Target identity attacks on facial recognition systems
Abstract
Advancements in digital technology have significantly increased the number of cases involving the counterfeiting of identity documents. One example is exam fraud, where a counterfeiter creates a composite morphed photograph of the real candidate and an imposter, and attaches it to the examination admit card. Automated facial recognition systems are beginning to be deployed at examination centers to match candidates' faces against their official facial images. While the need to perform manual matches is eliminated, the vulnerabilities of these automated systems are a major concern. This chapter evaluates the vulnerability of an automated facial recognition system to input image manipulation via a target identity attack. The attack manipulates a facial image so that it looks similar to the real candidate, but outputs the identity feature representation of the imposter. This chapter also evaluates the performance of facial recognition models with regard to impersonator recognition. Experiments using image databases demonstrate the effectiveness of target identity attacks.
Domains
Computer Science [cs]Origin | Files produced by the author(s) |
---|