3,065 research outputs found
On the Influence of Ageing on Face Morph Attacks: Vulnerability and Detection
Face morphing attacks have raised critical concerns as they demonstrate a new
vulnerability of Face Recognition Systems (FRS), which are widely deployed in
border control applications. The face morphing process uses the images from
multiple data subjects and performs an image blending operation to generate a
morphed image of high quality. The generated morphed image exhibits similar
visual characteristics corresponding to the biometric characteristics of the
data subjects that contributed to the composite image and thus making it
difficult for both humans and FRS, to detect such attacks. In this paper, we
report a systematic investigation on the vulnerability of the
Commercial-Off-The-Shelf (COTS) FRS when morphed images under the influence of
ageing are presented. To this extent, we have introduced a new morphed face
dataset with ageing derived from the publicly available MORPH II face dataset,
which we refer to as MorphAge dataset. The dataset has two bins based on age
intervals, the first bin - MorphAge-I dataset has 1002 unique data subjects
with the age variation of 1 year to 2 years while the MorphAge-II dataset
consists of 516 data subjects whose age intervals are from 2 years to 5 years.
To effectively evaluate the vulnerability for morphing attacks, we also
introduce a new evaluation metric, namely the Fully Mated Morphed Presentation
Match Rate (FMMPMR), to quantify the vulnerability effectively in a realistic
scenario. Extensive experiments are carried out by using two different COTS FRS
(COTS I - Cognitec and COTS II - Neurotechnology) to quantify the vulnerability
with ageing. Further, we also evaluate five different Morph Attack Detection
(MAD) techniques to benchmark their detection performance with ageing.Comment: Accepted in IJCB 202
MIPGAN -- Generating Strong and High Quality Morphing Attacks Using Identity Prior Driven GAN
Face morphing attacks target to circumvent Face Recognition Systems (FRS) by
employing face images derived from multiple data subjects (e.g., accomplices
and malicious actors). Morphed images can be verified against contributing data
subjects with a reasonable success rate, given they have a high degree of
facial resemblance. The success of morphing attacks is directly dependent on
the quality of the generated morph images. We present a new approach for
generating strong attacks extending our earlier framework for generating face
morphs. We present a new approach using an Identity Prior Driven Generative
Adversarial Network, which we refer to as MIPGAN (Morphing through Identity
Prior driven GAN). The proposed MIPGAN is derived from the StyleGAN with a
newly formulated loss function exploiting perceptual quality and identity
factor to generate a high quality morphed facial image with minimal artefacts
and with high resolution. We demonstrate the proposed approach's applicability
to generate strong morphing attacks by evaluating its vulnerability against
both commercial and deep learning based Face Recognition System (FRS) and
demonstrate the success rate of attacks. Extensive experiments are carried out
to assess the FRS's vulnerability against the proposed morphed face generation
technique on three types of data such as digital images, re-digitized (printed
and scanned) images, and compressed images after re-digitization from newly
generated MIPGAN Face Morph Dataset. The obtained results demonstrate that the
proposed approach of morph generation poses a high threat to FRS.Comment: Revised version. Submitted to IEEE T-BIOM 202
Towards minimizing efforts for Morphing Attacks -- Deep embeddings for morphing pair selection and improved Morphing Attack Detection
Face Morphing Attacks pose a threat to the security of identity documents,
especially with respect to a subsequent access control process, because it
enables both individuals involved to exploit the same document. In this study,
face embeddings serve two purposes: pre-selecting images for large-scale
Morphing Attack generation and detecting potential Morphing Attacks. We build
upon previous embedding studies in both use cases using the MagFace model. For
the first objective, we employ an pre-selection algorithm that pairs
individuals based on face embedding similarity. We quantify the attack
potential of differently morphed face images to compare the usability of
pre-selection in automatically generating numerous successful Morphing Attacks.
Regarding the second objective, we compare embeddings from two state-of-the-art
face recognition systems in terms of their ability to detect Morphing Attacks.
Our findings demonstrate that ArcFace and MagFace provide valuable face
embeddings for image pre-selection. Both open-source and COTS face recognition
systems are susceptible to generated attacks, particularly when pre-selection
is based on embeddings rather than random pairing which was only constrained by
soft biometrics. More accurate face recognition systems exhibit greater
vulnerability to attacks, with COTS systems being the most susceptible.
Additionally, MagFace embeddings serve as a robust alternative for detecting
morphed face images compared to the previously used ArcFace embeddings. The
results endorse the advantages of face embeddings in more effective image
pre-selection for face morphing and accurate detection of morphed face images.
This is supported by extensive analysis of various designed attacks. The
MagFace model proves to be a powerful alternative to the commonly used ArcFace
model for both objectives, pre-selection and attack detection
Morphing Attack Detection -- Database, Evaluation Platform and Benchmarking
Morphing attacks have posed a severe threat to Face Recognition System (FRS).
Despite the number of advancements reported in recent works, we note serious
open issues such as independent benchmarking, generalizability challenges and
considerations to age, gender, ethnicity that are inadequately addressed.
Morphing Attack Detection (MAD) algorithms often are prone to generalization
challenges as they are database dependent. The existing databases, mostly of
semi-public nature, lack in diversity in terms of ethnicity, various morphing
process and post-processing pipelines. Further, they do not reflect a realistic
operational scenario for Automated Border Control (ABC) and do not provide a
basis to test MAD on unseen data, in order to benchmark the robustness of
algorithms. In this work, we present a new sequestered dataset for facilitating
the advancements of MAD where the algorithms can be tested on unseen data in an
effort to better generalize. The newly constructed dataset consists of facial
images from 150 subjects from various ethnicities, age-groups and both genders.
In order to challenge the existing MAD algorithms, the morphed images are with
careful subject pre-selection created from the contributing images, and further
post-processed to remove morphing artifacts. The images are also printed and
scanned to remove all digital cues and to simulate a realistic challenge for
MAD algorithms. Further, we present a new online evaluation platform to test
algorithms on sequestered data. With the platform we can benchmark the morph
detection performance and study the generalization ability. This work also
presents a detailed analysis on various subsets of sequestered data and
outlines open challenges for future directions in MAD research.Comment: This paper is a pre-print. The article is accepted for publication in
IEEE Transactions on Information Forensics and Security (TIFS
Stegano-Morphing: Concealing Attacks on Face Identification Algorithms
© 2021 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other worksFace identification is becoming a well-accepted technology for access control applications, both in the real or virtual world. Systems based on this technology must deal with the persistent challenges of classification algorithms and the impersonation attacks performed by people who do not want to be identified. Morphing is often selected to conduct such attacks since it allows the modification of the features of an original subject's image to make it appear as someone else. Publications focus on impersonating this other person, usually someone who is allowed to get into a restricted place, building, or software app. However, there is no list of authorized people in many other applications, just a blacklist of people no longer allowed to enter, log in, or register. In such cases, the morphing target person is not relevant, and the main objective is to minimize the probability of being detected. In this paper, we present a comparison of the identification rate and behavior of six recognizers (Eigenfaces, Fisherfaces, LBPH, SIFT, FaceNet, and ArcFace) against traditional morphing attacks, in which only two subjects are used to create the altered image: the original subject and the target. We also present a new morphing method that works as an iterative process of gradual traditional morphing, combining the original subject with all the subjects' images in a database. This method multiplies by four the chances of a successful and complete impersonation attack (from 4% to 16%), by deceiving both face identification and morphing detection algorithms simultaneouslyThis work was supported by the ConsejerÃa De Ciencia, Universidad e Innovación, Comunidad de Madri
Face Image and Video Analysis in Biometrics and Health Applications
Computer Vision (CV) enables computers and systems to derive meaningful information from acquired visual inputs, such as images and videos, and make decisions based on the extracted information. Its goal is to acquire, process, analyze, and understand the information by developing a theoretical and algorithmic model. Biometrics are distinctive and measurable human characteristics used to label or describe individuals by combining computer vision with knowledge of human physiology (e.g., face, iris, fingerprint) and behavior (e.g., gait, gaze, voice). Face is one of the most informative biometric traits. Many studies have investigated the human face from the perspectives of various different disciplines, ranging from computer vision, deep learning, to neuroscience and biometrics. In this work, we analyze the face characteristics from digital images and videos in the areas of morphing attack and defense, and autism diagnosis. For face morphing attacks generation, we proposed a transformer based generative adversarial network to generate more visually realistic morphing attacks by combining different losses, such as face matching distance, facial landmark based loss, perceptual loss and pixel-wise mean square error. In face morphing attack detection study, we designed a fusion-based few-shot learning (FSL) method to learn discriminative features from face images for few-shot morphing attack detection (FS-MAD), and extend the current binary detection into multiclass classification, namely, few-shot morphing attack fingerprinting (FS-MAF). In the autism diagnosis study, we developed a discriminative few shot learning method to analyze hour-long video data and explored the fusion of facial dynamics for facial trait classification of autism spectrum disorder (ASD) in three severity levels. The results show outstanding performance of the proposed fusion-based few-shot framework on the dataset. Besides, we further explored the possibility of performing face micro- expression spotting and feature analysis on autism video data to classify ASD and control groups. The results indicate the effectiveness of subtle facial expression changes on autism diagnosis
Stegano-morphing: Concealing attacks on face identification algorithms
Face identification is becoming a well-accepted technology for access control applications, whether in the real or virtual world. Systems based on this technology have to deal with the classic difficulties of classification algorithms and the challenges of impersonation attacks performed by people who do not want to be identified. Morphing is often the preferred method for these attacks, as it allows modifying an image’s features progressively from an original subject so that it gradually resembles another. Publications focus on impersonating this other person, usually someone who is allowed to get into a restricted place, building, or software app. However, there is no list of authorized people in many other applications, just a blacklist of people who cannot enter, log in, or register again. In such cases, the morphing target person is not relevant, and the main objective is to minimize the probability of being detected. Wepresent a comparison of the identification rate and behavior of 5 recognizers (Eigenfaces, Fisherfaces, LBPH, SIFT, and FaceNet) against traditional morphing attacks, in which only two subjects are used to create the altered image: the original subject and the target. We also introduce a new morphing method that works as an iterative process of gradual traditional morphing, combining the original subject with all the subjects’ images in the training database. We also test our morphing attack method against the recognizer that obtains better results against traditional morphing (FaceNet), proving that, using our method, we can multiply by eight the chances of a successful and complete impersonation attack, one able to deceive face identification and morphing detection algorithms simultaneously
- …