image replay attack – From whatis.com
Part of the Security threats and
countermeasures glossary:
An image replay
attack is the use of a picture to fool an authentication method.
Image replay
attacks are most commonly used by an attacker trying to gain entry to a system
protected by less-than-secure biometric authentication technology
implementations. The method has been used successfully against low-end
fingerscanners, iris scanners and facial recognition systems.
In the simplest
cases, image replay attacks involve a printed image of the subject used for authentication.
An attacker might, for example, present a picture of an authorized user to a
facial recognition system. Extra measures can be implemented in facial
recognition and iris scans to foil printed or static images, however; such
measures include requiring the user to wink, blink or speak.
More
sophisticated image replay attack methods may involve recorded video and audio
playback to defeat these measures. Methods of defeating these attacks exist as
well, however. Video and audio are typically out of sync to a detectable degree
when played back from a file. Security algorithms have been created to detect
the discrepancy and prevent these attacks.
Making
biometric authentication methods secure from image replay attacks can't rely on
the methods used to detect data replay attacks. (The opposite is also true.)
When security is important, it is advisable for administrators to be aware of
both attack methods and counter measures.
=======================================
In addition to this blog, I maintain a radio show on BlogtalkRadio and an online newsletter via paper.li.I have established Netiquette discussion groups with Linkedin and Yahoo. I am also a
member of the International Business Etiquette and Protocol Group and
Minding Manners among others. I regularly consult for the Gerson Lehrman
Group, a worldwide network of subject matter experts and I have been
contributing to the blogs Everything Email and emailmonday . My work has appeared in numerous publications and I have presented to groups such as The Breakfast Club of NJ and PSG of Mercer County, NJ.
I am the president of Tabula Rosa Systems,
a “best of breed” reseller of products for communications, email,
network management software, security products and professional
services. Also, I am the president of Netiquette IQ. We are currently developing an email IQ rating system, Netiquette IQ, which promotes the fundamentals outlined in my book.
Over the past twenty-five years, I have enjoyed a dynamic and successful career and have attained an extensive background in IT and electronic communications by selling and marketing within the information technology marketplace.Anyone who would like to review the book and have it posted on my blog or website, please contact me paul@netiquetteiq.com.
If you have not already done so, please view the trailer for my book below.
===============================================
No comments:
Post a Comment