Enhancing Biometric-Capsule-based Authentication and Facial Recognition via Deep Learning

Phillips, Tyler; Zou, Xukai; Li, Feng; Li, Ninghui

doi:10.1145/3322431.3325417

Cited by 23 publications

(24 citation statements)

References 20 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…These methods use some sort of algorithmically defined transformation to convert the face embeddings (learned from the input face images) to more secure representations. The proposed transformations include one-way cryptographic [6] or Winner Takes All [7] hashing, convolution of the embedding with a random kernel [8], use of the Fuzzy Commitment [9] or Fuzzy Vault [10] scheme, fusion of a subject's face embedding with a different subject's face embedding using keys extracted from the two sets of features [11], and homomorphic encryption [12]. The main issue with these approaches is that they have not been comprehensively evaluated in terms of their ability to simultaneously satisfy all three properties of face embedding protection methods.…”

Section: Face Embedding Protection Methodsmentioning

confidence: 99%

“…It is, therefore, precisely these embeddings that the attacker in our irreversibility analysis is trying to recover. This means that the attacker should not have access to these embeddings; however, they may be assumed to have access to the development set, since these embeddings are not used for enrollment 11 . The attacker could, therefore, use the development set's reference face embeddings to estimate the distribution of the 128 elements in the evaluation set's reference embeddings, which they are attempting to recover.…”

Section: Threat Modelmentioning

confidence: 99%

See 1 more Smart Citation

Towards Protecting Face Embeddings in Mobile Face Verification Scenarios

Hahn,

Marcel

2021

Preprint

View full text Add to dashboard Cite

This paper proposes PolyProtect, a method for protecting the sensitive face embeddings that are used to represent people's faces in neural-network-based face verification systems. PolyProtect transforms a face embedding to a more secure template, using a mapping based on multivariate polynomials parameterised by user-specific coefficients and exponents. In this work, PolyProtect is evaluated on two open-source face verification systems in a mobile application context, under the toughest threat model that assumes a fully-informed attacker with complete knowledge of the system and all its parameters. Results indicate that PolyProtect can be tuned to achieve a satisfactory trade-off between the recognition accuracy of the PolyProtected face verification system and the irreversibility of the PolyProtected templates. Furthermore, PolyProtected templates are shown to be effectively unlinkable, especially if the user-specific parameters employed in the PolyProtect mapping are selected in a non-naive manner. The evaluation is conducted using practical methodologies with tangible results, to present realistic insight into the method's robustness as a face embedding protection scheme in practice. The code to fully reproduce this work is available at: https://gitlab.idiap.ch/bob/bob.paper.polyprotect 2021.

show abstract

Section: Face Embedding Protection Methodsmentioning

confidence: 99%

Section: Threat Modelmentioning

confidence: 99%

Towards Protecting Face Embeddings in Mobile Face Verification Scenarios

Hahn,

Marcel

2021

Preprint

View full text Add to dashboard Cite

show abstract

“…Among the Non-NN face BTP methods considered thus far, hashing appears to be the most popular approach; however, alternatives are proposed in [19], [30], [31]. In [19], face features extracted from different face regions (using a CNN) are fused, and the fused feature vector is convolved with a random kernel.…”

Section: A Non-nn Face Btp Methodsmentioning

confidence: 99%

“…In [19], face features extracted from different face regions (using a CNN) are fused, and the fused feature vector is convolved with a random kernel. A fusion approach is also adopted in [30], but this time a DNN-extracted face feature vector is fused with a different person's face feature vector. Specifically, a key is generated from each feature vector, then each key is used to alter the other feature vector via element-wise multiplication, followed by vector addition of the altered feature vectors.…”

Section: A Non-nn Face Btp Methodsmentioning

confidence: 99%

“…This approach was used in [6], [13], [14], [18], [19]. Similarly, [11] trained a DNN to reduce a face feature vector to its "intrinsic" dimensionality before encrypting it (via HE), while [21] and [30] trained a CNN and an SVM, respectively, to classify already-protected face templates. The second common reason for using a train dataset among Non-NN face BTP methods, was to optimise certain parameters of handcrafted BTP algorithms (which could then be applied to the test dataset) or to train machine-learning BTP methods, but not to train a neural network.…”

Section: A Reproducibilitymentioning

confidence: 99%

See 1 more Smart Citation

Biometric Template Protection for Neural-Network-based Face Recognition Systems: A Survey of Methods and Evaluation Techniques

Hahn¹,

Marcel²

2021

Preprint

View full text Add to dashboard Cite

As automated face recognition applications tend towards ubiquity, there is a growing need to secure the sensitive face data used within these systems. This paper presents a survey of biometric template protection (BTP) methods proposed for securing face "templates" (images or representative features) in neural-network-based face recognition systems. The BTP methods are categorised into two types: Non-NN and NN-learned. Non-NN methods use a neural network (NN) as a feature extractor, but the BTP part is based on a non-NN algorithm applied at either image-level or feature-level. In contrast, NN-learned methods specifically employ a NN to learn a protected template from the unprotected face image or features. We present examples of Non-NN and NN-learned face BTP methods from the literature, along with a discussion of the two categories' comparative strengths and weaknesses. We also investigate the techniques used to evaluate these BTP methods, in terms of the three most common BTP criteria: "recognition accuracy", "irreversibility", and "renewability/unlinkability". As expected, the recognition accuracy of protected face recognition systems is generally evaluated using the same (empirical) techniques employed for evaluating standard (unprotected) biometric systems. On the contrary, most irreversibility and renewability/unlinkability evaluations are found to be based on theoretical assumptions/estimates or verbal implications, with a lack of empirical validation in a practical face recognition context. We recommend, therefore, a greater focus on empirical evaluation strategies, to provide more concrete insights into the irreversibility and renewability/unlinkability of face BTP methods in practice. Additionally, an exploration of the reproducibility of the studied BTP works, in terms of the public availability of their implementation code and evaluation datasets/procedures, suggests that it would currently be difficult for the BTP community to faithfully replicate (and thus validate) most of the reported findings. So, we advocate for a push towards reproducibility, in the hope of furthering our understanding of the face BTP research field.

show abstract