Skip to main content

Running the experiments as given in paper: "On the Vulnerability of Palm Vein Recognition to Spoofing Attacks".

Project description

This package provides the source code to run the experiments published in the paper On the Vulnerability of Palm Vein Recognition to Spoofing Attacks. It relies on the PalmveinRecLib to execute the palmvein recognition experiments, and some satellite packages from Bob to compute the evaluation.


The installation of this package relies on the BuildOut system. By default, the command line sequence:

$ ./python
$ ./bin/buildout

should download and install all requirements, including the PalmveinRecLib, the database interface bob.db.verapalm, the Spoofing evaluation framework antispoofing.evaluation and all their required packages. There are a few exceptions, which are not automatically downloaded:


The face recognition experiments rely on the open source signal-processing and machine learning toolbox Bob. To install Bob, please visit and follow the installation instructions. Please verify that you have at least version 2.0 of Bob installed. If you have installed Bob in a non-standard directory, please open the buildout.cfg file from the base directory and set the prefixes directory accordingly.

Image Databases

The experiments are run on external image databases. We do not provide the images from the databases themselves. Hence, please contact the database owners to obtain a copy of the images. The two databases used in our experiments can be downloaded here:

Please let all other configuration parameters unchanged as this might influence the face recognition experiments and, hence, the reproducibility of the results.

Getting help

In case anything goes wrong, please feel free to open a new ticket in our GitLab page, or send an email to

Recreating the results of the Paper

After successfully setting up the databases, you are now able to run the palmvein recognition and spoofing attack experiments as explained in the Paper.

The experiment configuration

The palmvein recognition experiment are run using the bob.palmvein package, but for convenience there exists a wrapper script that set up the right parametrization for the call to the PalmveinRecLib. The configuration files that are used by the PalmveinRecLib, which contain all the parameters of the experiments, can be found in the bob.palmvein/bob/palmvein/configurations directory.

Running the experiments

This script can be found in bin/ It requires some command line options, which you can list using ./bin/ --help. Usually, the command line options have a long version (starting with --) and a shortcut (starting with a single -), here we use only the long versions:

  • --database: Specify the name of the databases to run experiments on. (default: verapalm).

  • --preprocessing: Specify the image preprocessing to run; the preprocessors will automatically assigned to the according experiment. Possible value is palmvein-preprocessor.

  • --features: Specify the features to run the experimetns. By default, the feature selected is the ‘lbp-linearbinarypatterns’ local binary patterns - LBP.

  • --tool: Specify the matcher to run the experimetns. By default, the match-lbp is selected.

  • --protocols: Specify a list of protocols that you want to run. Possible values are NOM50 and SpoofingAttack50. By default, all protocols are used.

  • --dry-run: Use this option to print the calls to the PalmveinRecLib without executing them.

  • --temp-directory: Specify a directory where temporary files will be stored (default: temp). This directory can be deleted after all experiments ran successfully.

  • --result-directory: Specify a directory where final result files will be stored (default: results). This directory is required to evaluate the experiments.

Additionally, you can pass options directly to the PalmveinRecLib, but you should do that with care. Simply use -- to separate options to the bin/ from options to the PalmveinRecLib. For example, the --force option might be of interest. See ./bin/ --help for a complete list of options.

It is advisable to use the --dry-run option before actually running the experiments, just to see that everything is correct. Also, the Info (2) verbosity level prints useful information, e.g., by adding the --verbose --verbose (or shortly -vv) on the command line. A commonly used command line sequence to execute the face recognition algorithm on both databases could be:

  1. Run the experiments on the VERA Palm database:

    $ ./bin/ -vv --databases verapalm

Evaluating the experiments

After all experiments have finished successfully, the resulting score files can be evaluated. For this, the bin/ script can be used to create a pdf file with the SFAR curves that are provided in the paper. See ./bin/ --help for a complete list of options. To replicate the results of the paper:

  • --dev-file: Specify the file of the scores file (4-column) containing the scores for the verification system, Normal Operation Mode (NOM) scenario.

  • --spoofing-file: The file of the scores file (4-column) containing the scores for the verification system, Spoofing Attack scenario.

  • --output-file: (Optional) Specify the name of the output pdf file.

  • --demandedplot: Specify the option to plotting the score distribution for licit and spoof scenario and threshold line and probability of success line.

Again, the most usual way to compute the resulting tables could be:

  1. Evaluate experiments on VERA:

    $ bin/ -vvv

Cite our paper

If you use the results in any of your contributions, please cite the following paper:

     author = {Tome, Pedro and Marcel, S{\'{e}}bastien},
   keywords = {Biometrics, Palm vein, Spoofing Attacks},
      month = may,
      title = {On the Vulnerability of Palm Vein Recognition to Spoofing Attacks},
  booktitle = {The 8th IAPR International Conference on Biometrics (ICB)},
       year = {2015},
   location = {Pucket, Thailand},
        url = {}

Project details

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution (33.7 kB view hashes)

Uploaded Source

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page