2020
Journal article  Embargo

Cross-resolution face recognition adversarial attacks

Massoli F. V., Falchi F., Amato G.

deep learning  Artificial Intelligence  face recognition  recognition  Computer Vision and Pattern Recognition  adversarial machine learning  Software  cross-resolution  adversarial examples  pattern recognition  Signal Processing 

Face Recognition is among the best examples of computer vision problems where the supremacy of deep learning techniques compared to standard ones is undeniable. Unfortunately, it has been shown that they are vulnerable to adversarial examples - input images to which a human imperceptible perturbation is added to lead a learning model to output a wrong prediction. Moreover, in applications such as biometric systems and forensics, cross-resolution scenarios are easily met with a non-negligible impact on the recognition performance and adversary's success. Despite the existence of such vulnerabilities set a harsh limit to the spread of deep learning-based face recognition systems to real-world applications, a comprehensive analysis of their behavior when threatened in a cross-resolution setting is missing in the literature. In this context, we posit our study, where we harness several of the strongest adversarial attacks against deep learning-based face recognition systems considering the cross-resolution domain. To craft adversarial instances, we exploit attacks based on three different metrics, i.e., L, L, and L, and we study the resilience of the models across resolutions. We then evaluate the performance of the systems against the face identification protocol, open- and close-set. In our study, we find that the deep representation attacks represents a much dangerous menace to a face recognition system than the ones based on the classification output independently from the used metric. Furthermore, we notice that the input image's resolution has a non-negligible impact on an adversary's success in deceiving a learning model. Finally, by comparing the performance of the threatened networks under analysis, we show how they can benefit from a cross-resolution training approach in terms of resilience to adversarial attacks.

Source: Pattern recognition letters 140 (2020): 222–229. doi:10.1016/j.patrec.2020.10.008

Publisher: North-Holland, Amsterdam , Paesi Bassi

Metrics



Back to previous page

Share

Cite as

BibTeX entry
@article{oai:it.cnr:prodotti:435198,
	title = {Cross-resolution face recognition adversarial attacks},
	author = {Massoli F. V. and Falchi F. and Amato G.},
	publisher = {North-Holland, Amsterdam , Paesi Bassi},
	doi = {10.1016/j.patrec.2020.10.008},
	journal = {Pattern recognition letters},
	volume = {140},
	pages = {222–229},
	year = {2020}
}

CNR authors and affiliations

Download

Projects (via OpenAIRE)

AI4EU
A European AI On Demand Platform and Ecosystem


OpenAIRE
Privacy Policy