Simultaneous Adversarial Attacks On Multiple Face Recognition System Components
This work addresses security vulnerabilities in face recognition systems, which is critical for applications in surveillance and authentication, though it is an incremental advancement over prior research on individual components.
The paper tackles the problem of adversarial attacks on face recognition systems by simultaneously fooling multiple components, achieving up to 100% attack success rates against both the face detector and feature extractor.
In this work, we investigate the potential threat of adversarial examples to the security of face recognition systems. Although previous research has explored the adversarial risk to individual components of FRSs, our study presents an initial exploration of an adversary simultaneously fooling multiple components: the face detector and feature extractor in an FRS pipeline. We propose three multi-objective attacks on FRSs and demonstrate their effectiveness through a preliminary experimental analysis on a target system. Our attacks achieved up to 100% Attack Success Rates against both the face detector and feature extractor and were able to manipulate the face detection probability by up to 50% depending on the adversarial objective. This research identifies and examines novel attack vectors against FRSs and suggests possible ways to augment the robustness by leveraging the attack vector's knowledge during training of an FRS's components.