Presentation Material
Abstract
The research work reveals the methodologies that could be aided in checking the security of a Finger Print Scanner, Remotely and Locally.
Local Attack:
Finger print scanners read input using two methodologies:
- Optical scanner
- Capacitance scanner
Optical Scanner are most widely used ones and the main part of it are the CCD[charge coupled device ], these are simply an array of light-sensitive diodes called photosites, which generate an electrical signal in response to light photons. Each photosite records a pixel, a tiny dot representing the light that hit that spot. Collectively, the light and dark pixels form an image of the scanned finger print. By-passing these devices is possible by cloning the fingerprint of an employee when he tries to authenticate by placing a transparent less reflective plastic in front of the device. And later these clones could be modified by enlarging and modifying the extracted clone to fool the Bio-Metric Systems.
This above mentioned trick is practically not easy as the problems we would have to face would be the validation of the machine in order to differentiate between a real and valid image by checking the average pixel darkness, or the overall values in a small sample by rejecting the scan if the overall image is too dark or too light.
Capacitance Scanners work on the principle of capacitance and the above mentioned technique would not work on these systems. But there is a possibility of fooling the system by voluntarily cloning your finger print on a substance which has got body equivalent capacitance. Certain systems along with capacitance checks blood flow, temperature, and even simulate human sweat. Well that makes it hard to tamper but not impossible. A video on bypassing one such device on a typical model [Just capacitance] will also be shown
Remote Attack:
The biometric system, almost all runs with a remote administration module in the MIPS, which would be connected to network via the same switch, Man in the Middle attacks is always possible, and other attacks like: http://www.exploit-db.com/exploits/11822/ but the issue is of identifying these devices as normal network scans will only detect these as a Linux System. So I have built an Nmap script which could spot such devices on the network. The script works on the basis of internal databases of [banner and services] used by Biometric Hardware vendors, current list populates most used devices [India only]. A video or if possible, a real scenario would be demonstrated . And usage of my Nmap module would be explained.