Skip to main content

Accessorize to a crime: Real and stealthy attacks on state-of-the-art face recognition

Publication ,  Conference
Sharif, M; Bhagavatula, S; Bauer, L; Reiter, MK
Published in: Proceedings of the ACM Conference on Computer and Communications Security
October 24, 2016

Machine learning is enabling a myriad innovations, including new algorithms for cancer diagnosis and self-driving cars. The broad use of machine learning makes it important to understand the extent to which machine-learning algorithms are subject to attack, particularly when used in applications where physical security or safety is at risk. In this paper, we focus on facial biometric systems, which are widely used in surveillance and access control. We define and investigate a novel class of attacks: attacks that are physically realizable and inconspicuous, and allow an attacker to evade recognition or impersonate another individual. We develop a systematic method to automatically generate such attacks, which are realized through printing a pair of eyeglass frames. When worn by the attacker whose image is supplied to a state-of-the-art face-recognition algorithm, the eyeglasses allow her to evade being recognized or to impersonate another individual. Our investigation focuses on white-box face-recognition systems, but we also demonstrate how similar techniques can be used in black-box scenarios, as well as to avoid face detection.

Duke Scholars

Altmetric Attention Stats
Dimensions Citation Stats

Published In

Proceedings of the ACM Conference on Computer and Communications Security

DOI

ISSN

1543-7221

Publication Date

October 24, 2016

Volume

24-28-October-2016

Start / End Page

1528 / 1540
 

Citation

APA
Chicago
ICMJE
MLA
NLM
Sharif, M., Bhagavatula, S., Bauer, L., & Reiter, M. K. (2016). Accessorize to a crime: Real and stealthy attacks on state-of-the-art face recognition. In Proceedings of the ACM Conference on Computer and Communications Security (Vol. 24-28-October-2016, pp. 1528–1540). https://doi.org/10.1145/2976749.2978392
Sharif, M., S. Bhagavatula, L. Bauer, and M. K. Reiter. “Accessorize to a crime: Real and stealthy attacks on state-of-the-art face recognition.” In Proceedings of the ACM Conference on Computer and Communications Security, 24-28-October-2016:1528–40, 2016. https://doi.org/10.1145/2976749.2978392.
Sharif M, Bhagavatula S, Bauer L, Reiter MK. Accessorize to a crime: Real and stealthy attacks on state-of-the-art face recognition. In: Proceedings of the ACM Conference on Computer and Communications Security. 2016. p. 1528–40.
Sharif, M., et al. “Accessorize to a crime: Real and stealthy attacks on state-of-the-art face recognition.” Proceedings of the ACM Conference on Computer and Communications Security, vol. 24-28-October-2016, 2016, pp. 1528–40. Scopus, doi:10.1145/2976749.2978392.
Sharif M, Bhagavatula S, Bauer L, Reiter MK. Accessorize to a crime: Real and stealthy attacks on state-of-the-art face recognition. Proceedings of the ACM Conference on Computer and Communications Security. 2016. p. 1528–1540.

Published In

Proceedings of the ACM Conference on Computer and Communications Security

DOI

ISSN

1543-7221

Publication Date

October 24, 2016

Volume

24-28-October-2016

Start / End Page

1528 / 1540