• Login
    View Item 
    •   SMARTech Home
    • Georgia Tech Theses and Dissertations
    • Georgia Tech Theses and Dissertations
    • View Item
    •   SMARTech Home
    • Georgia Tech Theses and Dissertations
    • Georgia Tech Theses and Dissertations
    • View Item
    JavaScript is disabled for your browser. Some features of this site may not work without it.

    Security and Privacy in Biometrics-Based Systems

    Thumbnail
    View/Open
    UZUN-DISSERTATION-2021.pdf (7.338Mb)
    Date
    2021-07-30
    Author
    Uzun, Erkam
    Metadata
    Show full item record
    Abstract
    Advancement in deep learning (DL) based biometric identification and the proliferation of affordable sensors made biometrics pivotal players in authentication and surveillance systems. For instance, major companies (e.g., MasterCard, AliPay) already adopted facial/voice-based authentication as part of their security measures. Furthermore, governments and private sectors use biometric recognition for a broader impact, such as identifying and catching “person of interest”, targeted advertisement or border protection. While these technologies could have enormous impacts, existing biometric authentication and surveillance systems are vulnerable to several kinds of attacks, and also jeopardize the privacy of people's sensitive data. Although biometric-based systems offer superior usability and advantage for various use cases, they have to i) defend against different kinds of impersonation attacks and ii) protect the privacy of biometric data against adversaries. This dissertation aims to provide solutions to above challenges. First, I will present vulnerabilities against impersonation attacks in an authentication setting. Our study shows that many cloud-based audio/visual recognition systems (e.g., Amazon Rekognition) can be defeated by the crudest impersonations. Then, I will present our live biometric verification system, the Real Time Captcha (rtCaptcha), a practical approach that places a formidable computational burden on the attacker by combining dynamic, live detection with a randomized Captcha challenge for stronger security. Second, I will present our privacy-preserving remote biometric authentication system, Justitia, which makes DL-inferences of biometric data compatible with the standard privacy-preserving primitives, like fuzzy extractors. Justitia lets a remote server to authenticate a client without revealing the biometric data in cleartext in the process of enrollment and authentication. Finally, I will propose a fuzzy (labeled-) private set intersection (FLPSI) protocol for privacy-preserving biometric search. FLPSI is a secure computation protocol that allows a client to search a biometric data over a sensitive database without revealing the query and search results to the server.
    URI
    http://hdl.handle.net/1853/65081
    Collections
    • College of Computing Theses and Dissertations [1156]
    • Georgia Tech Theses and Dissertations [23403]

    Browse

    All of SMARTechCommunities & CollectionsDatesAuthorsTitlesSubjectsTypesThis CollectionDatesAuthorsTitlesSubjectsTypes

    My SMARTech

    Login

    Statistics

    View Usage StatisticsView Google Analytics Statistics
    facebook instagram twitter youtube
    • My Account
    • Contact us
    • Directory
    • Campus Map
    • Support/Give
    • Library Accessibility
      • About SMARTech
      • SMARTech Terms of Use
    Georgia Tech Library266 4th Street NW, Atlanta, GA 30332
    404.894.4500
    • Emergency Information
    • Legal and Privacy Information
    • Human Trafficking Notice
    • Accessibility
    • Accountability
    • Accreditation
    • Employment
    © 2020 Georgia Institute of Technology