Hill-Climbing and Brute-Force Attacks on Biometric Systems: A Case Study in Match-on-Card Fingerprint Verification

Abstract

In this paper, we study the robustness of state-of-the-art automatic fingerprint verification systems against hill climbing and brute-force attacks. We compare the performance of this type of attacks against two different minutiae-based systems, the NIST Fingerprint Image Software 2 (NFIS2) reference system and a Match-on-Card based system. In order to study their success rate, the attacks are analyzed and modified in each scenario. We focus on the influence of initial conditions in hill-climbing attacks, like the number of minutiae in the synthetically generated templates or the performance of each type of modification in the template. We demonstrate how slight modifications in the hill-climbing algorithm lead to very different success rates