Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

EMPalm: Exfiltrating Palm Biometric Data via Electromagnetic Side-Channels

Haowen Xu, Tianya Zhao, Xuyu Wang, Lei Ma, Jun Dai, Alexander Wyglinski, Xiaoyan Sun

TL;DR

The paper identifies EM side-channel leakage in palms-based recognition systems and presents EMPalm, an end-to-end attack that reconstructs palmprint and palmvein images from EM emissions. The method combines EM band localization, dual-modal signal disentanglement, multi-band fusion, and diffusion-based restoration to produce high-fidelity biometric reconstructions across devices. It demonstrates substantial spoofing success (average SSR ~65.3%) and strong image quality (SSIM up to 0.79, PSNR up to 29.88 dB, FID as low as 6.82) for both single- and dual-modal palm systems. The findings emphasize practical security risks in palm biometrics and advocate hardware shielding, protocol redesign, and multi-factor authentication as multi-layer defenses against EM-based exfiltration of biometric data.

Abstract

Palm recognition has emerged as a dominant biometric authentication technology in critical infrastructure. These systems operate in either single-modal form, using palmprint or palmvein individually, or dual-modal form, fusing the two modalities. Despite this diversity, they share similar hardware architectures that inadvertently emit electromagnetic (EM) signals during operation. Our research reveals that these EM emissions leak palm biometric information, motivating us to develop EMPalm--an attack framework that covertly recovers both palmprint and palmvein images from eavesdropped EM signals. Specifically, we first separate the interleaved transmissions of the two modalities, identify and combine their informative frequency bands, and reconstruct the images. To further enhance fidelity, we employ a diffusion model to restore fine-grained biometric features unique to each domain. Evaluations on seven prototype and two commercial palm acquisition devices show that EMPalm can recover palm biometric information with high visual fidelity, achieving SSIM scores up to 0.79, PSNR up to 29.88 dB, and FID scores as low as 6.82 across all tested devices, metrics that collectively demonstrate strong structural similarity, high signal quality, and low perceptual discrepancy. To assess the practical implications of the attack, we further evaluate it against four state-of-the-art palm recognition models, achieving a model-wise average spoofing success rate of 65.30% over 6,000 samples from 100 distinct users.

EMPalm: Exfiltrating Palm Biometric Data via Electromagnetic Side-Channels

TL;DR

The paper identifies EM side-channel leakage in palms-based recognition systems and presents EMPalm, an end-to-end attack that reconstructs palmprint and palmvein images from EM emissions. The method combines EM band localization, dual-modal signal disentanglement, multi-band fusion, and diffusion-based restoration to produce high-fidelity biometric reconstructions across devices. It demonstrates substantial spoofing success (average SSR ~65.3%) and strong image quality (SSIM up to 0.79, PSNR up to 29.88 dB, FID as low as 6.82) for both single- and dual-modal palm systems. The findings emphasize practical security risks in palm biometrics and advocate hardware shielding, protocol redesign, and multi-factor authentication as multi-layer defenses against EM-based exfiltration of biometric data.

Abstract

Palm recognition has emerged as a dominant biometric authentication technology in critical infrastructure. These systems operate in either single-modal form, using palmprint or palmvein individually, or dual-modal form, fusing the two modalities. Despite this diversity, they share similar hardware architectures that inadvertently emit electromagnetic (EM) signals during operation. Our research reveals that these EM emissions leak palm biometric information, motivating us to develop EMPalm--an attack framework that covertly recovers both palmprint and palmvein images from eavesdropped EM signals. Specifically, we first separate the interleaved transmissions of the two modalities, identify and combine their informative frequency bands, and reconstruct the images. To further enhance fidelity, we employ a diffusion model to restore fine-grained biometric features unique to each domain. Evaluations on seven prototype and two commercial palm acquisition devices show that EMPalm can recover palm biometric information with high visual fidelity, achieving SSIM scores up to 0.79, PSNR up to 29.88 dB, and FID scores as low as 6.82 across all tested devices, metrics that collectively demonstrate strong structural similarity, high signal quality, and low perceptual discrepancy. To assess the practical implications of the attack, we further evaluate it against four state-of-the-art palm recognition models, achieving a model-wise average spoofing success rate of 65.30% over 6,000 samples from 100 distinct users.

Paper Structure

This paper contains 23 sections, 18 equations, 16 figures, 6 tables, 1 algorithm.

Table of Contents

  1. Introduction
  2. Preliminaries
  3. Palm Recognition
  4. Image Transmission Principles
  5. Motivation and Threat Model
  6. Motivation of EMPalm
  7. Threat Model
  8. Attack Design
  9. EM Leakage Bands Localization
  10. Dual-Modal Image Reconstruction
  11. Multi-band Image Combination
  12. Diffusion-based Palm Restoration
  13. Evaluation
  14. Experimental Setup
  15. Effectiveness Evaluation
  16. ...and 8 more sections

Figures (16)

  • Figure 1: Attack scenario of EMPalm.
  • Figure 2: Workflow of palm recognition systems.
  • Figure 3: System design of Dual-modal palm recognition.
  • Figure 4: EM leakage in MIPI CSI-2 image transmission. (a) CSI-2 data organization. (b) Frame-level and Line-level transmission's EM leakage.
  • Figure 5: Overview of EMPalm.
  • ...and 11 more figures