Information-Theoretic Performance Evaluation of Multibiometric Fusion under Modality Selection Attacks

Yosuke KAGA

IEICE TRANSACTIONS on Fundamentals of Electronics, Communications and Computer Sciences   Vol.E99-A    No.5    pp.929-942
Publication Date: 2016/05/01
Online ISSN: 1745-1337
DOI: 10.1587/transfun.E99.A.929
Type of Manuscript: PAPER
Category: Cryptography and Information Security
multibiometric authentication,  log-likelihood ratio,  modality selection attacks,  password entropy,  KL divergence,  

Full Text: PDF>>
Buy this Article

The likelihood-ratio based score level fusion (LR-based fusion) scheme has attracted much attention, since it maximizes accuracy if a log-likelihood ratio (LLR) is accurately estimated. In reality, it can happen that a user cannot input some query samples due to temporary physical conditions such as injuries and illness. It can also happen that some modalities tend to cause false rejection (i.e. the user is a “goat” for these modalities). The LR-based fusion scheme can handle these situations by setting LLRs corresponding to missing query samples to 0. In this paper, we refer to such a mode as a “modality selection mode”, and address an issue of accuracy in this mode. Specifically, we provide the following contributions: (1) We firstly propose a “modality selection attack”, in which an impostor inputs only query samples whose LLRs are more than 0 (i.e. takes an optimal strategy) to impersonate others. We also show that the impostor can perform this attack against the SPRT (Sequential Probability Ratio Test)-based fusion scheme, which is an extension of the LR-based fusion scheme to a sequential fusion scenario. (2) We secondly consider the case when both genuine users and impostors take this optimal strategy, and show that the overall accuracy in this case is “worse” than the case when they input all query samples. More specifically, we prove that the KL (Kullback-Leibler) divergence between a genuine distribution of integrated scores and an impostor's one, which can be compared with password entropy, is smaller in the former case. We also show to what extent the KL divergence losses for each modality. (3) We finally evaluate to what extent the overall accuracy becomes worse using the NIST BSSR1 Set 2 and Set 3 datasets, and discuss directions of multibiometric applications based on the experimental results.