Universal Adversarial Spoofing Attacks against Face Recognition
Autor: | Kazuya Kakizaki, Takuma Amada, Toshinori Araki, Seng Pei Liew |
---|---|
Jazyk: | angličtina |
Rok vydání: | 2021 |
Předmět: |
FOS: Computer and information sciences
Computer Science - Machine Learning Spoofing attack Computer Science - Cryptography and Security Pixel Artificial neural network Computer science business.industry Computer Vision and Pattern Recognition (cs.CV) Computer Science - Computer Vision and Pattern Recognition Pattern recognition Facial recognition system Machine Learning (cs.LG) Image (mathematics) Face (geometry) Feature (machine learning) Artificial intelligence Representation (mathematics) business Cryptography and Security (cs.CR) |
Popis: | We assess the vulnerabilities of deep face recognition systems for images that falsify/spoof multiple identities simultaneously. We demonstrate that, by manipulating the deep feature representation extracted from a face image via imperceptibly small perturbations added at the pixel level using our proposed Universal Adversarial Spoofing Examples (UAXs), one can fool a face verification system into recognizing that the face image belongs to multiple different identities with a high success rate. One characteristic of the UAXs crafted with our method is that they are universal (identity-agnostic); they are successful even against identities not known in advance. For a certain deep neural network, we show that we are able to spoof almost all tested identities (99\%), including those not known beforehand (not included in training). Our results indicate that a multiple-identity attack is a real threat and should be taken into account when deploying face recognition systems. Accepted to International Joint Conference on Biometrics (IJCB 2021) |
Databáze: | OpenAIRE |
Externí odkaz: |