SECURITY AND PROTECTION OF FACIAL BIOMETRICS SYSTEMS

Abstract

Biometrics are physical and behavioral traits, which are unique and specific to individuals. Some of the widely used physical traits include face, fingerprint, iris, and behavioral traits include voice, signature, typing rhythm, and gait. Identifying a person based on any physical and behavioral traits is referred to as biometric authentication. Biometrics authentication can be more convenient and secure than passwords, because biometric traits are relatively fixed and cannot be easily stolen or shared. However, biometrics cannot be recovered and lost forever when compromised. Attackers strive to subvert the biometric systems and gain unauthorized access to digital and physical assets. Attacks on biometric systems can be classified into impersonation and obfuscation attacks. These attacks are the result of the following biometric vulnerabilities (i) An attacker can exploit a compromised template database either, to replace a template with an imposter template or, to present a stolen template directly to the matching module, (ii) Invertible transform function could lead to the estimation of biometric features, which can be used to create a physical fake or spoof of the biometric, and (iii) Attackers also exploit a higher false accept rate to impersonate a victim user, and (iv) Finally, biometric systems are sensitive to carefully crafted perturbations to the input biometric data. These perturbations can be used for impersonation attacks, as well as obfuscation attacks. Researchers proposed several template protection methods to overcome some of the above vulnerabilities of biometric systems and to defend against adversarial attacks. A template protection method converts an original template into a protected template in a non-invertible manner, intending to protect the biometric identifier even if a template is stolen. An ideal template protection mechanism must meet the following requirements: (i) Security or non-invertibility, (ii) Revocability, (iii) Diversity, and (iv) Matching performance. This thesis addresses some of these issues and proposes methods for facial template protection and for defending adversarial attacks on facial verification systems. The following studies were conducted in this thesis. (i) A modular Siamese network based method is proposed to improve the robustness of the face verification systems against adversarial attacks and simultaneously provide interpretability. In this approach, facial feature representations for each individual facial part such as eyes, nose and mouth are learned in latent space through feature disentanglement. (ii) A template protection method based on deep neural