Alpha-wolves and Alpha-mammals: Exploring Dictionary Attacks on Iris Recognition Systems
This exposes a security flaw in biometric systems, potentially compromising identity verification for users, and is an incremental attack method building on known dictionary attack concepts.
The paper identified a vulnerability in iris recognition systems where mixing IrisCodes using bitwise operators creates 'alpha-mixtures' that significantly increase false matches, with an alpha-wolf matching up to 71 identities at FMR=0.001% and an alpha-mammal matching up to 133 identities at FMR=0.01% on the IITD dataset.
A dictionary attack in a biometric system entails the use of a small number of strategically generated images or templates to successfully match with a large number of identities, thereby compromising security. We focus on dictionary attacks at the template level, specifically the IrisCodes used in iris recognition systems. We present an hitherto unknown vulnerability wherein we mix IrisCodes using simple bitwise operators to generate alpha-mixtures - alpha-wolves (combining a set of "wolf" samples) and alpha-mammals (combining a set of users selected via search optimization) that increase false matches. We evaluate this vulnerability using the IITD, CASIA-IrisV4-Thousand and Synthetic datasets, and observe that an alpha-wolf (from two wolves) can match upto 71 identities @FMR=0.001%, while an alpha-mammal (from two identities) can match upto 133 other identities @FMR=0.01% on the IITD dataset.