Search Icon
Register

FakeGuard: Exploring Haptic Response to Mitigate the Vulnerability in Commercial Fingerprint Anti-Spoofing

Aditya Singh Rathore (University at Buffalo, SUNY), Yijie Shen (Zhejiang University), Chenhan Xu (University at Buffalo, SUNY), Jacob Snyderman (University at Buffalo, SUNY), Jinsong Han (Zhejiang University), Fan Zhang (Zhejiang University), Zhengxiong Li (University of Colorado Denver), Feng Lin (Zhejiang University), Wenyao Xu (University at Buffalo, SUNY), Kui Ren (Zhejiang University)

How to defend against presentation attacks via artificial fake fingers is a core challenge in fingerprint biometrics. The trade-off among security, usability, and production cost has driven researchers to reach a common standpoint, i.e., integrate the commercial fingerprint technology with anti-spoofing detection (e.g., ridge traits). These anti-spoofing solutions are perceived as sufficiently resilient under the assumption that a fake finger can never closely relate to a live finger due to either composition of spoofing materials or non-automated manufacturing errors. In this paper, we first identify the vulnerability of in-practice anti-spoofing solutions in commercial fingerprint products. Instead of using expensive 3D fake fingers (above USD $1000), we mimic a more realistic scenario where an attacker fabricates high-precision fake fingerprints using low-cost polyvinylacetate materials (less than USD $50). Building on this, we introduce a practical and secure countermeasure, namely FakeGuard, to overcome the exposed vulnerability. We examine the nature of 3D haptic response effect that arises when a fingertip epidermis interacts with a tactile surface and reflects the disparate anatomy of live and fake fingers. Unlike the previous mitigation strategies, FakeGuard offers both hardware and software compatibility with existing fingerprint scanners. As the first exploration of haptic-based anti-spoofing solution, we demonstrate the capability of FakeGuard to prevent known and unknown fake finger attacks with an average detection error of 1.4%. We also examine and prove FakeGuard resilience against seven different physical attacks, e.g., brute-force through pressure variations or partial fingerprints, haptic response alteration via advanced spoofing materials or side-channel interference, and denial-of-service attacks by manipulating the moisture, lighting, and temperature of the ambient environment.

Paper
Video

View More Papers

coucouArray ( [post_type] => ndss-paper [post_status] => publish [posts_per_page] => 4 [orderby] => rand [tax_query] => Array ( [0] => Array ( [taxonomy] => category [field] => id [terms] => Array ( [0] => 55 ) ) ) [post__not_in] => Array ( [0] => 8522 ) )

MIRROR: Model Inversion for Deep LearningNetwork with High Fidelity

Shengwei An (Purdue University), Guanhong Tao (Purdue University), Qiuling Xu (Purdue University), Yingqi Liu (Purdue University), Guangyu Shen (Purdue University); Yuan Yao (Nanjing University), Jingwei Xu (Nanjing University), Xiangyu Zhang (Purdue University)

Read More

Analyzing and Creating Malicious URLs: A Comparative Study on...

Vincent Drury (IT-Security Research Group, RWTH Aachen University), Rene Roepke (Learning Technologies Research Group, RWTH Aachen University), Ulrik Schroeder (Learning Technologies Research Group, RWTH Aachen University), Ulrike Meyer (IT-Security Research Group, RWTH Aachen University)

Read More

Problematic Content in Online Ads

Franzisca Roesner (University of Washington)

Read More

DRAWN APART: A Device Identification Technique based on Remote...

Tomer Laor (Ben-Gurion Univ. of the Negev), Naif Mehanna (Univ. Lille, CNRS, Inria), Antonin Durey (Univ. Lille, CNRS, Inria), Vitaly Dyadyuk (Ben-Gurion Univ. of the Negev), Pierre Laperdrix (Univ. Lille, CNRS, Inria), Clémentine Maurice (Univ. Lille, CNRS, Inria), Yossi Oren (Ben-Gurion Univ. of the Negev), Romain Rouvoy (Univ. Lille, CNRS, Inria / IUF), Walter Rudametkin…

Read More

Privacy Starts with UI: Privacy Patterns and Designer Perspectives in UI/UX Practice

Anxhela Maloku (Technical University of Munich), Alexandra Klymenko (Technical University of Munich), Stephen Meisenbacher (Technical University of Munich), Florian Matthes (Technical University of Munich)

Vision: Profiling Human Attackers: Personality and Behavioral Patterns in Deceptive Multi-Stage CTF Challenges

Khalid Alasiri (School of Computing and Augmented Intelligence Arizona State University), Rakibul Hasan (School of Computing and Augmented Intelligence Arizona State University)

From Underground to Mainstream Marketplaces: Measuring AI-Enabled NSFW Deepfakes on Fiverr

Mohamed Moustafa Dawoud (University of California, Santa Cruz), Alejandro Cuevas (Princeton University), Ram Sundara Raman (University of California, Santa Cruz)