Handbook of Biometric Anti-Spoofing. Presentation Attack Detection and Vulnerability Assessment

Foreword
Preface
List of Reviewers
Contents
Contributors
Part I Fingerprint Biometrics
1 Introduction to Presentation Attack Detection in Fingerprint Biometrics
	1.1 Introduction
	1.2 Early Works in Fingerprint Presentation Attack Detection
	1.3 A Brief View on Where We Are
	1.4 Fingerprint Spoofing Databases
	1.5 Conclusions
	References
2 Vision Transformers for Fingerprint Presentation Attack Detection
	2.1 Introduction
	2.2 Related Works
	2.3 Software-Based Solutions for F-PAD
		2.3.1 Hand-crafted Texture-Based Solutions for F-PAD
		2.3.2 Deep-Learning-Based Solutions for F-PAD
	2.4 Data-Efficient Image Transformers (DeiT) for F-PAD
	2.5 Databases
		2.5.1 LivDet 2015 Database
		2.5.2 LivDet 2019 Database
		2.5.3 LivDet 2019 Database
	2.6 Experiments and Results
		2.6.1 Evaluation on LivDet 2015 Dataset with Multiple Known Classes (Combined Set) Training and Few Unknown Classes in Testing
		2.6.2 Evaluation on LivDet 2019 Dataset with Multiple Known Classes (combined Set) in Training and All Unknown Classes in Testing
		2.6.3 Analysis of Explainability
		2.6.4 LivDet 2019—Impact of Limited Seen Classes During Training and Sensor Interoperability
		2.6.5 Analysis of Explainability in True Unknown Data Setting
	2.7 Conclusion
	References
3 Review of the Fingerprint Liveness Detection (LivDet) Competition Series: From 2009 to 2021
	3.1 Introduction
	3.2 Fingerprint Presentation Attack Detection
	3.3 The Fingerprint Liveness Detection Competition
	3.4 Methods and Dataset
		3.4.1 Algorithms part
		3.4.2 LivDet Systems
		3.4.3 Performance Evaluation
	3.5 Examination of Results
		3.5.1 Non Consensual Verses Consensual data
		3.5.2 Materials Analysis
		3.5.3 LivDet Systems Results
	3.6 Conclusion
	References
4 A Unified Model for Fingerprint Authentication and Presentation Attack Detection
	4.1 Introduction
	4.2 Related Work
		4.2.1 Fingerprint Spoof Detection
		4.2.2 Fingerprint Matching
	4.3 Motivation
	4.4 Methodology
		4.4.1 DualHeadMobileNet (DHM)
		4.4.2 Joint Training
	4.5 Experiments and Results
		4.5.1 Datasets
		4.5.2 Comparison with State-of-the-art Methods
		4.5.3 Time and Memory
	4.6 Ablation Study
		4.6.1 Effect of Varying the Split Point
		4.6.2 Effect of Suppression
		4.6.3 Evaluation of Matching Feature Vectors
		4.6.4 Robustness to Network Architecture
		4.6.5 DHR
		4.6.6 DHI
	4.7 Failure Cases
		4.7.1 False Rejects
		4.7.2 False Accepts
	4.8 Implementation Details
	4.9 Conclusion
	References
Part II Iris Biometrics
5 Introduction to Presentation Attack Detection in Iris Biometrics and Recent Advances
	5.1 Introduction
	5.2 Vulnerabilities in Iris Biometrics
		5.2.1 Zero-effort Attacks
		5.2.2 Photo and Video Attacks
		5.2.3 Contact Lens Attacks
		5.2.4 Synthetic Eye Attacks
		5.2.5 Cadaver Eye Attacks
	5.3 Presentation Attack Detection Approaches
		5.3.1 Hardware-Based Approaches
		5.3.2 Software-Based Approaches
		5.3.3 Challenge–Response Approaches
	5.4 Integration with Iris Recognition Systems
	5.5 Conclusions
	References
6 Pupil Size Measurement and Application to Iris Presentation Attack Detection
	6.1 Introduction
	6.2 Database
		6.2.1 Acquisition
		6.2.2 Estimation of Pupil Size
		6.2.3 Noise and Missing Data
		6.2.4 Division of Data and Recognition Scenarios
	6.3 Parametric Model of Pupil Dynamics
	6.4 Data-Driven Models of Pupil Dynamics
		6.4.1 Variants of Recurrent Neural Networks
		6.4.2 Implementation and Hyperparameters
	6.5 Results
	6.6 Open-Hardware and Open-Source Pupil Size Measurement Device
		6.6.1 Brief Characteristics
		6.6.2 Related Works on Pupillometry
		6.6.3 Design
		6.6.4 Assembly Details
	6.7 Discussion
	References
7 Review of Iris Presentation Attack Detection Competitions
	7.1 Introduction
	7.2 Datasets
		7.2.1 LivDet-Iris 2013 Data
		7.2.2 LivDet-Iris 2015 Data
		7.2.3 LivDet-Iris 2017 Data
		7.2.4 LivDet-Iris 2020 Data
	7.3 Challenges
	7.4 Performance Evaluation
	7.5 Summary of LivDet-Iris Results
		7.5.1 Participants
		7.5.2 Trends in LivDet-Iris Across All Competitions
	7.6 Conclusions and Future of LivDet-Iris
	References
8 Intra and Cross-spectrum Iris Presentation Attack Detection in the NIR and Visible Domains
	8.1 Introduction
	8.2 Related Works
	8.3 Methodology
		8.3.1 Baseline: DenseNet
		8.3.2 Pixel-Wise Binary Supervision Network (PBS)
		8.3.3 Attention-Based PBS Network (A-PBS)
		8.3.4 Loss Function
		8.3.5 Implementation Details
	8.4 Experimental Evaluation
		8.4.1 Databases
		8.4.2 Evaluation Metrics
	8.5 Intra-Spectrum and Cross-Database Evaluation Results
		8.5.1 Iris PAD in the NIR Spectrum
		8.5.2 Iris PAD in the Visible Spectrum
	8.6 Cross-Spectrum Evaluation Results
	8.7 Visualization and Explainability
	8.8 Conclusion
	8.9 Glossary
	References
Part III Face Biometrics
9 Introduction to Presentation Attack Detection in Face Biometrics and Recent Advances
	9.1 Introduction
	9.2 Vulnerabilities in Face Biometrics
		9.2.1 Presentation Attack Methods
	9.3 Presentation Attack Detection
		9.3.1 Software-Based Face PAD
	9.4 Face Presentation Attacks Databases
	9.5 Integration with Face Recognition Systems
	9.6 Conclusion and Look Ahead on Face PAD
	References
10 Recent Progress on Face Presentation Attack Detection of 3D Mask Attack
	10.1 Background and Motivations
	10.2 Publicly Available Datasets and Experiments Evaluation Protocol
		10.2.1 Datasets
		10.2.2 Evaluation Protocols
	10.3 Methods
		10.3.1 Appearance-Based Approach
		10.3.2 Motion-Based Approach
		10.3.3 Remote-Photoplethysmography-Based Approach
	10.4 Experiments
		10.4.1 Intra-Dataset Evaluation
		10.4.2 Cross-Dataset Evaluation
	10.5 Discussion and Open Challenges
	References
11 Robust Face Presentation Attack Detection with Multi-channel Neural Networks
	11.1 Introduction
	11.2 Related Works
		11.2.1 RGB Only Approaches (Feature Based and CNNs)
		11.2.2 Multi-channel Methods
		11.2.3 Open Challenges in PAD
	11.3 PAD Approach
		11.3.1 Preprocessing
		11.3.2 Network Architectures for Multi-channel PAD
	11.4 Experiments
		11.4.1 Dataset: HQ-WMCA
		11.4.2 Protocols
		11.4.3 Metricsx
		11.4.4 Implementation Details
		11.4.5 Baselines
		11.4.6 Experiments and Results
		11.4.7 Computational Complexity
		11.4.8 Discussions
	11.5 Conclusions
	References
12 Review of Face Presentation Attack Detection Competitions
	12.1 Introduction
	12.2 Review of Recent Face PAD Competitions
		12.2.1 Multi-modal Face Anti-spoofing Attack Detection Challenge (CVPR2019)
		12.2.2 Cross-Ethnicity Face Anti-spoofing Recognition Challenge (CVPR2020)
		12.2.3 CelebA-Spoof Challenge on Face Anti-spoofing (ECCV2020)
		12.2.4 LivDet-Face 2021—Face Liveness Detection Competition (IJCB2021)
		12.2.5 3D High-Fidelity Mask Face Presentation Attack Detection Challenge (ICCV2021)
	12.3 Discussion
		12.3.1 General Observations
		12.3.2 Lessons Learnt
		12.3.3 Summary on Model Architectures
		12.3.4 Future Challenges
	12.4 Conclusions
	References
Part IV Voice Biometrics
13 Introduction to Voice Presentation Attack Detection and Recent Advances
	13.1 Introduction
	13.2 Basics of ASV Spoofing and Countermeasures
		13.2.1 Impersonation
		13.2.2 Replay
		13.2.3 Speech Synthesis
		13.2.4 Voice Conversion
	13.3 Summary of the Spoofing Challenges
		13.3.1 ASVspoof 2015
		13.3.2 ASVspoof 2017
		13.3.3 ASVspoof 2019
	13.4 Advances in Front-End Features
		13.4.1 Front Ends for Detection of Voice Conversion and Speech Synthesis Spoofing
		13.4.2 Front Ends for Replay Attack Detection
	13.5 Advances in Back-End Classifiers
		13.5.1 Generative Approaches
		13.5.2 Discriminative Approaches
	13.6 Other PAD Approaches
	13.7 Future Directions of Anti-spoofing Research
	13.8 Conclusion
	References
14 A One-class Model for Voice Replay Attack Detection
	14.1 Introduction
	14.2 PRAD: Dataset for Replay Analysis
	14.3 Distribution Analysis
		14.3.1 Data Preparation
		14.3.2 Analysis on Overall Distributions
		14.3.3 Analysis on Important Factors
		14.3.4 Analysis on Discrimination and Generalization
	14.4 Dataset Analysis
		14.4.1 ASVspoof 2019 Physical Access Dataset
		14.4.2 ASVspoof 2017 Dataset
		14.4.3 Cross Dataset Results
	14.5 One-Class Model
		14.5.1 Advocate One-Class Model
		14.5.2 Model Design
		14.5.3 Related Work
		14.5.4 Experiments
	14.6 Conclusions
	References
15 Generalizing Voice Presentation Attack Detection to Unseen Synthetic Attacks and Channel Variation
	15.1 Introduction
	15.2 Generalize to Unseen Synthetic Attacks
		15.2.1 One-Class Learning
		15.2.2 Experiments
		15.2.3 Discussions
	15.3 Generalize to Channel Variation
		15.3.1 Channel-Robust Strategies
		15.3.2 Experiments
		15.3.3 Discussions
	15.4 Conclusions and Future Directions
	15.5 Appendix
	References
Part V Other Biometrics and Multi-Biometrics
16 Introduction to Presentation Attacks in Signature Biometrics and Recent Advances
	16.1 Introduction
	16.2 Review of PAD in Signature Biometrics
	16.3 Presentation Attacks in Signature Biometrics
		16.3.1 Types of Presentation Attacks
		16.3.2 Synthetic Forgeries
	16.4 On-Line Signature Databases
		16.4.1 DeepSignDB
		16.4.2 SVC2021_EvalDB
	16.5 Experimental Work
		16.5.1 On-line Signature Verification System
		16.5.2 Experimental Protocol
		16.5.3 Experimental Results
	16.6 Conclusions
	References
17 Extensive Threat Analysis of Vein Attack Databases and Attack Detection by Fusion of Comparison Scores
	17.1 Introduction
	17.2 Attack Databases
	17.3 Threat Analysis
		17.3.1 Threat Evaluation Protocol
		17.3.2 Experimental Results
	17.4 Attack Detection Using Score Level Fusion
		17.4.1 Experimental Results
	17.5 Summary
	References
18 Fisher Vectors for Biometric Presentation Attack Detection
	18.1 Introduction
	18.2 Related Work
		18.2.1 Hardware-Based Approaches
		18.2.2 Software-Based PAD Approaches
	18.3 Generalisable FV-Based PAD Approach
		18.3.1 Reliable Features for Different Biometric Characteristics
		18.3.2 Fisher Vector Encoding
		18.3.3 Classification
	18.4 Experimental Set-up
		18.4.1 Databases
		18.4.2 Evaluation Metrics
	18.5 Experimental Results
		18.5.1 Detection of Known PAI Species
		18.5.2 Detection of Unknown PAI Species
		18.5.3 Cross-Database
		18.5.4 Common Feature Space Visualisation
	18.6 Conclusion
	References
19 Smartphone Multi-modal Biometric Presentation Attack Detection
	19.1 Introduction
	19.2 Related Work
		19.2.1 Features of the SWAN Multi-modal Biometric Dataset
	19.3 SWAN Multi-modal Biometric Dataset
		19.3.1 Database Acquisition
		19.3.2 SWAN Multi-modal Biometric Dataset
		19.3.3 SWAN-Presentation Attack Dataset
		19.3.4 Dataset Distribution
	19.4 Experimental Performance Evaluation Protocols
	19.5 Baseline Algorithms
		19.5.1 Biometric Verification
		19.5.2  Presentation Attack Detection Algorithms
	19.6 Experimental Results
		19.6.1 Biometric Verification Results
		19.6.2 Biometric Vulnerability Assessment
		19.6.3 Biometric PAD Results
	19.7 Conclusions
	References
Part VI Legal Aspects and Standards
20 Legal Aspects of Image Morphing and Manipulation Detection Technology
	20.1 Introduction
	20.2 Should Image Morphing and Image Manipulation Attack Detection (MAD) have a Legal Definition?
	20.3 Privacy and Data Protection Aspects of MAD
		20.3.1 The `Rule of Law\' and Legality
		20.3.2 Fairness
		20.3.3 Transparency
		20.3.4 Purpose Limitation and Legitimate Processing
		20.3.5 Human Oversight and Intervention
	20.4 Conclusion
21 Standards for Biometric Presentation Attack Detection
	21.1 Introduction
	21.2 International Standards Developed in ISO/IEC JTC
	21.3 Development of Presentation Attack Detection Standard ISO/IEC 30107
	21.4 Taxonomy for Presentation Attack Detection
	21.5 Data Formats
	21.6 Testing and Reporting
	21.7 Conclusion and Future Work
	References
Appendix  Glossary
Index