{"id":"https://openalex.org/W4388958840","doi":"https://doi.org/10.1145/3605769.3623994","title":"BioLeak: Exploiting Cache Timing to Recover Fingerprint Minutiae Coordinates","display_name":"BioLeak: Exploiting Cache Timing to Recover Fingerprint Minutiae Coordinates","publication_year":2023,"publication_date":"2023-11-23","ids":{"openalex":"https://openalex.org/W4388958840","doi":"https://doi.org/10.1145/3605769.3623994"},"language":"en","primary_location":{"id":"doi:10.1145/3605769.3623994","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3605769.3623994","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3605769.3623994","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2023 Workshop on Attacks and Solutions in Hardware Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3605769.3623994","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5041184922","display_name":"Owen Pemberton","orcid":"https://orcid.org/0000-0003-3722-8263"},"institutions":[{"id":"https://openalex.org/I79619799","display_name":"University of Birmingham","ror":"https://ror.org/03angcq70","country_code":"GB","type":"education","lineage":["https://openalex.org/I79619799"]}],"countries":["GB"],"is_corresponding":true,"raw_author_name":"Owen Pemberton","raw_affiliation_strings":["University of Birmingham, Birmingham, United Kingdom"],"raw_orcid":"https://orcid.org/0000-0003-3722-8263","affiliations":[{"raw_affiliation_string":"University of Birmingham, Birmingham, United Kingdom","institution_ids":["https://openalex.org/I79619799"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5080836958","display_name":"David Oswald","orcid":"https://orcid.org/0000-0001-8524-5282"},"institutions":[{"id":"https://openalex.org/I79619799","display_name":"University of Birmingham","ror":"https://ror.org/03angcq70","country_code":"GB","type":"education","lineage":["https://openalex.org/I79619799"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"David Oswald","raw_affiliation_strings":["University of Birmingham, Birmingham, United Kingdom"],"raw_orcid":"https://orcid.org/0000-0001-8524-5282","affiliations":[{"raw_affiliation_string":"University of Birmingham, Birmingham, United Kingdom","institution_ids":["https://openalex.org/I79619799"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5041184922"],"corresponding_institution_ids":["https://openalex.org/I79619799"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":true,"cited_by_count":0,"citation_normalized_percentile":{"value":0.27068365,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"61","last_page":"72"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9975000023841858,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9973999857902527,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/minutiae","display_name":"Minutiae","score":0.9515109062194824},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8616770505905151},{"id":"https://openalex.org/keywords/biometrics","display_name":"Biometrics","score":0.7970322966575623},{"id":"https://openalex.org/keywords/fingerprint","display_name":"Fingerprint (computing)","score":0.7539704442024231},{"id":"https://openalex.org/keywords/authentication","display_name":"Authentication (law)","score":0.5675209164619446},{"id":"https://openalex.org/keywords/cache","display_name":"Cache","score":0.5299870371818542},{"id":"https://openalex.org/keywords/fingerprint-recognition","display_name":"Fingerprint recognition","score":0.5249994993209839},{"id":"https://openalex.org/keywords/side-channel-attack","display_name":"Side channel attack","score":0.5018885135650635},{"id":"https://openalex.org/keywords/nist","display_name":"NIST","score":0.44911468029022217},{"id":"https://openalex.org/keywords/information-leakage","display_name":"Information leakage","score":0.42940741777420044},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4262572228908539},{"id":"https://openalex.org/keywords/cryptography","display_name":"Cryptography","score":0.40759819746017456},{"id":"https://openalex.org/keywords/embedded-system","display_name":"Embedded system","score":0.3474223017692566},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.3321475088596344},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.3273656368255615},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.1698942482471466},{"id":"https://openalex.org/keywords/speech-recognition","display_name":"Speech recognition","score":0.11337879300117493}],"concepts":[{"id":"https://openalex.org/C67174900","wikidata":"https://www.wikidata.org/wiki/Q178022","display_name":"Minutiae","level":4,"score":0.9515109062194824},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8616770505905151},{"id":"https://openalex.org/C184297639","wikidata":"https://www.wikidata.org/wiki/Q177765","display_name":"Biometrics","level":2,"score":0.7970322966575623},{"id":"https://openalex.org/C2777826928","wikidata":"https://www.wikidata.org/wiki/Q3745713","display_name":"Fingerprint (computing)","level":2,"score":0.7539704442024231},{"id":"https://openalex.org/C148417208","wikidata":"https://www.wikidata.org/wiki/Q4825882","display_name":"Authentication (law)","level":2,"score":0.5675209164619446},{"id":"https://openalex.org/C115537543","wikidata":"https://www.wikidata.org/wiki/Q165596","display_name":"Cache","level":2,"score":0.5299870371818542},{"id":"https://openalex.org/C168406668","wikidata":"https://www.wikidata.org/wiki/Q178022","display_name":"Fingerprint recognition","level":3,"score":0.5249994993209839},{"id":"https://openalex.org/C49289754","wikidata":"https://www.wikidata.org/wiki/Q2267081","display_name":"Side channel attack","level":3,"score":0.5018885135650635},{"id":"https://openalex.org/C111219384","wikidata":"https://www.wikidata.org/wiki/Q6954384","display_name":"NIST","level":2,"score":0.44911468029022217},{"id":"https://openalex.org/C2779201187","wikidata":"https://www.wikidata.org/wiki/Q2775060","display_name":"Information leakage","level":2,"score":0.42940741777420044},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4262572228908539},{"id":"https://openalex.org/C178489894","wikidata":"https://www.wikidata.org/wiki/Q8789","display_name":"Cryptography","level":2,"score":0.40759819746017456},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.3474223017692566},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.3321475088596344},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.3273656368255615},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.1698942482471466},{"id":"https://openalex.org/C28490314","wikidata":"https://www.wikidata.org/wiki/Q189436","display_name":"Speech recognition","level":1,"score":0.11337879300117493}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/3605769.3623994","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3605769.3623994","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3605769.3623994","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2023 Workshop on Attacks and Solutions in Hardware Security","raw_type":"proceedings-article"},{"id":"pmh:oai:pure.atira.dk:publications/f49865ec-d6be-427b-a90c-184c9ffbcbaf","is_oa":true,"landing_page_url":"https://research.birmingham.ac.uk/en/publications/f49865ec-d6be-427b-a90c-184c9ffbcbaf","pdf_url":null,"source":{"id":"https://openalex.org/S4306402634","display_name":"University of Birmingham Research Portal (University of Birmingham)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I79619799","host_organization_name":"University of Birmingham","host_organization_lineage":["https://openalex.org/I79619799"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Pemberton , O & Oswald , D 2023 , BioLeak : Exploiting Cache Timing to Recover Fingerprint Minutiae Coordinates . in ASHES '23 : Proceedings of the 2023 Workshop on Attacks and Solutions in Hardware Security . CCS: Computer and Communications Security , Association for Computing Machinery (ACM) , pp. 61\u201372 , 2023 Workshop on Attacks and Solutions in Hardware Security (ASHES \u201923) , Copenhagen , Denmark , 30/11/23 . https://doi.org/10.1145/3605769.3623994","raw_type":"contributionToPeriodical"}],"best_oa_location":{"id":"doi:10.1145/3605769.3623994","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3605769.3623994","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3605769.3623994","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2023 Workshop on Attacks and Solutions in Hardware Security","raw_type":"proceedings-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G8682795926","display_name":null,"funder_award_id":"EP/R007128/1","funder_id":"https://openalex.org/F4320334627","funder_display_name":"Engineering and Physical Sciences Research Council"}],"funders":[{"id":"https://openalex.org/F4320334627","display_name":"Engineering and Physical Sciences Research Council","ror":"https://ror.org/0439y7842"}],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4388958840.pdf","grobid_xml":"https://content.openalex.org/works/W4388958840.grobid-xml"},"referenced_works_count":9,"referenced_works":["https://openalex.org/W1986932271","https://openalex.org/W2160367574","https://openalex.org/W2172060328","https://openalex.org/W2337480911","https://openalex.org/W2539728774","https://openalex.org/W2559892799","https://openalex.org/W2947103291","https://openalex.org/W2962832225","https://openalex.org/W4285226730"],"related_works":["https://openalex.org/W3020860861","https://openalex.org/W2566091814","https://openalex.org/W2168192382","https://openalex.org/W2006639920","https://openalex.org/W2618005569","https://openalex.org/W4224058721","https://openalex.org/W3042979629","https://openalex.org/W1991274027","https://openalex.org/W2020992254","https://openalex.org/W1518260493"],"abstract_inverted_index":{"The":[0],"wide":[1],"deployment":[2],"of":[3,131],"biometric":[4,70,153,164],"authentication":[5,102],"and":[6,13,52,63,155],"particularly":[7],"fingerprint":[8,80,101],"matching":[9],"on":[10,50,60,68,162],"mobile":[11],"devices":[12],"laptops":[14],"raises":[15],"the":[16,78,98],"question":[17],"about":[18],"their":[19,29,46],"security.":[20],"While":[21],"respective":[22],"algorithms":[23,71,165],"have":[24],"been":[25,43],"extensively":[26],"analysed":[27],"regarding":[28],"ability":[30],"to":[31,45,76,104,116,133],"correctly":[32],"identify":[33,105],"a":[34,73,84,109,137,150],"specific":[35],"individual":[36],"(and":[37],"reject":[38],"others),":[39],"little":[40],"attention":[41],"has":[42],"paid":[44],"secure":[47],"implementation,":[48],"especially":[49],"multi-user":[51],"multi-process":[53],"systems.":[54],"In":[55],"this":[56,61],"paper,":[57],"we":[58,89],"focus":[59],"aspect":[62],"show":[64],"that":[65,94,144],"cache":[66,139],"attacks":[67],"real-world":[69],"are":[72],"viable":[74],"way":[75],"extract":[77],"user's":[79],"minutiae":[81,118,135],"coordinates":[82],"using":[83],"single":[85,138],"side-channel":[86,147],"trace.":[87,140],"Specifically,":[88],"analyse":[90],"NIST's":[91],"MindTCT":[92],"library":[93],"is":[95,146],"used":[96,152],"by":[97],"Linux":[99],"fprintd":[100],"system":[103],"suitable":[106],"addresses":[107],"for":[108],"Flush+Reload":[110],"attack,":[111],"then":[112],"devise":[113],"post-processing":[114],"techniques":[115],"recover":[117,134],"information.":[119],"Using":[120],"1000":[121],"synthetic":[122],"test":[123],"fingerprints,":[124],"our":[125],"method":[126],"succeeds":[127],"in":[128],"approximately":[129],"9%":[130],"cases":[132],"from":[136,149],"Our":[141],"work":[142],"proves":[143],"there":[145],"leakage":[148],"widely":[151],"algorithm":[154],"therefore":[156],"more":[157],"research":[158],"should":[159],"be":[160],"performed":[161],"hardening":[163],"against":[166],"such":[167],"attacks.":[168]},"counts_by_year":[],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}