LOPA: A linear offset based poisoning attack method against adaptive fingerprint authentication system

摘要

Biological characteristics have been widely used in various identity authentication systems. The authentication systems typically store one or several biometric templates to identify whether a claimed user is legitimate. However, since the biological characteristics of users may undergo intra-class variabilities (such as aging or injuring by accidents) as time goes by, those initial enrolled templates may be not able to match the latest characteristics of the users. Therefore, some adaptive systems have been proposed to continuously update the enrolled templates by using collected run-time data. However, a smart attacker can leverage this self-updating procedure to drift the stored templates by constructing and submitting a set of well-designed poisoning samples. In this paper, for the first time, we propose a novel linear offset based poisoning attack method, named "LOPA", against the online self-update fingerprint authentication systems. By making minor linear transformation to the minutia representation matrix of a victim's fingerprint template, the proposed attack method can generate a series of poisoning samples which are then submitted to the fingerprint authentication system. In this way, the initial template stored in the system will be imperceptibly and stealthily poisoned (i.e., updated), and eventually becomes unusable. Experimental results show that the proposed LOPA method is effective, where the stored fingerprint templates have been successfully poisoned, and those target fingers are incorrectly denied by the target system after a certain time. Specifically, the performance (the average GAR of all target fingers) of the fingerprint authentication system has dropped by 42.86%. In addition, the average matching score and the average matched minutia pairs of all target fingers have both declined, which indicate the universality of the proposed poisoning attack. This work reveals a novel security threat to the fingerprint authentication systems, and can hopefully provide references for developing future countermeasures.