NDSS 2025 – EMIRIS: Eavesdropping On Iris Information Via Electromagnetic Side Channel
研究人员发现基于近红外传感器的虹膜识别系统存在电磁侧信道漏洞,攻击者可利用电磁信号窃取用户的虹膜信息并生成虹膜图像,实验表明该方法对常见虹膜识别模型的成功率为53.47%。
2026-1-11 16:0:0
Author: securityboulevard.com(查看原文)
阅读量:3
收藏
Authors, Creators & Presenters: Wenhao Li (Shandong University), Jiahao Wang (Shandong University), Guoming Zhang (Shandong University), Yanni Yang (Shandong University), Riccardo Spolaor (Shandong University), Xiuzhen Cheng (Shandong University), Pengfei Hu (Shandong University)
PAPER
EMIRIS: Eavesdropping On Iris Information Via Electromagnetic Side Channel
Iris recognition is one of the most secure biometric methods due to the uniqueness and stability of iris patterns, as well as their resistance to forgery. Consequently, it is frequently used in high-security authentication scenarios. However, systems using Near-Infrared (NIR) sensors may expose the iris information of users, leading to significant privacy risks. Our research found that the electromagnetic (EM) emissions generated during data transmission of NIR sensors are closely related to iris data. Based on this observation, we propose EMIRIS, a method for reconstructing the iris information using EM side channels. By deconstructing the digital signal transmission format of the NIR sensors and the mapping mechanism of the iris data matrix, we can reconstruct iris information from EM signals and convert it into iris images. To improve the quality of the reconstructed iris, we model the denoising and restoration of iris texture details as a linear inverse problem and tailor a diffusion model to solve it. Extensive experimental evaluations show that EMIRIS can effectively reconstruct iris information from commercial iris recognition devices, achieving an average SSIM of 0.511 and an average FID of 7.25. Even more concerning, these reconstructed irises can effectively spoof the classical iris recognition model with an average success rate of 53.47% on more than 3,000 iris samples from 50 different users.
ABOUT NDSS
The Network and Distributed System Security Symposium (NDSS) fosters information exchange among researchers and practitioners of network and distributed system security. The target audience includes those interested in practical aspects of network and distributed system security, with a focus on actual system design and implementation. A major goal is to encourage and enable the Internet community to apply, deploy, and advance the state of available security technologies.
Our thanks to the **[Network and Distributed System Security (NDSS) Symposium][1]** for publishing their Creators, Authors and Presenter’s superb **[NDSS Symposium 2025 Conference][2]** content on the **[organization’s’][1]** **[YouTube][3]** channel.
