International Research Journal of Innovations in Engineering and Technology - IRJIET International Open Access, Monthly, Peer Reviewed, Reputed Journal ISSN (online): 2581-3048

Impact Factor (2025): 6.9

DOI Prefix: 10.47001/IRJIET

AI-driven Biometric Authentication: Security and Vulnerabilities

Abstract

Artificial intelligence (AI) has revolutionized biometric authentication by significantly improving identification accuracy and operational efficiency. Contemporary systems integrate machine learning and deep learning methods to enhance traditional biometric methods such as fingerprint, face, iris, and voice recognition. Despite these advancements, the increased complexity of AI-driven technology introduces critical security concerns. Malicious actors can exploit vulnerabilities inherent to data collection, model training, and system deployment, giving rise to adversarial attacks, data poisoning, and privacy breaches. This paper examines these challenges, drawing on existing literature to identify gaps and propose more secure and robust solutions. The overarching goal is to ensure that AI-driven biometric systems retain their heightened performance while effectively countering emergent threats.

Country : India

1 Karthik Kamarapu2 Kali Rama Krishna Vucha

  1. Independent Researcher, Osmania University, Hyderabad, India
  2. Independent Researcher, Acharya Nagarjuna University, India

IRJIET, Volume 9, Issue 3, March 2025 pp. 110-116

doi.org/10.47001/IRJIET/2025.903014

Full Paper
Download

References

  1. Schneier, B. (2019). We Have Root: Even More Advice from Schneier on Security. John Wiley & Sons.
  2. Uludag, U., Pankanti, S., Jain, A. K., & Prabhakar, S. (2004). Biometric cryptosystems: issues and challenges. Proceedings of the IEEE, 92(6), 948-960.
  3. Lecun, Y., Bengio, Y., & Hinton, G. (2015). Deep learning. Nature, 521(7553), 436-444.
  4. Yuan, X., He, P., Zhu, Q., & Li, X. (2019). Adversarial examples: Attacks and defenses for deep learning. IEEE transactions on neural networks and learning systems, 30(9), 2805-2824.
  5. Xu, H., Ma, Y., Liu, H., Deb, D., Liu, H., Jain, A. K., & Tang, J. (2020). Adversarial attacks and defenses in images, graphs and text: A review. International Journal of Automation and Computing, 17, 151-178.
  6. Martini, B., & Choo, K.-K. R. (2013). Cloud storage forensics: own Cloud as a case study. Digital Investigation, 10(4), 287-299.
  7. Parkhi, O. M., Vedaldi, A., & Zisserman, A. (2015). Deep face recognition. British Machine Vision Conference.
  8. He, K., Zhang, X., Ren, S., & Sun, J. (2016). Deep residual learning for image recognition. IEEE Conference on Computer Vision and Pattern Recognition, 770-778.
  9. Biggio, B., & Roli, F. (2018). Wild patterns: Ten years after the rise of adversarial machine learning. Pattern Recognition, 84, 317-331.
  10. Engelsma, J. J., & Jain, A. K. (2021). Generalizing fingerprint spoof detector: Learning a one-class classifier. IEEE Transactions on Information Forensics and Security, 16, 3619-3634.
  11. Nguyen, K., & Bowyer, K. W. (2012). Analysis of iris images acquired under less constrained conditions for recognition reliability and iris aging. IEEE Transactions on Information Forensics and Security, 7(3), 966-973.
  12. Papernot, N., McDaniel, P., & Goodfellow, I. (2016). Transferability in machine learning: from phenomena to black-box attacks using adversarial samples. arXiv preprint arXiv:1605.07277.
  13. Voigt, P., & Von dem Bussche, A. (2017). The EU General Data Protection Regulation (GDPR): A Practical Guide. Springer International Publishing.
  14. Jain, A. K., & Shanbhag, D. (2012). Addressing security and privacy risks in mobile applications. IT Professional, 14(5), 28-33.
  15. Moraldo, M., & Ross, A. (2015). A Survey of Biometric Recognition in Private Environments. IEEE Access, 3, 1206-1230.
  16. Ross, A., Jain, A. K., & Reisman, J. (2020). A multimodal biometric system using face and speech. In Multibiometrics for Human Identification (pp. 35-50). Springer.
  17. Li, S. Z., & Jain, A. K. (2011). Handbook of face recognition. Springer.
  18. Sanderson, C., & Paliwal, K. K. (2003). Information fusion and person verification using speech and face information. Research Paper IDIAP-RR 02-33.
  19. Kurakin, A., Goodfellow, I., & Bengio, S. (2017). Adversarial examples in the physical world. arXiv preprint arXiv:1607.02533.
  20. Carlini, N., & Wagner, D. (2017). Towards evaluating the robustness of neural networks. IEEE Symposium on Security and Privacy.
  21. Tramèr, F., Kurakin, A., Papernot, N., Goodfellow, I., Boneh, D., & McDaniel, P. (2018). Ensemble adversarial training: Attacks and defenses. International Conference on Learning Representations.
  22. Chen, B., Carnerero-Cano, J., & Pfister, T. (2019). Mitigating data poisoning attacks in neural network training. AI Security Workshop.
  23. Peri, N., Gupta, N., & Wei, J. (2019). Deep k-NN defense against data poisoning attacks. IEEE Symposium on Security and Privacy.
  24. Liu, Y., Ma, S., Aafer, Y., Lee, W.-C., Zhai, J., Wang, W., & Zhang, X. (2018). Trojaning attack on neural networks. NDSS.
  25. Fredrikson, M., Jha, S., &Ristenpart, T. (2015). Model inversion attacks that exploit confidence information and basic countermeasures. ACM CCS, 1322-1333.
  26. Abadi, M., Chu, A., Goodfellow, I., McMahan, H. B., Mironov, I., Talwar, K., & Zhang, L. (2016). Deep learning with differential privacy. ACM CCS, 308-318.
  27. Shokri, R., & Shmatikov, V. (2015). Privacy-preserving deep learning. ACM CCS, 1310-1321.
  28. Komulainen, J., Hadid, A., & Pietikäinen, M. (2013). Context based face anti-spoofing. IEEE Sixth International Conference on Biometrics: Theory, Applications and Systems.
  29. Derawi, M. O., & Bours, P. (2013). Gait and ECG biometrics for identity verification. Journal of Computing and Security, 32, 101-111.
  30. Finn, R. L., Wright, D., &Friedewald, M. (2013). Seven types of privacy. In European data protection: Coming of age (pp. 3-32). Springer.
  31. Daugman, J. (2009). How iris recognition works. In The essential guide to image processing (pp. 715-739). Academic Press.
  32. Sadeghi, A.-R., Wachsmann, C., & Waidner, M. (2015). Security and privacy challenges in industrial internet of things. Proceedings of the 52nd ACM/EDAC/IEEE Design Automation Conference.
  33. Latif, R., Abbas, H., & Malik, S. U. R. (2022). A distributed approach to IoT security using AI-driven intrusion detection. IEEE Consumer Electronics Magazine.
  34. Biggio, B., Fumera, G., & Roli, F. (2014). Security evaluation of pattern classifiers under attack. IEEE transactions on knowledge and data engineering, 26(4), 984-996.

Copyright @ 2026-2017 IRJIET. All Right Reserved.

Developed by Byzero Technologies