AdvFaces: Adversarial Face Synthesis

被引：39

作者：

Deb, Debayan ^{[1
]}

Zhang, Jianbang ^{[2
]}

Jain, Anil K. ^{[1
]}

机构：

[1] Michigan State Univ, E Lansing, MI 48824 USA

[2] Lenovo Inc, Morrisville, NC USA

来源：

IEEE/IAPR INTERNATIONAL JOINT CONFERENCE ON BIOMETRICS (IJCB 2020) | 2020年

关键词：

D O I：

10.1109/ijcb48548.2020.9304898

中图分类号：

TP18 [人工智能理论];

学科分类号：

081104 ; 0812 ; 0835 ; 1405 ;

摘要：

Face recognition systems have been shown to be vulnerable to adversarial faces resulting from adding small perturbations to probe images. Such adversarial images can lead state-of-the-art face matchers to falsely reject a genuine subject (obfuscation attack) or falsely match to an impostor (impersonation attack). Current approaches to crafting adversarial faces lack perceptual quality and take an unreasonable amount of time to generate them. We propose, AdvFaces, an automated adversarial face synthesis method that learns to generate minimal perturbations in the salient facial regions via Generative Adversarial Networks. Once AdvFaces is trained, a hacker can automatically generate imperceptible face perturbations that can evade four black-box state-of-the-art face matchers with attack success rates as high as 97:22% and 24:30% at 0:1% False Accept Rate, for obfuscation and impersonation attacks, respectively.

引用

页数：10

共 43 条

[1] [Anonymous], 2018, Advances in Neural Information Processing Systems
[2] [Anonymous], 2016, Delving into transferable adversarial examples and black-box attacks
[3] Baluja S, 2017, ARXIV
[4] Bose A.J., 2018, IEEE MMSP, P1
[5] Towards Evaluating the Robustness of Neural Networks
Carlini, Nicholas
Wagner, David
[J]. 2017 IEEE SYMPOSIUM ON SECURITY AND PRIVACY (SP), 2017, : 39 - 57
[6] Fast Geometrically-Perturbed Adversarial Faces
Dabouei, Ali
Soleymani, Sobhan
Dawson, Jeremy
Nasrabadi, Nasser M.
[J]. 2019 IEEE WINTER CONFERENCE ON APPLICATIONS OF COMPUTER VISION (WACV), 2019, : 1979 - 1988
[7] ArcFace: Additive Angular Margin Loss for Deep Face Recognition
Deng, Jiankang
Guo, Jia
Xue, Niannan
Zafeiriou, Stefanos
[J]. 2019 IEEE/CVF CONFERENCE ON COMPUTER VISION AND PATTERN RECOGNITION (CVPR 2019), 2019, : 4685 - 4694
[8] Efficient Decision-based Black-box Adversarial Attacks on Face Recognition
Dong, Yinpeng
Su, Hang
Wu, Baoyuan
Li, Zhifeng
Liu, Wei
Zhang, Tong
Zhu, Jun
[J]. 2019 IEEE/CVF CONFERENCE ON COMPUTER VISION AND PATTERN RECOGNITION (CVPR 2019), 2019, : 7706 - 7714
[9] Boosting Adversarial Attacks with Momentum
Dong, Yinpeng
Liao, Fangzhou
Pang, Tianyu
Su, Hang
Zhu, Jun
Hu, Xiaolin
Li, Jianguo
[J]. 2018 IEEE/CVF CONFERENCE ON COMPUTER VISION AND PATTERN RECOGNITION (CVPR), 2018, : 9185 - 9193
[10] Eykholt K., 2017, ARXIV PREPRINT ARXIV

← 1 2 3 4 5 →