More Web Proxy on the site http://driver.im/

research-article

The Many-faced God: Attacking Face Verification System with Embedding and Image Recovery

Authors:

Zhou LiAuthors Info & Claims

ACSAC '21: Proceedings of the 37th Annual Computer Security Applications Conference

Pages 17 - 30

https://doi.org/10.1145/3485832.3485840

Published: 06 December 2021 Publication History

Abstract

Face verification system (FVS), which can automatically verify a person’s identity, has been increasingly deployed in the real-world settings. Key to its success is the inclusion of face embedding, a technique that can detect similar photos of the same person by deep neural networks.

We found the score displayed together with the verification result can be utilized by an adversary to “fabricate” a face to pass FVS. Specifically, embeddings can be reversed at high accuracy with the scores. The adversary can further learn the appearance of the victim using a new machine-learning technique developed by us, which we call embedding-reverse GAN. The attack is quite effective in embedding and image recovery. With 2 queries to a FVS, the adversary can bypass the FVS at 40% success rate. When the query number raises to 20, FVS can be bypassed almost every time. The reconstructed face image is also similar to victim’s.

References

[1]

2020. Wide Resnet Git. https://github.com/szagoruyko/wide-residual-networks. https://github.com/szagoruyko/wide-residual-networks Accessed: 2020-01-10.

[2]

AMGTime. [n.d.]. Face Recognition, Fingerprint, Proximity Cards 4 in 1 Biometric Time Attendance Package. https://amgtime.com/hardware-facial-recognition-technology-rfid-time-attendance. Accessed: 2019-12-20.

[3]

Brandon Amos, Bartosz Ludwiczuk, and Mahadev Satyanarayanan. 2016. OpenFace: A general-purpose face recognition library with mobile applications. Technical Report. CMU-CS-16-118, CMU School of Computer Science.

[4]

Apple. [n.d.]. About Face ID advanced technology. https://support.apple.com/en-us/HT208108. Accessed: 2019-12-20.

[5]

Martin Arjovsky, Soumith Chintala, and Léon Bottou. 2017. Wasserstein gan. arXiv preprint arXiv:1701.07875(2017).

[6]

Vijay Badrinarayanan, Alex Kendall, and Roberto Cipolla. 2017. Segnet: A deep convolutional encoder-decoder architecture for image segmentation. IEEE transactions on pattern analysis and machine intelligence 39, 12(2017), 2481–2495.

[7]

Lejla Batina, Shivam Bhasin, Dirmanto Jap, and Stjepan Picek. 2019. CSI NN: Reverse Engineering of Neural Network Architectures Through Electromagnetic Side Channel. In 28th USENIX Security Symposium (USENIX Security 19). USENIX Association, Santa Clara, CA, 515–532. https://www.usenix.org/conference/usenixsecurity19/presentation/batina

[8]

Matthew Braga. [n.d.]. Facial recognition technology is coming to Canadian airports this spring. https://www.cbc.ca/news/technology/cbsa-canada-airports-facial-recognition-kiosk-biometrics-1.4007344. Accessed: 2019-12-20.

[9]

Varun Chandrasekaran, Kamalika Chaudhuri, Irene Giacomelli, Somesh Jha, and Songbai Yan. 2020. Exploring Connections Between Active Learning and Model Extraction. In 29th USENIX Security Symposium (USENIX Security 20). USENIX Association, Boston, MA.

[10]

Clarifai. 2019. Clarifai Face Embedding. https://www.clarifai.com/models/face-embedding-image-recognition-model-d02b4508df58432fbb84e800597b8959.

[11]

Clarifai. 2020. Computer Vision AI Technology Case Studies. https://www.clarifai.com/customers. Accessed: 2020-04-10.

[12]

Intel Corporation, Willow Garage, and Itseez. [n.d.]. OpenCV. https://opencv.org/. Accessed: 2019-01-20.

[13]

Jacson Rodrigues Correia-Silva, Rodrigo F Berriel, Claudine Badue, Alberto F de Souza, and Thiago Oliveira-Santos. 2018. Copycat CNN: Stealing Knowledge by Persuading Confession with Random Non-Labeled Data. In 2018 International Joint Conference on Neural Networks (IJCNN). IEEE, 1–8.

[14]

DERMALOG. 2020. DERMALOG Home Page. https://www.dermalog.com/products/software/face-recognition/. Accessed: 2020-01-10.

[15]

Vasisht Duddu, Debasis Samanta, D. Vijay Rao, and Valentina E. Balas. 2018. Stealing Neural Networks via Timing Side Channels. CoRR abs/1812.11720(2018). arxiv:1812.11720http://arxiv.org/abs/1812.11720

[16]

Nesli Erdogmus and Sebastien Marcel. 2014. Spoofing face recognition with 3D masks. IEEE transactions on information forensics and security 9, 7(2014), 1084–1097.

Digital Library

[17]

Australian Border Force. [n.d.]. Smartgates. https://www.abf.gov.au/entering-and-leaving-australia/smartgates/arrivals. Accessed: 2019-12-20.

[18]

Matt Fredrikson, Somesh Jha, and Thomas Ristenpart. 2015. Model inversion attacks that exploit confidence information and basic countermeasures. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security. ACM, 1322–1333.

Digital Library

[19]

Matthew Fredrikson, Eric Lantz, Somesh Jha, Simon Lin, David Page, and Thomas Ristenpart. 2014. Privacy in Pharmacogenetics: An End-to-End Case Study of Personalized Warfarin Dosing. In USENIX Security Symposium. 17–32.

[20]

Jon Gauthier. 2014. Conditional generative adversarial nets for convolutional face generation. Class Project for Stanford CS231N: Convolutional Neural Networks for Visual Recognition, Winter semester 2014, 5 (2014), 2.

[21]

Aristides Gionis, Piotr Indyk, Rajeev Motwani, 1999. Similarity search in high dimensions via hashing. In Vldb, Vol. 99. 518–529.

[22]

Ian Goodfellow, Jean Pouget-Abadie, Mehdi Mirza, Bing Xu, David Warde-Farley, Sherjil Ozair, Aaron Courville, and Yoshua Bengio. 2014. Generative adversarial nets. In Advances in neural information processing systems. 2672–2680.

[23]

Ishaan Gulrajani, Faruk Ahmed, Martin Arjovsky, Vincent Dumoulin, and Aaron C Courville. 2017. Improved training of wasserstein gans. In Advances in neural information processing systems. 5767–5777.

[24]

Jamie Hayes, Luca Melis, George Danezis, and Emiliano De Cristofaro. 2017. LOGAN: evaluating privacy leakage of generative models using generative adversarial networks. arXiv preprint arXiv:1705.07663(2017).

[25]

Kaiming He, Xiangyu Zhang, Shaoqing Ren, and Jian Sun. 2016. Deep residual learning for image recognition. In Proceedings of the IEEE conference on computer vision and pattern recognition. 770–778.

[26]

Sanghyun Hong, Michael Davinroy, Yiǧitcan Kaya, Stuart Nevans Locke, Ian Rackow, Kevin Kulda, Dana Dachman-Soled, and Tudor Dumitraş. 2018. Security analysis of deep neural networks operating in the presence of cache side-channel attacks. arXiv preprint arXiv:1810.03487(2018).

[27]

Xing Hu, Ling Liang, Lei Deng, Shuangchen Li, Xinfeng Xie, Yu Ji, Yufei Ding, Chang Liu, Timothy Sherwood, and Yuan Xie. 2019. Neural Network Model Extraction Attacks in Edge Devices by Hearing Architectural Hints. CoRR abs/1903.03916(2019). arxiv:1903.03916http://arxiv.org/abs/1903.03916

[28]

Weizhe Hua, Zhiru Zhang, and G. Edward Suh. 2018. Reverse Engineering Convolutional Neural Networks Through Side-channel Information Leaks. In Proceedings of the 55th Annual Design Automation Conference (San Francisco, California) (DAC ’18). ACM, New York, NY, USA, Article 4, 6 pages. https://doi.org/10.1145/3195970.3196105

Digital Library

[29]

Idency. [n.d.]. Facial Recognition Time and Attendance Machines. https://idency.com/product-category/authentication/time-and-attendance/biometric-time-and-attendance-systems/facial-time-attendance/. Accessed: 2019-12-20.

[30]

Phillip Isola, Jun-Yan Zhu, Tinghui Zhou, and Alexei A Efros. 2017. Image-to-Image Translation with Conditional Adversarial Networks. In 2017 IEEE Conference on Computer Vision and Pattern Recognition (CVPR). IEEE, 5967–5976.

[31]

Jinyuan Jia, Ahmed Salem, Michael Backes, Yang Zhang, and Neil Zhenqiang Gong. 2019. MemGuard: Defending against Black-Box Membership Inference Attacks via Adversarial Examples. In Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security. ACM, 259–274.

Digital Library

[32]

Mika Juuti, Sebastian Szyller, Samuel Marchal, and N Asokan. 2019. PRADA: protecting against DNN model stealing attacks. In 2019 IEEE European Symposium on Security and Privacy (EuroS&P). IEEE, 512–527.

[33]

Davis E. King. [n.d.]. dlib C++ library. http://dlib.net/. Accessed: 2019-01-20.

[34]

Andrea Lagorio, Massimo Tistarelli, Marinella Cadoni, Clinton Fookes, and Sridha Sridharan. 2013. Liveness detection based on 3D face shape analysis. In 2013 International Workshop on Biometrics and Forensics (IWBF). IEEE, 1–4.

[35]

Gary B. Huang Erik Learned-Miller. 2014. Labeled Faces in the Wild: Updates and New Reporting Procedures. Technical Report UM-CS-2014-003. University of Massachusetts, Amherst.

[36]

Yan Li, Yingjiu Li, Qiang Yan, Hancong Kong, and Robert H. Deng. 2015. Seeing Your Face Is Not Enough: An Inertial Sensor-Based Liveness Detection for Face Authentication. In Proceedings of the 22Nd ACM SIGSAC Conference on Computer and Communications Security (Denver, Colorado, USA) (CCS ’15). ACM, New York, NY, USA, 1558–1569. https://doi.org/10.1145/2810103.2813612

Digital Library

[37]

Yan Li, Ke Xu, Qiang Yan, Yingjiu Li, and Robert H Deng. 2014. Understanding OSN-based facial disclosure against face authentication systems. In Proceedings of the 9th ACM symposium on Information, computer and communications security. ACM, 413–424.

Digital Library

[38]

Ziwei Liu, Ping Luo, Xiaogang Wang, and Xiaoou Tang. 2015. Deep Learning Face Attributes in the Wild. In Proceedings of International Conference on Computer Vision (ICCV).

Digital Library

[39]

Yunhui Long, Vincent Bindschaedler, Lei Wang, Diyue Bu, Xiaofeng Wang, Haixu Tang, Carl A. Gunter, and Kai Chen. 2018. Understanding Membership Inferences on Well-Generalized Learning Models. CoRR abs/1802.04889(2018).

[40]

Jaime Lorenzo-Trueba, Fuming Fang, Xin Wang, Isao Echizen, Junichi Yamagishi, and Tomi Kinnunen. 2018. Can we steal your vocal identity from the Internet?: Initial investigation of cloning Obama’s voice using GAN, WaveNet and low-quality found data. arXiv preprint arXiv:1803.00860(2018).

[41]

Xiaojiao Mao, Chunhua Shen, and Yu-Bin Yang. 2016. Image restoration using very deep convolutional encoder-decoder networks with symmetric skip connections. In Advances in neural information processing systems. 2802–2810.

[42]

Luca Melis, Congzheng Song, Emiliano De Cristofaro, and Vitaly Shmatikov. 2019. Exploiting Unintended Feature Leakage in Collaborative Learning. In 2019 IEEE Symposium on Security and Privacy, SP 2019, San Francisco, CA, USA, May 19-23, 2019. 691–706. https://doi.org/10.1109/SP.2019.00029

[43]

Hoda Naghibijouybari, Ajaya Neupane, Zhiyun Qian, and Nael Abu-Ghazaleh. 2018. Rendered insecure: GPU side channel attacks are practical. In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. ACM, 2139–2153.

Digital Library

[44]

NPR. [n.d.]. Police Facial Recognition Databases Log About Half Of Americans. https://www.npr.org/2016/10/23/499042369/police-facial-recognition-databases-log-about-half-of-americans. Accessed: 2019-12-20.

[45]

Seong Joon Oh, Max Augustin, Bernt Schiele, and Mario Fritz. 2017. Towards reverse-engineering black-box neural networks. arXiv preprint arXiv:1711.01768(2017).

[46]

Nicolas Papernot, Patrick McDaniel, Ian Goodfellow, Somesh Jha, Z Berkay Celik, and Ananthram Swami. 2017. Practical black-box attacks against machine learning. In Proceedings of the 2017 ACM on Asia conference on computer and communications security. ACM, 506–519.

Digital Library

[47]

Jeff John Roberts. [n.d.]. Here’s How Many Adult Faces Are Scanned From Facial Recognition Databases by Cops. https://fortune.com/2016/10/18/facial-recognition-database/. Accessed: 2019-12-20.

[48]

Todd Rowland and Eric W Weisstein. [n.d.]. Lipschitz Function. http://mathworld.wolfram.com/LipschitzFunction.html. Accessed: 2020-01-02.

[49]

Ahmed Salem, Yang Zhang, Mathias Humbert, Pascal Berrang, Mario Fritz, and Michael Backes. 2018. Ml-leaks: Model and data independent membership inference attacks and defenses on machine learning models. arXiv preprint arXiv:1806.01246(2018).

[50]

Samsung. [n.d.]. How does Face recognition work on Galaxy Note10, Galaxy Note10+, and Galaxy Fold?https://www.samsung.com/global/galaxy/what-is/face-recognition/. Accessed: 2019-12-20.

[51]

David Sandberg. 2019. The most popular facenet implementation and pre-trained model.https://github.com/davidsandberg/facenet. Accessed: 2019-01-20.

[52]

Florian Schroff, Dmitry Kalenichenko, and James Philbin. 2015. Facenet: A unified embedding for face recognition and clustering. In Proceedings of the IEEE conference on computer vision and pattern recognition. 815–823.

[53]

Mahmood Sharif, Sruti Bhagavatula, Lujo Bauer, and Michael K. Reiter. 2016. Accessorize to a Crime: Real and Stealthy Attacks on State-of-the-Art Face Recognition. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security (Vienna, Austria) (CCS ’16). ACM, New York, NY, USA, 1528–1540. https://doi.org/10.1145/2976749.2978392

Digital Library

[54]

Reza Shokri, Marco Stronati, Congzheng Song, and Vitaly Shmatikov. 2017. Membership inference attacks against machine learning models. In Security and Privacy (SP), 2017 IEEE Symposium on. IEEE, 3–18.

[55]

Avinash Kumar Singh, Piyush Joshi, and Gora Chand Nandi. 2014. Face recognition with liveness detection using eye and mouth movement. In 2014 international conference on signal propagation and computer technology (ICSPCT 2014). IEEE, 592–597.

[56]

Nitish Srivastava, Geoffrey Hinton, Alex Krizhevsky, Ilya Sutskever, and Ruslan Salakhutdinov. 2014. Dropout: A Simple Way to Prevent Neural Networks from Overfitting. Journal of Machine Learning Research 15 (2014), 1929–1958. http://jmlr.org/papers/v15/srivastava14a.html

Digital Library

[57]

Di Tang, Zhe Zhou, Yinqian Zhang, and Kehuan Zhang. 2018. Face Flashing: a Secure Liveness Detection Protocol based on Light Reflections. In 25th Annual Network and Distributed System Security Symposium, NDSS 2018, San Diego, California, USA, February 18-21, 2018. http://wp.internetsociety.org/ndss/wp-content/uploads/sites/25/2018/02/ndss2018_03B-5_Tang_paper.pdf

[58]

Florian Tramèr, Fan Zhang, Ari Juels, Michael K Reiter, and Thomas Ristenpart. 2016. Stealing Machine Learning Models via Prediction APIs. In USENIX Security Symposium. 601–618.

Digital Library

[59]

Erkam Uzun, Simon Pak Ho Chung, Irfan Essa, and Wenke Lee. 2018. rtCaptcha: A Real-Time CAPTCHA Based Liveness Detection System. In NDSS.

[60]

Binghui Wang and Neil Zhenqiang Gong. 2018. Stealing Hyperparameters in Machine Learning. In 2018 IEEE Symposium on Security and Privacy, SP 2018, Proceedings, 21-23 May 2018, San Francisco, California, USA. 36–52.

[61]

Lingxiao Wei, Bo Luo, Yu Li, Yannan Liu, and Qiang Xu. 2018. I Know What You See: Power Side-Channel Attack on Convolutional Neural Network Accelerators. In Proceedings of the 34th Annual Computer Security Applications Conference (San Juan, PR, USA) (ACSAC ’18). ACM, New York, NY, USA, 393–406.

Digital Library

[62]

Wolfram. [n.d.]. Pseudoinverse. http://mathworld.wolfram.com/Pseudoinverse.html. Accessed: 2019-01-20.

[63]

Taihong Xiao, Jiapeng Hong, and Jinwen Ma. 2018. Elegant: Exchanging latent encodings with gan for transferring multiple face attributes. In Proceedings of the European conference on computer vision (ECCV). 168–184.

Digital Library

[64]

Yi Xu, True Price, Jan-Michael Frahm, and Fabian Monrose. 2016. Virtual u: Defeating face liveness detection by building virtual models from your public photos. In 25th {USENIX} Security Symposium ({USENIX} Security 16). 497–512.

[65]

Mengjia Yan, Christopher Fletcher, and Josep Torrellas. 2018. Cache telepathy: Leveraging shared resource attacks to learn DNN architectures. arXiv preprint arXiv:1808.04761(2018).

[66]

Lu Yang, Qing Song, and Yingqi Wu. 2021. Attacks on state-of-the-art face recognition using attentional adversarial attack generative network. Multimedia Tools and Applications 80, 1 (2021), 855–875.

Digital Library

[67]

Ziqi Yang, Jiyi Zhang, Ee-Chien Chang, and Zhenkai Liang. 2019. Neural Network Inversion in Adversarial Setting via Background Knowledge Alignment. In Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security(London, United Kingdom) (CCS ’19). ACM, New York, NY, USA, 225–240. https://doi.org/10.1145/3319535.3354261

Digital Library

[68]

Dong Yi, Zhen Lei, Shengcai Liao, and Stan Z. Li. 2014. Learning Face Representation from Scratch. CoRR abs/1411.7923(2014). arxiv:1411.7923http://arxiv.org/abs/1411.7923

[69]

Honggang Yu, Kaichen Yang, Teng Zhang, Yun-Yun Tsai, Tsung-Yi Ho, and Yier Jin. 2020. CloudLeak: Large-Scale Deep Learning Models Stealing Through Adversarial Examples. In NDSS.

[70]

Sergey Zagoruyko and Nikos Komodakis. 2016. Wide residual networks. arXiv preprint arXiv:1605.07146(2016).

[71]

Han Zhang, Ian Goodfellow, Dimitris Metaxas, and Augustus Odena. 2018. Self-attention generative adversarial networks. arXiv preprint arXiv:1805.08318(2018).

[72]

Yizhe Zhang, Zhe Gan, Kai Fan, Zhi Chen, Ricardo Henao, Dinghan Shen, and Lawrence Carin. 2017. Adversarial feature matching for text generation. In Proceedings of the 34th International Conference on Machine Learning-Volume 70. JMLR. org, 4006–4015.

Digital Library

[73]

Andrey Zhmoginov and Mark Sandler. 2016. Inverting face embeddings with convolutional neural networks. arXiv preprint arXiv:1606.04189(2016).

[74]

Zhe Zhou, Di Tang, Xiaofeng Wang, Weili Han, Xiangyu Liu, and Kehuan Zhang. 2018. Invisible mask: Practical attacks on face recognition with infrared. arXiv preprint arXiv:1803.04683(2018).

[75]

Jun-Yan Zhu, Taesung Park, Phillip Isola, and Alexei A Efros. 2017. Unpaired Image-to-Image Translation Using Cycle-Consistent Adversarial Networks. In Computer Vision (ICCV), 2017 IEEE International Conference on. IEEE, 2242–2251.

Cited By

Zhou MWang QLi QZhou WYang JShen C(2024)Securing Face Liveness Detection on Mobile Devices Using Unforgeable Lip Motion PatternsIEEE Transactions on Mobile Computing10.1109/TMC.2024.336778123:10(9772-9788)Online publication date: 20-Feb-2024
https://dl.acm.org/doi/10.1109/TMC.2024.3367781
Chen MZhang ZWang TBackes MZhang YCalandrino JTroncoso C(2023)FACE-AUDITORProceedings of the 32nd USENIX Conference on Security Symposium10.5555/3620237.3620640(7195-7212)Online publication date: 9-Aug-2023
https://dl.acm.org/doi/10.5555/3620237.3620640
Zhang XYe HHuang ZYe XCao YZhang YYang M(2023)Understanding the (In)Security of Cross-side Face Verification Systems in Mobile Apps: A System Perspective2023 IEEE Symposium on Security and Privacy (SP)10.1109/SP46215.2023.10179474(934-950)Online publication date: May-2023
https://doi.org/10.1109/SP46215.2023.10179474

Index Terms

The Many-faced God: Attacking Face Verification System with Embedding and Image Recovery
1. Computing methodologies
  1. Artificial intelligence
    1. Computer vision
      1. Computer vision problems
        Matching
        Object identification
      2. Computer vision tasks
        Biometrics
  2. Machine learning
    1. Machine learning approaches
      1. Neural networks
2. Security and privacy
  1. Human and societal aspects of security and privacy
    1. Social aspects of security and privacy
  2. Security services
    1. Authentication
      1. Biometrics

Index terms have been assigned to the content through auto-classification.

Recommendations

Face image de-identification based on feature embedding
Abstract
A large number of images are available on the Internet with the growth of social networking services, and many of them are face photos or contain faces. It is necessary to protect the privacy of face images to prevent their malicious use by face ...
Sparsity sharing embedding for face verification
ACCV'12: Proceedings of the 11th Asian conference on Computer Vision - Volume Part II

Face verification in an uncontrolled environment is a challenging task due to the possibility of large variations in pose, illumination, expression, occlusion, age, scale, and misalignment. To account for these intra-personal settings, this paper ...
Attacking dynamic code
The Continuing Arms Race

Typically, code-reuse attacks exhibit unique characteristics in the control flow (and the data flow) that allow for generic protections, regardless of the language an application was programmed in. For example, if one can afford to monitor all return ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Other conferences

ACSAC '21: Proceedings of the 37th Annual Computer Security Applications Conference

December 2021

1077 pages

ISBN:9781450385794

DOI:10.1145/3485832

Copyright © 2021 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 06 December 2021

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Qualifiers

Research-article
Research
Refereed limited

Funding Sources

National Natural Science Foundation of China

Conference

ACSAC '21

ACSAC '21: Annual Computer Security Applications Conference

December 6 - 10, 2021

Virtual Event, USA

Acceptance Rates

Overall Acceptance Rate 104 of 497 submissions, 21%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

3
Total Citations
View Citations
346
Total Downloads

Downloads (Last 12 months)37
Downloads (Last 6 weeks)6

Reflects downloads up to 19 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Zhou MWang QLi QZhou WYang JShen C(2024)Securing Face Liveness Detection on Mobile Devices Using Unforgeable Lip Motion PatternsIEEE Transactions on Mobile Computing10.1109/TMC.2024.336778123:10(9772-9788)Online publication date: 20-Feb-2024
https://dl.acm.org/doi/10.1109/TMC.2024.3367781
Chen MZhang ZWang TBackes MZhang YCalandrino JTroncoso C(2023)FACE-AUDITORProceedings of the 32nd USENIX Conference on Security Symposium10.5555/3620237.3620640(7195-7212)Online publication date: 9-Aug-2023
https://dl.acm.org/doi/10.5555/3620237.3620640
Zhang XYe HHuang ZYe XCao YZhang YYang M(2023)Understanding the (In)Security of Cross-side Face Verification Systems in Mobile Apps: A System Perspective2023 IEEE Symposium on Security and Privacy (SP)10.1109/SP46215.2023.10179474(934-950)Online publication date: May-2023
https://doi.org/10.1109/SP46215.2023.10179474

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

HTML Format

View this article in HTML Format.

Media

Figures

Other

Tables

View Table of Contents