dynamic fingerprint presentations.
- This section revisits the used feature extraction methods, namely: VLBP, LBP-TOP, VLPQ, LPQ-TOP, and GIST 3-D, and utilizes them as PAD feature extractors considering the database which includes the pressure scenario.
- The previous conclusions state that those methods are capable of detecting the dynamic features of genuine fingerprints and the abnormal variations of attacks when fingerprint videos are investigated.
- Therefore, the dynamic pattern’s variation caused by pressure is expected to provide additional discriminative features that improve the overall accuracy of the PAD subsystem.
1) Protocol I
- The purpose of this protocol is to evaluate the proposed PAD mechanisms in section 184.108.40.206 by conducting Experiments I and II.
- The authors thus utilize the database in Section 3. 2, which was collected to investigate the influence of pressure on bona fide and attack presentations, to validate the proposed PAD mechanisms.
- In all of the corresponding experiments, each sensor’s data is studied individually because of the differences between the acquired data, i.e frame rate, image size, resolution, noise, etc.
- The division is performed by randomizing capture subjects such that all the presentations (bona fide and attacks) of an independent capture subject are either in the training or testing data.
- Finally, the PAD subsystem is evaluated through performing the PAD feature extraction, training/testing the PAD classifier, and assessing the obtained results following the evaluation methodology.
2) Protocol II
- The aim of the second protocol is to compare the PAD performance of the proposed mechanisms in the scenarios of ordinary presentations and presentations with pressure.
- Table 6.2 summarizes the proposed experiments, the corresponding protocol and database, and the experiment objective.
- Further analysis is performed to the obtained results to demonstrate the influence of PAI species on the PAD performance (Table 6.4).
- Although the PAD accuracy for the optical sensor is significantly higher than the thermal sensor at low APCER values.
1) PAD Subsystem Accuracy: Pressure Versus Ordinary Presentations
- In order to identify the influence of pressure on the PAD subsystem accuracy, BPCER20 is used to compare the PAD subsystem accuracy considering the scenarios of ordinary presentations and presentations with pressure.
- The error rates, reported in Chapter 5 for ordinary presentation and in the previous experiment for presentations with pressure, are shown in Figure 6.13 to compare the PAD subsystem accuracy for both scenarios.
- Those scenarios are further investigated in the next subsection.
- Thus, Figure 6.15 and Figure 6.16 demonstrate the score distributions for bona fide and attack presentations considering both cases.
- On the other hand, the thermal sensor does not show a noticeable change in the median of attacks but the median of bona fide increased from 0.21 to 0.37.
2) PAD Subsystem Generalizability: Pressure Versus Ordinary Presentations
- To assess the PAD subsystem generalizability, the second part of Protocol II is applied.
- On the other hand, the 100 stability of the PAD model, which was confirmed by the leave-one-out cross validation, could be interpreted as being a result of obtaining more generic features that are less dependent on certain differences between capture subjects.
- Finally, the authors suggest studying fingerprint-specific dynamic features such as contours development and region of interest variations.
- The proposed taxonomies provided a deeper understanding of the issue of presentation attacks, and the development of presentation attack detection evaluations.
- Prior to performing the data collection (presented in Chapter 3), the attacker gained solid knowledge and experience in the subject of fingerprint presentation attacks.
- The experiment was limited a 12-hour development and testing limit.
- The main observations reported by the attacker are: 1. In the primary stages of the experiment, different presentation attack attempts were carried out and failed.
- The attack success rate increases while the attacker keeps practicing.
Did you find this useful? Give us your feedback
"A Survey in Presentation Attack and..." refers background in this paper
...The second attack category takes place within the digital processes of the system’s interior parts, to be specific, seven points of digital attacks in the general biometric system are exposed in ....
Related Papers (5)
Frequently Asked Questions (9)
Q1. How many frames are fixed for the thermal sensor subset?
Since L is fixed to 7 frames for the thermal sensor subset, then the corresponding dimensionality is fixed to 56 for all presentations.
Q2. What is the main advantage of the proposed algorithm?
the proposed algorithm utilizes image statistics, thus, it does not require high computational cost and can be processed in real time.
Q3. What is the first scenario used to validate the proposed mechanism?
DATA BASEIn order to validate the proposed mechanism, the first scenario, i.e. ordinary dynamic presentations, from Chapter 3 is used.
Q4. What is the role of the targeted biometric modality in the detection of presentation attacks?
Non-cooperative attacks are often rather sophisticated because of the need for special expertise and adequate hardware/software tools, moreover, the targeted biometric modality plays an important role to determine the ease of the process.
Q5. What are the main reasons why users are still considered as suspicious presentations?
On the other hand, non-subversive intents are still considered as suspicious presentations, while users are behaving24normally by wearing commercial products for cosmetic purposes, facing accidents which cause problems in engaging with a system, or need more knowledge about the use of these systems.
Q6. What portion of the database was used in the experiment of Chapter 4.VOLUME SEGMENT?
The same portion was used in the experiment of Chapter 4.VOLUME SEGMENTATIONTo neglect the influence of empty background on the extracted features, the authors apply 3-D segmentation to the dataset so that the features are extracted only from the part of the sensor’s surface where the presentation was applied.
Q7. What are the main reasons why face recognition security is so popular?
Face recognition security occupies high attention since it has been deployed in many areas such as passport check and video surveillance.
Q8. What factors are taken into account to characterize the interaction over the sensor’s surface?
even though the different PAI species have demonstrated different behaviors, other factors such as attacking tools and attacker’s level of81expertise must be taken into account to completely characterize the interaction over the sensor’s surface.
Q9. How do the authors compare the proposed algorithm with the pressure dataset?
In order to compare the presented algorithm with that proposed in Chapter 4, the authors apply cross-validation data partitioning to the pressure dataset then the authors train an SVM model in the same fashion presented in Chapter 4; results are shown in Figure 6.9.