Pub Date : 2023-04-19DOI: 10.1109/IWBF57495.2023.10157489
Sandra Bergmann, Denise Moussa, Fabian Brand, A. Kaup, C. Riess
The JPEG algorithm is the most popular compression method on the internet. Its properties have been extensively studied in image forensics for examining image origin and authenticity. However, the JPEG standard will in the near future be extended with AI-based compression. This approach is fundamentally different from the classic JPEG algorithm, and requires an entirely new set of forensics tools.As a first step towards forensic tools for AI compression, we present a first investigation of forensic traces in HiFiC, the current state-of-the-art AI-based compression method. We investigate the frequency space of the compressed images, and identify two types of traces, which likely arise from GAN upsampling and in homogeneous areas. We evaluate the detectability on different patch sizes and unseen postprocessing, and report a detectability of 96.37%. Our empirical results also suggest that further, yet unidentified, compression traces can be expected in the spatial domain.
{"title":"Frequency-Domain Analysis of Traces for the Detection of AI-based Compression","authors":"Sandra Bergmann, Denise Moussa, Fabian Brand, A. Kaup, C. Riess","doi":"10.1109/IWBF57495.2023.10157489","DOIUrl":"https://doi.org/10.1109/IWBF57495.2023.10157489","url":null,"abstract":"The JPEG algorithm is the most popular compression method on the internet. Its properties have been extensively studied in image forensics for examining image origin and authenticity. However, the JPEG standard will in the near future be extended with AI-based compression. This approach is fundamentally different from the classic JPEG algorithm, and requires an entirely new set of forensics tools.As a first step towards forensic tools for AI compression, we present a first investigation of forensic traces in HiFiC, the current state-of-the-art AI-based compression method. We investigate the frequency space of the compressed images, and identify two types of traces, which likely arise from GAN upsampling and in homogeneous areas. We evaluate the detectability on different patch sizes and unseen postprocessing, and report a detectability of 96.37%. Our empirical results also suggest that further, yet unidentified, compression traces can be expected in the spatial domain.","PeriodicalId":273412,"journal":{"name":"2023 11th International Workshop on Biometrics and Forensics (IWBF)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-04-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129535740","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-04-19DOI: 10.1109/IWBF57495.2023.10157014
Biying Fu, Marcel Klemt, F. Boutros, N. Damer
In recent years, advances in deep learning techniques and large-scale identity-labeled datasets have enabled facial recognition algorithms to rapidly gain performance. However, due to privacy issues, ethical concerns, and regulations governing the processing, transmission, and storage of biometric samples, several publicly available face image datasets are being withdrawn by their creators. The reason is that these datasets are mostly crawled from the web with the possibility that not all users had properly consented to processing their biometric data. To mitigate this problem, synthetic face images from generative approaches are motivated to substitute the need for authentic face images to train and test face recognition. In this work, we investigate both the relation between synthetic face image data and the generator authentic training data and the relation between the authentic data and the synthetic data in general under two aspects, i.e. the general image quality and face image quality. The first term refers to perceived image quality and the second measures the utility of a face image for automatic face recognition algorithms. To further quantify these relations, we build the analyses under two terms denoted as the dissimilarity in quality values expressing the general difference in quality distributions and the dissimilarity in quality diversity expressing the diversity in the quality values.
{"title":"On the Quality and Diversity of Synthetic Face Data and its Relation to the Generator Training Data","authors":"Biying Fu, Marcel Klemt, F. Boutros, N. Damer","doi":"10.1109/IWBF57495.2023.10157014","DOIUrl":"https://doi.org/10.1109/IWBF57495.2023.10157014","url":null,"abstract":"In recent years, advances in deep learning techniques and large-scale identity-labeled datasets have enabled facial recognition algorithms to rapidly gain performance. However, due to privacy issues, ethical concerns, and regulations governing the processing, transmission, and storage of biometric samples, several publicly available face image datasets are being withdrawn by their creators. The reason is that these datasets are mostly crawled from the web with the possibility that not all users had properly consented to processing their biometric data. To mitigate this problem, synthetic face images from generative approaches are motivated to substitute the need for authentic face images to train and test face recognition. In this work, we investigate both the relation between synthetic face image data and the generator authentic training data and the relation between the authentic data and the synthetic data in general under two aspects, i.e. the general image quality and face image quality. The first term refers to perceived image quality and the second measures the utility of a face image for automatic face recognition algorithms. To further quantify these relations, we build the analyses under two terms denoted as the dissimilarity in quality values expressing the general difference in quality distributions and the dissimilarity in quality diversity expressing the diversity in the quality values.","PeriodicalId":273412,"journal":{"name":"2023 11th International Workshop on Biometrics and Forensics (IWBF)","volume":"156 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-04-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127485740","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-04-19DOI: 10.1109/IWBF57495.2023.10157658
E. Singer, B. J. Borgstrom, Kenneth Alperin, Trang Nguyen, C. Dagli, Melissa R. Dale, A. Ross
The recent advances in deep learning have led to an increased interest in the development of techniques for multimodal identity verification applications, particularly in the area of biometric fusion. Associated with these efforts is a corresponding need for large scale multimodal datasets to provide the bases for establishing performance baselines for proposed approaches. After examining the characteristics of existing multimodal datasets, this paper will describe the development of the MITLL Trimodal dataset, a new triple-modality collection of data comprising parallel samples of audio, image, and text for 553 subjects. The dataset is formed from YouTube videos and Twitter tweets. Baseline single modality results using a common processing pipeline are presented, along with the results of applying a conventional fusion algorithm to the individual stream scores.
{"title":"On the Design of the MITLL Trimodal Dataset for Identity Verification","authors":"E. Singer, B. J. Borgstrom, Kenneth Alperin, Trang Nguyen, C. Dagli, Melissa R. Dale, A. Ross","doi":"10.1109/IWBF57495.2023.10157658","DOIUrl":"https://doi.org/10.1109/IWBF57495.2023.10157658","url":null,"abstract":"The recent advances in deep learning have led to an increased interest in the development of techniques for multimodal identity verification applications, particularly in the area of biometric fusion. Associated with these efforts is a corresponding need for large scale multimodal datasets to provide the bases for establishing performance baselines for proposed approaches. After examining the characteristics of existing multimodal datasets, this paper will describe the development of the MITLL Trimodal dataset, a new triple-modality collection of data comprising parallel samples of audio, image, and text for 553 subjects. The dataset is formed from YouTube videos and Twitter tweets. Baseline single modality results using a common processing pipeline are presented, along with the results of applying a conventional fusion algorithm to the individual stream scores.","PeriodicalId":273412,"journal":{"name":"2023 11th International Workshop on Biometrics and Forensics (IWBF)","volume":"71 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-04-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130249939","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-04-19DOI: 10.1109/IWBF57495.2023.10157835
Simone Magistri, Daniele Baracchi, D. Shullani, Andrew D. Bagdanov, A. Piva
Social networks have become most widely used channels for sharing images and videos, and discovering the social platform of origin of multimedia content is of great interest to the forensics community. Several techniques address this problem, however the rapid development of new social platforms, and the deployment of updates to existing ones, often render forensic tools obsolete shortly after their introduction. This effectively requires constant updating of methods and models, which is especially cumbersome when dealing with techniques based on neural networks, as trained models cannot be easily fine-tuned to handle new classes without drastically reducing the performance on the old ones – a phenomenon known as catastrophic forgetting. Updating a model thus often entails retraining the network from scratch on all available data, including that used for training previous versions of the model. Continual learning refers to techniques specifically designed to mitigate catastrophic forgetting, thus making it possible to extend an existing model requiring no or a limited number of examples from the original dataset. In this paper, we investigate the potential of continual learning techniques to build an extensible social network identification neural network. We introduce a simple yet effective neural network architecture for Social Network Identification (SNI) and perform extensive experimental validation of continual learning approaches on it. Our results demonstrate that, although Continual SNI remains a challenging problem, catastrophic forgetting can be significantly reduced by only retaining a fraction of the original training data.
{"title":"Towards Continual Social Network Identification","authors":"Simone Magistri, Daniele Baracchi, D. Shullani, Andrew D. Bagdanov, A. Piva","doi":"10.1109/IWBF57495.2023.10157835","DOIUrl":"https://doi.org/10.1109/IWBF57495.2023.10157835","url":null,"abstract":"Social networks have become most widely used channels for sharing images and videos, and discovering the social platform of origin of multimedia content is of great interest to the forensics community. Several techniques address this problem, however the rapid development of new social platforms, and the deployment of updates to existing ones, often render forensic tools obsolete shortly after their introduction. This effectively requires constant updating of methods and models, which is especially cumbersome when dealing with techniques based on neural networks, as trained models cannot be easily fine-tuned to handle new classes without drastically reducing the performance on the old ones – a phenomenon known as catastrophic forgetting. Updating a model thus often entails retraining the network from scratch on all available data, including that used for training previous versions of the model. Continual learning refers to techniques specifically designed to mitigate catastrophic forgetting, thus making it possible to extend an existing model requiring no or a limited number of examples from the original dataset. In this paper, we investigate the potential of continual learning techniques to build an extensible social network identification neural network. We introduce a simple yet effective neural network architecture for Social Network Identification (SNI) and perform extensive experimental validation of continual learning approaches on it. Our results demonstrate that, although Continual SNI remains a challenging problem, catastrophic forgetting can be significantly reduced by only retaining a fraction of the original training data.","PeriodicalId":273412,"journal":{"name":"2023 11th International Workshop on Biometrics and Forensics (IWBF)","volume":"48 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-04-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122746976","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-04-19DOI: 10.1109/IWBF57495.2023.10157534
Juan E. Tapia, C. Busch
This paper proposes an explainable visualisation of different face feature extraction algorithms that enable the detection of bona fide and morphing images for single morphing attack detection. The feature extraction is based on raw image, shape, texture, frequency and compression. This visualisation may help to develop a Graphical User Interface for border policies and specifically for border guard personnel that have to investigate details of suspect images. A Random forest classifier was trained in a leave-one-out protocol on three landmarks-based face morphing methods and a StyleGAN-based morphing method for which morphed images are available in the FRLL database. For morphing attack detection, the Discrete Cosine-Transformation-based method obtained the best results for synthetic images and BSIF for landmark-based image features.
{"title":"Face Feature Visualisation of Single Morphing Attack Detection","authors":"Juan E. Tapia, C. Busch","doi":"10.1109/IWBF57495.2023.10157534","DOIUrl":"https://doi.org/10.1109/IWBF57495.2023.10157534","url":null,"abstract":"This paper proposes an explainable visualisation of different face feature extraction algorithms that enable the detection of bona fide and morphing images for single morphing attack detection. The feature extraction is based on raw image, shape, texture, frequency and compression. This visualisation may help to develop a Graphical User Interface for border policies and specifically for border guard personnel that have to investigate details of suspect images. A Random forest classifier was trained in a leave-one-out protocol on three landmarks-based face morphing methods and a StyleGAN-based morphing method for which morphed images are available in the FRLL database. For morphing attack detection, the Discrete Cosine-Transformation-based method obtained the best results for synthetic images and BSIF for landmark-based image features.","PeriodicalId":273412,"journal":{"name":"2023 11th International Workshop on Biometrics and Forensics (IWBF)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-04-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129857071","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-03-24DOI: 10.1109/IWBF57495.2023.10157461
Raghavendra Ramachandra, S. Venkatesh, Gaurav Jaswal, Guoqiang Li
Face morphing attacks have emerged as a potential threat, particularly in automatic border control scenarios. Morphing attacks permit more than one individual to use travel documents that can be used to cross borders using automatic border control gates. The potential for morphing attacks depends on the selection of data subjects (accomplice and malicious actors). This work investigates lookalike and identical twins as the source of face morphing generation. We present a systematic study on benchmarking the vulnerability of Face Recognition Systems (FRS) to lookalike and identical twin morphing images. Therefore, we constructed new face morphing datasets using 16 pairs of identical twin and lookalike data subjects. Morphing images from lookalike and identical twins are generated using a landmark-based method. Extensive experiments are carried out to benchmark the attack potential of lookalike and identical twins. Furthermore, experiments are designed to provide insights into the impact of vulnerability with normal face morphing compared with lookalike and identical twin face morphing.
{"title":"Vulnerability of Face Morphing Attacks: A Case Study on Lookalike and Identical Twins","authors":"Raghavendra Ramachandra, S. Venkatesh, Gaurav Jaswal, Guoqiang Li","doi":"10.1109/IWBF57495.2023.10157461","DOIUrl":"https://doi.org/10.1109/IWBF57495.2023.10157461","url":null,"abstract":"Face morphing attacks have emerged as a potential threat, particularly in automatic border control scenarios. Morphing attacks permit more than one individual to use travel documents that can be used to cross borders using automatic border control gates. The potential for morphing attacks depends on the selection of data subjects (accomplice and malicious actors). This work investigates lookalike and identical twins as the source of face morphing generation. We present a systematic study on benchmarking the vulnerability of Face Recognition Systems (FRS) to lookalike and identical twin morphing images. Therefore, we constructed new face morphing datasets using 16 pairs of identical twin and lookalike data subjects. Morphing images from lookalike and identical twins are generated using a landmark-based method. Extensive experiments are carried out to benchmark the attack potential of lookalike and identical twins. Furthermore, experiments are designed to provide insights into the impact of vulnerability with normal face morphing compared with lookalike and identical twin face morphing.","PeriodicalId":273412,"journal":{"name":"2023 11th International Workshop on Biometrics and Forensics (IWBF)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-03-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128746047","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-03-10DOI: 10.1109/IWBF57495.2023.10157312
Priyanka Das, N. Venkataswamy, Laura Holsopple, M. Imtiaz, M. Schuckers, S. Schuckers
The temporal stability of iris recognition performance is core to its success as a biometric modality. With the expanding horizon of applications for children, gaps in the knowledge base on the temporal stability of iris recognition performance in children have impacted decision-making during applications at the global scale. This report presents the most extensive analysis of longitudinal iris recognition performance in children with data from the same 230 children over 6.5 years between enrollment and query for ages 4 to 17 years. Assessment of match scores, statistical modelling of variability factors impacting match scores and in-depth assessment of the root causes of the false rejections concludes no impact on iris recognition performance due to aging.
{"title":"Longitudinal Performance of Iris Recognition in Children: Time Intervals up to Six years","authors":"Priyanka Das, N. Venkataswamy, Laura Holsopple, M. Imtiaz, M. Schuckers, S. Schuckers","doi":"10.1109/IWBF57495.2023.10157312","DOIUrl":"https://doi.org/10.1109/IWBF57495.2023.10157312","url":null,"abstract":"The temporal stability of iris recognition performance is core to its success as a biometric modality. With the expanding horizon of applications for children, gaps in the knowledge base on the temporal stability of iris recognition performance in children have impacted decision-making during applications at the global scale. This report presents the most extensive analysis of longitudinal iris recognition performance in children with data from the same 230 children over 6.5 years between enrollment and query for ages 4 to 17 years. Assessment of match scores, statistical modelling of variability factors impacting match scores and in-depth assessment of the root causes of the false rejections concludes no impact on iris recognition performance due to aging.","PeriodicalId":273412,"journal":{"name":"2023 11th International Workshop on Biometrics and Forensics (IWBF)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-03-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131215025","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-03-09DOI: 10.1109/IWBF57495.2023.10157605
Sandip Purnapatra, Conor Miller-Lynch, Stephen Miner, Yu Liu, Keivan Bahmani, Soumyabrata Dey, S. Schuckers
Touch-based fingerprint biometrics is one of the most popular biometric modalities with applications in several fields. Problems associated with touch-based techniques such as the presence of latent fingerprints and hygiene issues due to many people touching the same surface motivated the community to look for non-contact-based solutions. For the last few years, contactless fingerprint systems are on the rise and in demand because of the ability to turn any device with a camera into a fingerprint reader. Yet, before we can fully utilize the benefit of noncontact-based methods, the biometric community needs to resolve a few concerns such as the resiliency of the system against presentation attacks. One of the major obstacles is the limited publicly available data sets with inadequate spoof and live data. In this publication, we have developed a Presentation attack detection (PAD) dataset of more than 7500 four-finger images and more than 14,000 manually segmented single-fingertip images, and 10,000 synthetic fingertips (deepfakes). The PAD dataset was collected from six different Presentation Attack Instruments (PAI) of three different difficulty levels according to FIDO protocols, with five different types of PAI materials, and different smartphone cameras with manual focusing. We have utilized DenseNet-121 and NasNetMobile models and our proposed dataset to develop PAD algorithms and achieved PAD accuracy of Attack presentation classification error rate (APCER) 0.14% and Bonafide presentation classification error rate (BPCER) 0.18%. We have also reported the test results of the models against unseen spoof types to replicate uncertain real-world testing scenarios.
{"title":"Presentation Attack Detection with Advanced CNN Models for Noncontact-based Fingerprint Systems","authors":"Sandip Purnapatra, Conor Miller-Lynch, Stephen Miner, Yu Liu, Keivan Bahmani, Soumyabrata Dey, S. Schuckers","doi":"10.1109/IWBF57495.2023.10157605","DOIUrl":"https://doi.org/10.1109/IWBF57495.2023.10157605","url":null,"abstract":"Touch-based fingerprint biometrics is one of the most popular biometric modalities with applications in several fields. Problems associated with touch-based techniques such as the presence of latent fingerprints and hygiene issues due to many people touching the same surface motivated the community to look for non-contact-based solutions. For the last few years, contactless fingerprint systems are on the rise and in demand because of the ability to turn any device with a camera into a fingerprint reader. Yet, before we can fully utilize the benefit of noncontact-based methods, the biometric community needs to resolve a few concerns such as the resiliency of the system against presentation attacks. One of the major obstacles is the limited publicly available data sets with inadequate spoof and live data. In this publication, we have developed a Presentation attack detection (PAD) dataset of more than 7500 four-finger images and more than 14,000 manually segmented single-fingertip images, and 10,000 synthetic fingertips (deepfakes). The PAD dataset was collected from six different Presentation Attack Instruments (PAI) of three different difficulty levels according to FIDO protocols, with five different types of PAI materials, and different smartphone cameras with manual focusing. We have utilized DenseNet-121 and NasNetMobile models and our proposed dataset to develop PAD algorithms and achieved PAD accuracy of Attack presentation classification error rate (APCER) 0.14% and Bonafide presentation classification error rate (BPCER) 0.18%. We have also reported the test results of the models against unseen spoof types to replicate uncertain real-world testing scenarios.","PeriodicalId":273412,"journal":{"name":"2023 11th International Workshop on Biometrics and Forensics (IWBF)","volume":"61 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-03-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126599771","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-02-03DOI: 10.1109/IWBF57495.2023.10157869
N. Damer, Meiling Fang, Patrick Siebke, J. Kolf, Marco Huber, F. Boutros
Investigating new methods of creating face morphing attacks is essential to foresee novel attacks and help mitigate them. Creating morphing attacks is commonly either performed on the image-level or on the representation-level. The representation-level morphing has been performed so far based on generative adversarial networks (GAN) where the encoded images are interpolated in the latent space to produce a morphed image based on the interpolated vector. Such a process was constrained by the limited reconstruction fidelity of GAN architectures. Recent advances in the diffusion autoencoder models have overcome the GAN limitations, leading to high reconstruction fidelity. This theoretically makes them a perfect candidate to perform representation-level face morphing. This work investigates using diffusion autoencoders to create face morphing attacks by comparing them to a wide range of image-level and representation-level morphs. Our vulnerability analyses on four state-of-the-art face recognition models have shown that such models are highly vulnerable to the created attacks, the MorDIFF, especially when compared to existing representation-level morphs. Detailed detectability analyses are also performed on the MorDIFF, showing that they are as challenging to detect as other morphing attacks created on the image- or representation-level. Data and morphing script are made public1.
{"title":"MorDIFF: Recognition Vulnerability and Attack Detectability of Face Morphing Attacks Created by Diffusion Autoencoders","authors":"N. Damer, Meiling Fang, Patrick Siebke, J. Kolf, Marco Huber, F. Boutros","doi":"10.1109/IWBF57495.2023.10157869","DOIUrl":"https://doi.org/10.1109/IWBF57495.2023.10157869","url":null,"abstract":"Investigating new methods of creating face morphing attacks is essential to foresee novel attacks and help mitigate them. Creating morphing attacks is commonly either performed on the image-level or on the representation-level. The representation-level morphing has been performed so far based on generative adversarial networks (GAN) where the encoded images are interpolated in the latent space to produce a morphed image based on the interpolated vector. Such a process was constrained by the limited reconstruction fidelity of GAN architectures. Recent advances in the diffusion autoencoder models have overcome the GAN limitations, leading to high reconstruction fidelity. This theoretically makes them a perfect candidate to perform representation-level face morphing. This work investigates using diffusion autoencoders to create face morphing attacks by comparing them to a wide range of image-level and representation-level morphs. Our vulnerability analyses on four state-of-the-art face recognition models have shown that such models are highly vulnerable to the created attacks, the MorDIFF, especially when compared to existing representation-level morphs. Detailed detectability analyses are also performed on the MorDIFF, showing that they are as challenging to detect as other morphing attacks created on the image- or representation-level. Data and morphing script are made public1.","PeriodicalId":273412,"journal":{"name":"2023 11th International Workshop on Biometrics and Forensics (IWBF)","volume":"224 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-02-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130710351","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: