FB pixel

Researchers show deepfakes can beat face biometric web services, propose defense strategy

 

biometric digital identity verification for fraud prevention

Commonly used methods for generating deepfakes can result in images that regularly defeat face biometric algorithms, according to a new report by researchers at Sungkyunkwan University Suwon in South Korea.

The three researchers’ paper, ‘Am I a Real or Fake Celebrity?’, pits deepfake impersonation attacks against commercial facial recognition web services for identifying celebrities from Microsoft, Amazon and Naver. Researchers Shahroz Tariq, Sowon Jeon and Simon S. Woo state that the attacks can easily be generalized to non-celebrities.

They attempted targeted attacks, intending to trick the algorithm into misidentifying the submission as a particular celebrity, and non-targeted attacks, to trick the algorithm into mistakenly identifying the image as any celebrity, the latter of which were consistently successful.

When making mistakes, the biometric algorithms returned high confidence scores, in some cases higher than the real image, which the study authors attribute to the deepfakes retaining key identity data.

Three publicly available datasets and two custom ones created by the researchers were used to create a total of 8,119 deepfakes and extracted faces from the frames to submit to the web APIs.

They found that some methods of attack are more successful than others, and each biometric matching system responds differently to deepfakes.

With images taken from the VoxCelebTH dataset, Microsoft’s Azure Cognitive Services API identified 78 percent of deepfakes the researchers submitted to it as the targeted celebrity, while Amazon mismatched 68.7 percent of submitted images. Overall attack success rates across the five datasets used in the test were 28 percent for Amazon, 33.1 percent for Microsoft, and 4.7 percent for Naver, but fell to less than 4 percent, 5 percent, and 1 percent respectively when the researchers employed a proposed defense method. The researchers declared “no clear winner among the three APIs” in terms of resistance to deepfake impersonation.

The researchers proposed method of defense against the deepfake impersonation attacks applies off-the-shelf deepfake detectors to the biometric API. They plan to build a REST API to screen incoming requests to the celebrity facial recognition APIs.

“The proposed defense method can provide excellent results. And, to some extent, it can be an effective defense mechanism,” the researchers write. “However, these off-the-shelf models may not be optimal against each DI attack, and false positives can play avital role in increasing the attack’s success rate. In addition, due to the rise of new deepfakes, existing detection models are not guaranteed to work well against them. Therefore, a more generic and effective defense method against different types of existing and new DI attacks is urgently required. And more research is needed in that direction, exploring transfer learning, domain adaptation, and meta transfer learning to better cope with new DI attacks.”

A paper presented earlier this year showed a troubling new deepfake method capable of defeating deepfake detectors.

Article Topics

 |   |   |   |   |   | 

Latest Biometrics News

 

Reflections on the Global Digital Public Infrastructure summit 2024

The Global Digital Public Infrastructure (DPI) summit 2024 has drawn attention to the transformative power of DPI in driving digital…

 

Binding physical and digital worlds with biometrics key to decentralized ID

Stakeholders in New Zealand’s digital identity ecosystem addressed the evolution of identity systems, particularly focusing on decentralized identity and biometrics…

 

Swedish police want to fight crime with live facial recognition

The Swedish police want to use facial recognition in real time to crack down on serious crimes. Government investigators have…

 

Biometrics cycle from innovations to scale-up opportunities

Biometrics integrations range from the experimental to the everyday in the most-read articles of the week on Biometric Update. Yesterday’s…

 

US Justice developing AI use guidelines for law enforcement, civil rights

The US Department of Justice (DOJ) continues to advance draft guidelines for the use of AI and biometric tools like…

 

Airport authorities expand biometrics deployments with Thales, Idemia tech

Biometric deployments involving Thales, Idemia and Vision-Box, alongside agencies like the TSA,  highlight the aviation industry’s commitment to streamlining operations….

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Read This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events