Researchers develop LED projection attack causing false positives with facial recognition
Infrared light projection can be used not only to obscure the identity of an individual from facial recognition systems, but also to successfully impersonate another individual, according to a paper published by a team of researchers from Chinese and U.S. universities and Alibaba.
Their paper, “Invisible Mask: Practical Attacks on Face Recognition with Infrared” (PDF) describes a system which uses infrared LEDs wired into a baseball cap to project dots of light through a lens onto the face of the wearer. This can not only cause false negatives, obscuring the wearer’s identity, but also false positives. Creating a false positive is much more challenging, as it requires the LEDs to be calibrated to imitate the target image. The researchers call this spoof an “invisible mask attack” (IMA).
In a test on the LFW data set, attacks by individuals with “some similarity” in facial appearance to the target they attempted to spoof were successfully authenticated over 70 percent of the time.
“Based on our findings and attacks, we conclude that face recognition techniques today are still far from secure and reliable when being applied to critical scenarios like authentication and surveillance,” the researchers write, warning that more attention should be given to the threat of infrared attacks.
Researchers recently described a method of defeating facial recognition technology with inconspicuous eyeglasses manufactured with a 3D printer, while Google researchers developed adversarial images that can fool image recognition systems without being tuned.
Comments