A Genetic Algorithm Enabled Similarity-Based Attack on Cancellable Biometrics
This work highlights a critical security flaw in biometric protection systems, posing risks for applications relying on cancellable biometrics for privacy and authentication.
The paper demonstrates that cancellable biometric schemes with similarity-preserving properties are highly vulnerable to similarity-based attacks, using a Genetic Algorithm framework (GASAF) to achieve successful impersonation and cross-matching on BioHashing and Bloom-filter schemes.
Cancellable biometrics (CB) as a means for biometric template protection approach refers to an irreversible yet similarity preserving transformation on the original template. With similarity preserving property, the matching between template and query instance can be performed in the transform domain without jeopardizing accuracy performance. Unfortunately, this trait invites a class of attack, namely similarity-based attack (SA). SA produces a preimage, an inverse of transformed template, which can be exploited for impersonation and cross-matching. In this paper, we propose a Genetic Algorithm enabled similarity-based attack framework (GASAF) to demonstrate that CB schemes whose possess similarity preserving property are highly vulnerable to similarity-based attack. Besides that, a set of new metrics is designed to measure the effectiveness of the similarity-based attack. We conduct the experiment on two representative CB schemes, i.e. BioHashing and Bloom-filter. The experimental results attest the vulnerability under this type of attack.