IEEE SPS Winter School on Security and Privacy Issues in Biometrics

Speaker Abstracts and Bios

• Nicholas Evans, EURECOM — "Spoofing and Countermeasures for Automatic Speaker Verification"

  Abstract
  Most, if not all biometric systems can be vulnerable to presentation attacks or spoofing. Spoofing involves the circumvention of a biometric system by a fraudster who masquerades as another enrolled client through the mimicking of their biometric traits. Spoofing attacks can be used to infiltrate systems or services protected by biometric technology, can undermine user confidence, and thus form a barrier to exploitation.

  This talk will present recent work to develop presentation attack detection or countermeasure systems to protect speaker verification systems from diverse spoofing attacks including replay, speech synthesis and voice conversion. The talk will present the community-led ASVspoof initiative and the associated, competitive ASVspoof 2015 Challenge and results, alongside other common databases and evaluations, namely AVspoof and RedDots Replayed. The talk will cover progress in the field and present a treatment of constant Q cepstral coefficients (CQCCs) which are especially effective in distinguishing between genuine and spoofed speech. The talk will conclude with a brief discussion of current challenges and directions for future research.

  Bio
  Nicholas Evans is an Associate Professor at EURECOM where he heads research in Speech and Audio Processing. In addition to other interests in speaker diarization, speech signal processing and multimodal biometrics, he is studying the threat of spoofing to automatic speaker verification systems and working to develop new spoofing countermeasures. Previously, his work in spoofing was funded by the EU FP7 ICT TABULA RASA project, continuing today through the EU H2020 OCTAVE project. He co-organised the Spoofing and Countermeasures for Automatic Speaker Verification special session at Interspeech in 2013 and the ASVspoof evaluation at Interspeech in 2015. He was Lead Guest Editor for the IEEE Transactions on Information Forensics and Security special issue in Biometrics Spoofing and Countermeasures, Lead Guest Editor for the IEEE SPM special issue on Biometric Security and Privacy and Guest Editor for the IEEE JSTSP special issue on Spoofing and Countermeasures for Automatic Speaker Verification. He was general co-chair of IWAENC 2014 and technical programme co-chair of EUSIPCO 2015. He currently serves as an Associate Editor of the EURASIP Journal on Audio, Speech and Music Processing, is a member of the IEEE and the Signal Processing Society and is an elected member of the Speech and Language Technical Committee.

• Josef Kittler, Centre for Vision, Speech and Signal Processing, University of Surrey — "3D Assisted 2D Face Recognition for Enhanced Security Applications"

  Abstract
  Face recognition is an important biometric technology for many security applications, including access control, verification of identity for secure transactions, and visual surveillance. In order to provide robust solutions in unconstrained scenarios, the use of 3D information either in the form of 3D biometric data, or 3D Morphable Face Models (3DMM) as a prior, has witnessed increasing interest recently. The latter can be applied in their own right as a basis for 3D face recognition and analysis involving 3D face data. However, their prevalent use over the last decade has been as a versatile tool in 2D face recognition to normalize pose, illumination and expression of 2D face images. It has the generative capacity to augment the training and test databases for various 2D face processing related tasks. It can expand the gallery set for pose invariant face matching. For any 2D face image it can furnish complementary information, in terms of its 3D face shape and texture. It can also aid multiple frame fusion by providing the means of registering a set of 2D images. A key enabling technology for this versatility is 3D face model to 2D face image fitting. The recent developments in 3D model to 2D image fitting will be discussed. They include the use of symmetry to improve the accuracy of illumination estimation, multistage close form fitting to accelerate the fitting process, modifying the imaging model to cope with 2D images of low resolution, and building albedo 3DMM. These various enhancements will be overviewed and their merit demonstrated on a number of face analysis related problems.

  Bio
  Josef Kittler is professor of Machine Intelligence at the Centre for Vision, Speech and Signal Processing, University of Surrey. He received his BA, PhD, and DSc degrees from the University of Cambridge. He teaches and conducts research in the subject area of Signal Processing and Machine Intelligence, with a focus on face biometrics and anomaly detection. He published a Prentice Hall textbook on Pattern Recognition: A Statistical Approach and several edited volumes, as well as more than 700 scientific papers, including in excess of 180 journal papers. He serves on the Editorial Board of several scientific journals in Pattern Recognition and Computer Vision. He became Series Editor of Springer Lecture Notes on Computer Science in 2004. He served as President of the International Association for Pattern Recognition 1994-1996. He was elected Fellow of the Royal Academy of Engineering in 2000. In 2006 he was awarded the KS Fu Prize from the International Association for Pattern Recognition, for outstanding contributions to pattern recognition. In 2008 he was awarded the IET Faraday Medal and in 2009 he became EURASIP Fellow.

• Sebastien Marcel, Idiap Research Institute

  Bio
  Sébastien Marcel received the PhD in signal processing from Université de Rennes I in France (2000) at CNET, the research center of France Telecom (now Orange Labs). He is currently interested in pattern recognition and machine learning with a focus on biometrics. He is a senior researcher at the Idiap Research Institute (CH), where he heads a research team and conducts research on face recognition, speaker recognition, and spoofing attacks detection.

  In 2010, he was appointed Visiting Associate Professor at the University of Cagliari (IT) where he taught a series of lectures in face recognition. He is lecturer at the Ecole Polytechnique Fédérale de Lausanne (EPFL) where he is teaching on “Fundamentals in Statistical Pattern Recognition He serves on the Program Committee of several scientific journals and international conferences in pattern recognition and computer vision. He is also an Associate Editor of the IEEE Transactions on Information Forensics and Security, a Co-editor of the Handbook of Biometric Anti-Spoofing, a Guest Editor of the IEEE Transactions on Information Forensics and Security Special Issue on “Biometric Spoofing and Countermeasures," and Co-editor of the IEEE Signal Processing Magazine Special Issue on Biometric Security and Privacy.

  Finally, he is the principal investigator of international research projects including MOBIO (EU FP7 Mobile Biometry), TABULA RASA (EU FP7 Trusted Biometrics under Spoofing Attacks) and BEAT (EU FP7 Biometrics Evaluation and Testing).

• Nasir Memon, NYU Tandon School of Engineering

  Bio
  Nasir Memon is a professor in the Department of Computer Science and Engineering at NYU Tandon School of Engineering and the founder and director of the Information Systems and Internet Security laboratory (ISIS Lab).

  He is the founding director of the Center for Interdisciplinary Studies in Security and Privacy (CRISSP) , and CCS-AD, a collaborative initiative of multiple schools within NYU including NYU's Steinhardt School of Culture, Education, and Human Development, Robert F. Wagner Graduate School of Public Service, Leonard N. Stern School of Business, and the Courant Institute of Mathematical Sciences well as NYU Abu Dhabi.

  He is an affiliate faculty at the computer science department in the Courant Institute of Mathematical Sciences at NYU.

• Anoop Namboodiri, IIIT Hyderabad — "Privacy in Surveillance"

  Abstract
  Widespread use of surveillance cameras in offices and other business establishments, pose a significant threat to the privacy of the employees and visitors. The challenge of introducing privacy and security in such a practical surveillance system has been stifled by the enormous computational and communication overhead required by the solutions. In this talk, we will discuss efficient solutions that to carry out surveillance in the encrypted domain.

  Encryption mechanisms that ensure privacy do so by destroying any pattern that is present in the data. This renders the data useless for any pattern matching task, including surveillance. We would like to have matching solutions that work directly in the encrypted domain, while maintaining the accuracy available with unencrypted images. We look at different recognition architectures that ensure complete privacy even if a set of devices in the system are compromised. We would like to do this with methods that can work in real-time on regular hardware. In addition to making the matching task difficult, a good encryption also renders the data unsuitable for compression. This is especially worrisome for the problem of video surveillance, where the data needs to be sent from the camera to an automatic surveillance system. We will also look into ways to get around this problem to make the solution practical.

  Bio
  Anoop Namboodiri is an Associate Professor at IIIT Hyderabad, India. He completed his PhD from Michigan State University in 2004. His research interests include Computer Vision, Machine Learning, Biometrics, and Computational Photography. He has also been closely associated with the Aadhaar project in India, the largest biometric enabled identification project in the world. He has done several works in the area of privacy and security of biometric systems, integrating cryptography, and biometrics.

• Kartik NandKumar, IBM Research — "Biometric Template Security: Crossing The Chasm Between Theory and Practice" and "Fingerprint Template Security"

  Abstract — "Biometric Template Security: Crossing The Chasm Between Theory and Practice"
  Biometric recognition is an integral component of modern identity management and access control systems.

  Due to the strong and permanent link between individuals and their biometric traits, exposure of enrolled users’ biometric information to adversaries can seriously compromise biometric system security and user privacy. Numerous techniques have been proposed for biometric template protection over the last 20 years.

  The first objective of this talk is to present an overview of major template protection approaches such as cancelable biometrics, biometric cryptosystem, and homomorphic encryption along with an analysis of their pros and cons. While these approaches are theoretically sound, they seldom guarantee the desired non-invertibility, revocability, and non-linkability properties without significantly degrading the recognition performance. This explains why despite two decades of active research, operational biometric systems do not go beyond encrypting the template using standard encryption techniques and/or storing them in secure hardware.

  The second objective of this talk is to analyze the factors contributing to this performance gap and highlight promising research directions to bridge this gap. In particular, addressing fundamental research problems in biometrics such as the design of invariant biometric representations and developing statistical models to accurately quantify the individuality of biometric representations will greatly facilitate progress in the field of biometric template security.

  Abstract — Fingerprint Template Security
  Fingerprint is one of the most popular biometric modalities with a long history of usage both in forensic and civilian applications. While biometric template protection is a challenging problem in general, fingerprint template protection is especially difficult due to two reasons. Firstly, fingerprint impressions captured from the same finger typically exhibit large intra-user variations (e.g., rotation, translation, nonlinear deformation, and partial prints). Secondly, the commonly used minutiae-based representation of fingerprints is difficult to secure because it is an unordered set with variable cardinality that is not compatible with simple similarity estimation functions. Therefore, there are two fundamental challenges in fingerprint template protection. First, we need to design an appropriate representation scheme (or suitably adapt the minutiae-based representation) that captures most of the discriminatory information, but is sufficiently invariant to changes in finger placement and can be secured using available template protection algorithms. Secondly, we need to automatically align or register the fingerprints obtained during enrollment and matching without using any information that could reveal the features, which uniquely characterize a fingerprint. This talk will analyze how these two challenges are being addressed in practice and how the design choices affect the trade-off between the security objectives and matching accuracy.

  Bio
  Karthik Nandakumar is a Research Staff Member at IBM Research, Singapore. Prior to joining IBM in 2014, he was a Scientist at Institute for Infocomm Research, A*STAR, Singapore for more than six years. He received his BE degree (2002) from Anna University, Chennai, India, MS in Computer Science (2005) and Statistics (2007), and PhD degree in Computer Science (2008) from Michigan State University, and MSc degree in Management of Technology (2012) from National University of Singapore. His research interests include computer vision, statistical pattern recognition, biometricauthentication, image processing, and machine learning.

  He has coauthored two books titled Introduction to Biometrics (Springer, 2011) and Handbook of Multibiometrics (Springer, 2006). He has received a number of awards including the 2008 Fitch H. Beach Outstanding Graduate Research Award from the College of Engineering at Michigan State Unversity, the Best Paper award from the Pattern Recognition Journal (2005), the Best Scientific Paper Award (Biometrics Track) at ICPR 2008, and the 2010 IEEE Signal Processing Society Young Author Best Paper Award. He is a senior member of the IEEE.

• Mark Nixon, University of Southampton — "Vulnerabilities in Behavioral Biometrics"

  Abstract
  Behavioral biometrics includes keystroke dynamics, gait analysis, voice ID, mouse gesture, and signature analysis. This talk will include gait biometrics, covariates (exploratory variables) and clothing, targeting biometrics, countermeasures, forensics, and soft biometrics. We shall also consider approaches to spoofing gait biometrics, aided by media coverage from Discovery. As we shall find, the range of vulnerabilities is rather larger for behavioral biometrics, since they are naturally based on movement. However, this might be rather tempered by the human inability to understand and synthesis movement, and thus to change its perception. All biometrics are likely to suffer from targeting, which is a new concept in biometrics and will be explored here. It might also be prudent to use soft biometrics either to buttress identification, or to achieve recognition, as this can also counter likely vulnerabilities in any biometric modality that can be used for identification in surveillance video.

  Bio
  Mark Nixon is the Professor in Computer Vision at the University of Southampton, UK. His research interests are in image processing and computer vision. His team develops new techniques for static and moving shape extraction, which have found application in automatic face and automatic gait recognition, and in medical image analysis.

  His team were early workers in face recognition, later came to pioneer gait recognition, and more recently joined the pioneers of ear biometrics. His vision textbook, with Alberto Aguado, Feature Extraction and Image Processing (Academic Press) reached 3rd Edition in 2012 and has become a standard text in computer vision. With Tieniu Tan and Rama Chellappa, their book Human ID based on Gait is part of the Springer Series on Biometrics and was published in 2005. He has chaired/ program chaired many conferences and given many invited talks. Mark is a member of IAPR TC4 Biometrics and of the IEEE Biometrics Council. He is a Fellow IET and FIAPR, and a Distinguished Fellow of the BMVA.

• Nalini Ratha, Thomas J. Watson Research Centre, IBM — "Privacy Enhancement in Biometrics"

  Abstract
  Biometrics, as an authentication tool, provides several advantages over conventional what you know (e.g., password, PIN) and what you possess (e.g., keys, tokens) authentication methods. However, a biometrics is an irrevocable password as we can’t change the biometrics easily. If it is compromised digitally, it is compromised for ever. Secondly, a biometrics can be easily matched against multiple databases to link identities. In order to alleviate privacy deficiencies of biometrics, IBM Research has pioneered a new technique for protecting biometrics templates that can allow for revocation and anonymous sharing. Instead of enrolling with the true biometrics, the original signal/template is intentionally and repeatably distorted using a class of non-invertible functions. The resulting “transformed” biometrics is enrolled. During verification, the same distortion transformation is applied to the biometrics signal/template to match against the enrolled template. The proposed method supports revocability and permits anonymous matching where biometrics data sharing is prohibited.

  Bio
  Dr. Nalini K. Ratha is a Research Staff Member at IBM Thomas J. Watson Research Center, Yorktown Heights, NY, where he is the team leader for the biometrics-based authentication research. He has over 20+ years of experience in the industry working in the area of pattern recognition, computer vision, and image processing. He received his BTech in Elelectrical Engineering from Indian Institute of Technology, Kanpur, MTech degree in Computer Science and Engineering also from Indian Institute of Technology, Kanpur and PhD in Computer Science from Michigan State University. He has authored more than 80 research papers in the area of biometrics and has been co-chair of several leading biometrics conferences and served on the editorial boards of IEEE Trans. on PAMI, IEEE Trans. on SMC-B, IEEE Trans. on Image Processing and Pattern Recognition journal. He has co-authored a popular book on biometrics entitled Guide to Biometrics and also co-edited two books entitled Automatic Fingerprint Recognition Systems and Advances in Biometrics: Sensors, Algorithms and Systems. He has offered tutorials on biometrics technology at leading IEEE conferences and also teaches courses on biometrics and security. He is Fellow of IEEE, Fellow of IAPR, and an ACM Distinguished Scientist. His research interests include biometrics, pattern recognition and computer vision. He has been an adjunct professor at IIIT Delhi, Cooper Union and NYU. During 2011-2012 he was the president of the IEEE Biometrics Council. At IBM, he has received several awards including a Research Division Award, Outstanding Innovation Award, and Outstanding Technical Accomplishment Award, along with several patent achievement awards.

• Christian Rathgeb, Faculty of Computer Science, Hochschule Darmstadt — "Iris Template Security"

  Abstract
  To confirm an individual's identity accurately and reliably iris recognition systems analyze the texture that is visible in the iris of the eye. The rich random pattern of the iris constitutes one of the most powerful biometric characteristic. Iris recognition has legendary resistance against false matches, which motivates its application in high security scenarios. However, recent research has shown that, in case an attacker has full knowledge of the employed feature extraction, approximations of iris textures can be reconstructed from iris biometric reference data, i.e., iris-codes. Such reconstructed iris textures can be utilized by an attacker to launch presentation attacks. In addition, unprotected storage of iris-codes enables cross-matching attacks. Hence, iris-codes must be protected (in a permanent way) in order to safeguard individuals' privacy and iris biometric systems' security.

  The first part of this lecture will summarize fundamentals in iris recognition, touching upon key-components of generic iris recognition systems,including image acquisition, segmentation, normalization, quality estimation, feature extraction, and comparison.

  The second part of this lecture will give a insight into biometric template protection technologies, which enable aprivacy-preserving storage of biometric reference data. A detailed discussion of diverseiris-based crypto systems and cancelable iris biometrics will be given. Further, experimental results will be presented to discuss the efficacy ofthese approaches. Finally, open issue and challenges will be discussed.

  Bio
  Dr. Christian Rathgeb is a postdoctoral researcher with the Faculty of Computer Science, Hochschule Darmstadt, Germany. His research includes pattern recognition, iris biometrics, and privacy-enhancing technologies for biometric systems. He co-authored over 50 technical papers in the field of iris biometrics, template protection, as well as the book Iris Recognition: From Segmentation to Template Security, In Advances in Information Security 59. Springer, New York, 2012.

  He served as program committee member for different conferences, including IAPR International Conference on Biometrics (ICB) and IEEE International Conference on Biometrics: Theory, Applications, and Systems (BTAS), and as reviewer for various journals and magazines. He is a member of the European Association for Biometrics (EAB) and a program chair of the International Conference ofthe Biometrics Special Interest Group (BIOSIG).

• Fabio Roli, University of Cagliari — "Overview of Adversarial Biometric Recognition"

  Abstract
  In this lecture, we review previous work on biometric security under a recent framework proposed in the field of adversarial machine learning. This allows us to highlight novel insights on the security of biometric systems when operating in the presence of intelligent and adaptive attackers that manipulate data to compromise normal system operation. We show how this framework enables the categorization of known and novel vulnerabilities of biometric recognition systems, along with the corresponding attacks, countermeasures, and defense mechanisms. The main goal of this lecture is to provide a gentle introduction to adversarial machine learning, and a well-structured review of the state of the art on biometric security, in light of the most recent findings in the area of adversarial machine learning.
  

  Bio
  Fabio Roli a full professor of Computer Engineering at the University of Cagliari, Italy, and Director of the Pattern Recognition and Applications laboratory, he has been appointed Fellow of the IEEE and Fellow of the International Association for Pattern Recognition.

• Arun Ross, Michigan State University

  Arun Ross is a professor in the Department of Computer Science and Engineering at Michigan State University and the Director of the i-PRoBe Lab. He is the coauthor of the textbook Introduction to Biometrics and the monograph Handbook of Multibiometrics, and the co-editor of Handbook of Biometrics. He is a recipient of the IAPR JK Aggarwal Prize, the IAPR Young Biometrics Investigator Award, and the NSF CAREER Award. Arun has been on the editorial board of several journals, and was an Associate Editor of IEEE TIFS. He currently serves as the Chair of the IAPR TC4 on Biometrics.
  

• Stephanie Schuckers, Clarkson University — "Fingerprint Anti-spoofing"

  Abstract
  With the release of a fingerprint reader in the iPhones, much attention has returned to the use of biometrics in the commercial marketplace. Naturally, given the world-wide visibility of Apple products, it was not long before it was demonstrated that the iPhone could be “spoofed” using a lifted fingerprint to create a fake finger which subsequently unlocked the iPhone. The news highlighted vulnerability, recognized most famously in 2002, by the “Gummy Finger,” made from gelatin. In order to address “spoof ability” of biometrics,“liveness detection,” (or more broadly “presentation attack detection”), addresses the risk associated with “spoofing.” When successful, liveness detection can recognize a spoof attack and minimize the vulnerability associated with “a biometric is not secret.”

  This talk will discuss presentation attack detection for fingerprint systems including both software and hardware based methods. Additional topics related to presentation attack detection, such as performance evaluation and fusion with matching, will also be introduced.
  

  Bio
  Dr. Stephanie Schuckers is the Paynter-Krigman Endowed Professor in Engineering Science in the Department of Electrical and Computer Engineering at Clarkson University and serves as the Director of the Center of Identification Technology Research (CITeR), a National Science Foundation Industry/University Cooperative Research Center.

  She received her doctoral degree in Electrical Engineering from The University of Michigan. Professor Schuckers' research focuses on processing and interpreting signals which arisefrom the human body. Her work is funded from various sources, including National Science Foundation, Department of Homeland Security, and private industry, among others. She has started her own business, testified for Congress, and has over 100 publications and several patents.