*Propose a new approach for biometric authentication*
With the research done so far, we figured out that as convenient as it seems, the use of biometrics could impose larger security threats as compared to a passphrase or a token.
However, this does not mean that the use of biometrics is useless. Our main objective is to propose a new approach to secure biometric authentication.
We hope to achieve this by focusing on processes like feature extraction, unique feature identification, unique value generation and improving the ability to withstand attacks.
**Main Research Problem**
Today, biometrics play a vital role in the authentication processes to ensure security.
However, the “open” nature of these types of data makes it vulnerable against typical processing attacks.
The fact that biometric data is irreplaceable and is not secret, makes the issue of the integrity of this data extremely critical.
The biggest issue surrounding biometric authentication technologies is that once the biometric data has been compromised, there is no way to undo the damage done.
Moreover, the database that stores the reference templates could be hijacked.
If unauthorized access is obtained to this database, the templates could be deleted or replaced.
Furthermore, the attacker could use Trojan Horse attacks to change the behavior of the authentication process, thereby compromising the integrity.
However, it is important to note that biometrics are an extremely convenient method of authenticating oneself.
Therefore, instead of replacing biometric authentication, it would be efficient to have a solution that would improve the current state and make the authentication process much more secure.
It would be ideal to have a solution that not only focuses on enhancing the biometric authentication process, but also focus on possible attacks that could compromise the solution like masquerading attacks and Trojan Horse attacks.
**Individual Research Questions**
*Shahan A. R. M. (IT18035940)*
How to protect the proposed solution from spoofing / tracing attacks?
*Shamry M. N. M. (IT18123296)*
How to secure biometrics even if it gets compromised?
*M. W. D. S. De Silva (IT18133646)*
How to protect the authentication process from Trojan Horse attacks?
*Karunathilake K. K. H. (IT18152456)*
How to generate a secure biometric authentication process?
**Individual Objectives**
*Shahan A. R. M. (IT18035940)*
To detect and avoid tracing / spoofing attacks made on fingerprint sensor.
*Shamry M. N. M. (IT18123296)*
To securely store minutiae points data.
*M. W. D. S. De Silva (IT18133646)*
To protect the authentication process from Trojan Horse attacks.
*Karunathilake K. K. H. (IT18152456)*
To enhance the authentication process in a way such that compromised biometrics will have no effect on it
