Accessorize in the Dark: A Security Analysis of Near-Infrared Face Recognition

Amit Cohen, Mahmood Sharif*

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

Prior work showed that face-recognition systems ingesting RGB images captured via visible-light (VIS ) cameras are susceptible to real-world evasion attacks. Face-recognition systems in near-infrared (NIR ) are widely deployed for critical tasks (e.g., access control), and are hypothesized to be more secure due to the lower variability and dimensionality of NIR images compared to VIS ones. However, the actual robustness of NIR -based face recognition remains unknown. This work puts the hypothesis to the test by offering attacks well-suited for NIR -based face recognition and adapting them to facilitate physical realizability. The outcome of the attack is an adversarial accessory the adversary can wear to mislead NIR -based face-recognition systems. We tested the attack against six models, both defended and undefended, with varied numbers of subjects in the digital and physical domains. We found that face recognition in NIR is highly susceptible to real-world attacks. For example, ≥ 96.66% of physically realized attack attempts seeking arbitrary misclassification succeeded, including against defended models. Overall, our work highlights the need to defend NIR -based face recognition, especially when deployed in high-stakes domains.

Original languageEnglish
Title of host publicationComputer Security – ESORICS 2023 - 28th European Symposium on Research in Computer Security, 2023, Proceedings
EditorsGene Tsudik, Mauro Conti, Kaitai Liang, Georgios Smaragdakis
PublisherSpringer Science and Business Media Deutschland GmbH
Pages43-61
Number of pages19
ISBN (Print)9783031514784
DOIs
StatePublished - 2024
Event28th European Symposium on Research in Computer Security, ESORICS 2023 - The Hague, Netherlands
Duration: 25 Sep 202329 Sep 2023

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume14346 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference28th European Symposium on Research in Computer Security, ESORICS 2023
Country/TerritoryNetherlands
CityThe Hague
Period25/09/2329/09/23

Fingerprint

Dive into the research topics of 'Accessorize in the Dark: A Security Analysis of Near-Infrared Face Recognition'. Together they form a unique fingerprint.

Cite this