Stegano-morphing: Concealing attacks on face identification algorithms

Abstract

Face identification is becoming a well-accepted technology for access control applications, whether in the real or virtual world. Systems based on this technology have to deal with the classic difficulties of classification algorithms and the challenges of impersonation attacks performed by people who do not want to be identified. Morphing is often the preferred method for these attacks, as it allows modifying an image’s features progressively from an original subject so that it gradually resembles another. Publications focus on impersonating this other person, usually someone who is allowed to get into a restricted place, building, or software app. However, there is no list of authorized people in many other applications, just a blacklist of people who cannot enter, log in, or register again. In such cases, the morphing target person is not relevant, and the main objective is to minimize the probability of being detected. Wepresent a comparison of the identification rate and behavior of 5 recognizers (Eigenfaces, Fisherfaces, LBPH, SIFT, and FaceNet) against traditional morphing attacks, in which only two subjects are used to create the altered image: the original subject and the target. We also introduce a new morphing method that works as an iterative process of gradual traditional morphing, combining the original subject with all the subjects’ images in the training database. We also test our morphing attack method against the recognizer that obtains better results against traditional morphing (FaceNet), proving that, using our method, we can multiply by eight the chances of a successful and complete impersonation attack, one able to deceive face identification and morphing detection algorithms simultaneously