A Deep, Information-theoretic Framework for Robust Biometric Recognition
This addresses security issues in biometric recognition systems for applications requiring reliable identity verification, but it is incremental as it adapts an existing method to a specific domain.
The paper tackles the vulnerability of deep neural network-based biometric recognition systems to adversarial attacks, which can cause unexpected matches between valid and synthetic biometrics, and presents a deep information-theoretic framework that improves both robustness against attacks and recognition performance over state-of-the-art methods.
Deep neural networks (DNN) have been a de facto standard for nowadays biometric recognition solutions. A serious, but still overlooked problem in these DNN-based recognition systems is their vulnerability against adversarial attacks. Adversarial attacks can easily cause the output of a DNN system to greatly distort with only tiny changes in its input. Such distortions can potentially lead to an unexpected match between a valid biometric and a synthetic one constructed by a strategic attacker, raising security issue. In this work, we show how this issue can be resolved by learning robust biometric features through a deep, information-theoretic framework, which builds upon the recent deep variational information bottleneck method but is carefully adapted to biometric recognition tasks. Empirical evaluation demonstrates that our method not only offers stronger robustness against adversarial attacks but also provides better recognition performance over state-of-the-art approaches.