improving cross database face presentation attack
play

Improving Cross-database Face Presentation Attack Detection via - PDF document

Apr 17, 2023 •50 likes •130 views

Improving Cross-database Face Presentation Attack Detection via Adversarial Domain Adaptation Guoqing Wang 1,3 , Hu Han , 1,2 , Shiguang Shan 1,2,3,4 , and Xilin Chen 1,3 1 Key Laboratory of Intelligent Information Processing of Chinese Academy

  1. Improving Cross-database Face Presentation Attack Detection via Adversarial Domain Adaptation Guoqing Wang 1,3 , Hu Han ∗ , 1,2 , Shiguang Shan 1,2,3,4 , and Xilin Chen 1,3 1 Key Laboratory of Intelligent Information Processing of Chinese Academy of Sciences (CAS), Institute of Computing Technology, CAS, Beijing 100190, China 2 Peng Cheng Laboratory, Shenzhen, China 3 University of Chinese Academy of Sciences, Beijing 100049, China 4 CAS Center for Excellence in Brain Science and Intelligence Technology, Shanghai, China { guoqing.wang } @vipl.ict.ac.cn, { hanhu, sgshan, xlchen } @ict.ac.cn Abstract Face recognition (FR) is being widely used in many ap- plications from access control to smartphone unlock. As a result, face presentation attack detection (PAD) has drawn increasing attentions to secure the FR systems. Tradi- tional approaches for PAD mainly assume that training and testing scenarios are similar in imaging conditions (illu- mination, scene, camera sensor, etc.), and thus may lack good generalization capability into new application sce- narios. In this work, we propose an end-to-end learning approach to improve PAD generalization capability by uti- Figure 1. 2D visualization of the genuine and spoof face images lizing prior knowledge from source domain via adversarial from CASIA [35] and Idiap [6] with deeply learned features by domain adaptation. We first build a source domain PAD ResNet-18 [12]. (a) The model trained on CASIA is tested (used model optimized with triplet loss. Subsequently, we perform for feature extraction) on CASIA (intra-database testing). (b) The adversarial domain adaptation w.r.t. the target domain to model trained on CASIA is tested (used for feature extraction) on learn a shared embedding space by both the source and tar- Idiap (cross-database testing). We observe that a model trained on the source domain does not generalize well to the target domain. get domain models, in which the discriminator cannot reli- ably predict whether a sample is from the source or target domain. Finally, PAD in the target domain is performed with k-nearest neighbors (k-NN) classifier in the embedding systems [28] are vulnerable to face presentation attacks space. The proposed approach shows promising general- (PA), e.g., a printed face on paper (print attack), replay- ization capability in a number of public-domain face PAD ing a face video on a screen (replay attack), wearing a face databases. mask (3D mask attack), etc. Since an authorized user’s face images can be easily obtained with a smartphone camera or from social media, which can be used for launching at- 1. Introduction tacks against genuine users. Therefore, face PAD is an ur- gent problem to be solved. In recent years, a number of Biometric technologies such as FR are widely used in approaches have been proposed to handle print attack, re- our daily life, e.g., in smartphone unlock, access control, play attack, and 3D mask attack, respectively. Assuming and payment. It is well known that most of existing FR that there are inherent disparities between live and spoof faces, many early PAD approaches utilized hand-crafted ∗ Corresponding author. features for binary (live vs. spoof) classification with a 978-1-7281-3640-0/19/$31.00 c � 2019 IEEE

  2. 2. Related Work SVM model [5, 8, 15, 23, 31, 27, 26]. These methods have proven to be computationally efficient and work well under intra-database testing scenarios. However, the hand-crafted 2.1. Face Presentation Attack Detection (PAD) feature based methods did not show good generalization ability into a new application scenario [31]. With the suc- In the past few years, a large number of methods have cess of deep learning, e.g., Convolutional Neural Networks been proposed for face presentation attack detection, which (CNNs) [16] in many computer vision tasks, recent PAD can be grouped into two categories: hand-crafted feature approaches utilized CNNs for end-to-end face PAD or rep- based methods and deep learning feature based methods. resentation learning followed by binary classification using 1) Hand-crafted feature based methods: Since most SVM [25, 33]. For example in [18], the deep learning fea- face recognition (FR) systems are using commodity, print ture based methods show improved performance than the attack and replay attack become two major presentation at- traditional hand-crafted feature based methods under intra- tacks. The early works designed various hand-crafted fea- database scenarios; however, they also found that the deep tures based on the observed discriminative texture cues be- learning based methods may also not generalize well under tween live and spoof faces, such as LBP [8, 23], LPQ [5], cross-database testing scenarios (see a visualization in Fig. HoG [15], SIFT [26], SURF [5] and IDA features [31]. 1). The reason is that the differences between genuine and Some other works adopt hand-crafted features for face mo- spoof faces may consist of multiple factors, such as skin tion analysis such as eyes and mouth [24, 14] and 3D geom- detail loss, color distortion, moir´ e pattern, shape deforma- etry analysis [20]. Given these different hand-crafted fea- tion, and spoof artifacts. The presence of these factors un- tures classifiers such as SVM and LDA [3]. To reduce the der two scenarios (databases) can be dramatically different; influence of illumination variation and image conditions, thus it is not enough to simply treat PAD as a common two- some approaches convert the RGB images into HSV and class classification problem. To improve the robustness of YCbCr color space [4, 5] and Fourier spectrum space [19], PAD, some scenario invariant auxiliary information such as and then extract the corresponding hand-crafted features. depth and rPPG signals were also utilized to distinguish be- tween live and spoof faces [2, 21]. Recently, domain adap- The main advantages of these approaches are that they tation (DA) has been utilized to mitigate the gap between are usually computationally efficient and works well un- the target domain and the source domain during face PAD der intra-database testing scenarios. However, most of the [18, 29, 17]. times, it is not easy to collect the training data in advance, In this paper, we focus on improving PAD generaliza- which has the same conditions as the testing scenarios. tion ability for cross-database PAD, and propose an end- 2) Deep learning based methods: Heading into the era to-end trainable PAD approach via unsupervised adversar- of deep learning, a large amount of research attempts to ial domain adaption (ADA). In particular, given the labeled use CNN-based features or CNNs for face PAD [9, 25, 33] genuine and spoof face images in source domain and unla- because of the significant performance improvement re- beled face images in the target domain, we aim to learn a ported in many other computer vision tasks. CNN was used joint embedding feature space for both the source domain as a feature extractor for PAD, which is fine-tuned from and the target domain models in an adversarial way, while ImageNet-pretrained CaffeNet and VGG-face [33]. Xu et it is discriminative for distinguishing between the live and al. [32] proposed to use CNN-LSTM to model multi-frame spoof face images in the source domain. Therefore, the pro- information. Liu et al. [21] observed the overfitting issue posed approach is able to leverage the prior knowledge from of softmax loss, and proposed a novelty framework based the source domain to perform more robust PAD in the target on auxiliary-driven loss to supervise the CNN learning pro- domain. Our approach is end-to-end trainable, and achieves cess. Jourabloo et al. [13] inversely separated spoof noise promising results in cross-database face PAD on several from a spoof face, and then used it for spoof classification. public-domain databases (Idiap Replay-Attack (Idiap) [6], CASIA Face AntiSpoofing (CASIA) [35] and MSU-MFSD While the deep learning based methods show strong fea- (MSU) [31]). ture representation ability, and can be trained end-to-end, The main contributions of this work are three-fold: (i) there are inherent constraints in fully leveraging the strong a novel network architecture for improving cross-database modeling capacity of deep models: (i) while a deep net- PAD performance via adversarial domain adaptation (ADA) work usually requires a big training set, most pubic-domain to leverage the prior knowledge from the source domain; face PAD datasets are small; (ii) face PAD datasets can (ii) utilizing metric learning in building PAD model in order be severely imbalanced because of medium or manners in to obtain more discriminative feature representation for live launching presentation attack can be numerous; it is not and spoof faces; and (iii) good generalization ability in both possible to obtain training data for all these different types cross-database testing and intra-database testing scenarios. of presentation attacks. 2

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

The Replay-Mobile Face Presentation-Attack Database Conference Paper September 2016 DOI:

The Replay-Mobile Face Presentation-Attack Database Conference Paper September 2016 DOI:

See discussions, stats, and author profiles for this publication at: https://www.researchgate.net/publication/308795497 The Replay-Mobile Face Presentation-Attack Database Conference Paper September 2016 DOI: 10.1109/BIOSIG.2016.7736936

328 views • 8 slides
Cross-Site Scripting Attack (XSS) Outline The Cross-Site Scripting attack Reflected

Cross-Site Scripting Attack (XSS) Outline The Cross-Site Scripting attack Reflected

Cross-Site Scripting Attack (XSS) Outline The Cross-Site Scripting attack Reflected XSS Persistent XSS Damage done by XSS attacks XSS attacks to befriend with others XSS attacks to change other peoples

3.65k views • 37 slides
CES/NMSBA LEADERSHIP DEVELOPMENT SCHEDULE OF FOUR FACE TO FACE SESSIONS IMPROVING STUDENT

CES/NMSBA LEADERSHIP DEVELOPMENT SCHEDULE OF FOUR FACE TO FACE SESSIONS IMPROVING STUDENT

CES/NMSBA LEADERSHIP DEVELOPMENT SCHEDULE OF FOUR FACE TO FACE SESSIONS IMPROVING STUDENT ACHIEVEMENT THROUGH COMMUNITY ENGAGEMENT (KEY WORK OF SCHOOL BOARDS) POWERS AND DUTIES OF THE BOARD DECEMBER TRAINING Overview of the major

457 views • 6 slides
Face Recognition on the MORPH-II Database Morgan Ferguson University of North Carolina at

Face Recognition on the MORPH-II Database Morgan Ferguson University of North Carolina at

Face Recognition on the MORPH-II Database Face Recognition on the MORPH-II Database Morgan Ferguson University of North Carolina at Wilmington July 25, 2017 1 / 26 Face Recognition on the MORPH-II Database Overview Introduction/ Background

609 views • 26 slides
SQL Injection Attack 1 Brief Tutorial of SQL MySQL: an open-source relational database

SQL Injection Attack 1 Brief Tutorial of SQL MySQL: an open-source relational database

SQL Injection Attack 1 Brief Tutorial of SQL MySQL: an open-source relational database management system Log in to MySQL Create a Database : SHOW DATABSES command: list existing databases. Create a new database called

521 views • 30 slides
Red Cross Clubs Red Cross Clubs Why Red Cross Clubs should be started at your school What We

Red Cross Clubs Red Cross Clubs Why Red Cross Clubs should be started at your school What We

Red Cross Clubs Red Cross Clubs Why Red Cross Clubs should be started at your school What We Do The American Red Cross prevents and alleviates human suffering in the face of emergencies by mobilizing the power of volunteers and the

808 views • 21 slides
Whos in the Picture? Tamara L. Berg Cse595 Words & Pictures Face Recognition Datasets

Whos in the Picture? Tamara L. Berg Cse595 Words & Pictures Face Recognition Datasets

Whos in the Picture? Tamara L. Berg Cse595 Words & Pictures Face Recognition Datasets PIE database Yale Face Database M2VTS What the world really looks like (scenes from an airport) Challenging Even Up Close Face Scanner Failed --

655 views • 31 slides
Improved Cryptanalysis of Py Paul Crowley LShift Ltd State of the Art in Stream Ciphers 2006 Py

Improved Cryptanalysis of Py Paul Crowley LShift Ltd State of the Art in Stream Ciphers 2006 Py

Py SPP attack Improving on the attack Improved Cryptanalysis of Py Paul Crowley LShift Ltd State of the Art in Stream Ciphers 2006 Py SPP attack Improving on the attack Py eSTREAM entrant by Eli Biham and Jennifer Seberry Fast in

870 views • 38 slides
Improving RGB-D face recognition via transferring pretrained 2D networks Xingwang Xiong, Xu Wen,

Improving RGB-D face recognition via transferring pretrained 2D networks Xingwang Xiong, Xu Wen,

Improving RGB-D face recognition via transferring pretrained 2D networks Xingwang Xiong, Xu Wen, and Cheng Huang INSTITUTE O https://github.com/XingwXiong/Face3D-Pytorch OF C COMPUTING T TECHNOLOGY 3D Face Recognition Algorithm Challenge

521 views • 13 slides
Multi-modal Face Presentation Attack Detection via Spatial and Channel Attentions Guoqing Wang 1,3

Multi-modal Face Presentation Attack Detection via Spatial and Channel Attentions Guoqing Wang 1,3

Multi-modal Face Presentation Attack Detection via Spatial and Channel Attentions Guoqing Wang 1,3 , Chuanxin Lan 1 , Hu Han , 1,2 , Shiguang Shan 1,2,3,4 , and Xilin Chen 1,3 1 Key Laboratory of Intelligent Information Processing of Chinese

242 views • 7 slides
Securing PostgreSQL From External Attack B RUCE M OMJIAN January, 2012 Database systems are rich

Securing PostgreSQL From External Attack B RUCE M OMJIAN January, 2012 Database systems are rich

Securing PostgreSQL From External Attack B RUCE M OMJIAN January, 2012 Database systems are rich with attack vectors to exploit. This presentation explores the many potential PostgreSQL external vulnerabilities and shows how they can be

318 views • 29 slides
Improving Cyber Resiliency using Intelligence-led Attack Simulations Vincent Yiu Who am I?

Improving Cyber Resiliency using Intelligence-led Attack Simulations Vincent Yiu Who am I?

Improving Cyber Resiliency using Intelligence-led Attack Simulations Vincent Yiu Who am I? @vysecurity Vincent Yiu vincent.yiu@syonsecurity.com Founder of SYON Security Offensive Operations including Adversary Simulaton and Penetration

344 views • 33 slides
Improving security using data flow assertions Alex Yip, Xi Wang, Nickolai Zeldovich , Frans

Improving security using data flow assertions Alex Yip, Xi Wang, Nickolai Zeldovich , Frans

Improving security using data flow assertions Alex Yip, Xi Wang, Nickolai Zeldovich , Frans Kaashoek MIT CSAIL Many security vulnerabilities caused by programming errors Attack vector Percentage SQL injection 20.4% Cross-site scripting

912 views • 57 slides
Not-a-Bot Improving Service Availability in the Face of Botnet Attacks Overview Introduction

Not-a-Bot Improving Service Availability in the Face of Botnet Attacks Overview Introduction

Not-a-Bot Improving Service Availability in the Face of Botnet Attacks Overview Introduction to the problem Architecture of NAB A way to attest human-generated traffic Use of attestation to mitigate presented problems Results

418 views • 25 slides
Database on absorp,on cross- sec,ons of atmospheric molecules

Database on absorp,on cross- sec,ons of atmospheric molecules

Database on absorp,on cross- sec,ons of atmospheric molecules Voronina Yu. 1 , Lavren,ev N. 1 , Privezentsev V. 1 , Fazliev A. 1 , Firsov K. 2 1 Ins,tute of

216 views • 10 slides
NotaBot (NAB): Improving Service Availability in the Face of Botnet A=acks Ramakrishna

NotaBot (NAB): Improving Service Availability in the Face of Botnet A=acks Ramakrishna

NotaBot (NAB): Improving Service Availability in the Face of Botnet A=acks Ramakrishna (Ramki) Gummadi MIT Hari Balakrishnan (MIT), Petros Maniatis and Sylvia Ratnasamy (Intel Research) The problem: Service unavailability Bounced email

627 views • 28 slides
MOHIMA Annual Convention APRIL 21 2016 APRIL 21, 2016 I will pass the national certification

MOHIMA Annual Convention APRIL 21 2016 APRIL 21, 2016 I will pass the national certification

4/18/2016 MOHIMA Annual Convention APRIL 21 2016 APRIL 21, 2016 I will pass the national certification exam! Patricia Elliott, M.Ed., RHIT 1 4/18/2016 Stressed spelled backwards is Desserts Nolita, NYC RHIT EXAM CONTENT Domain I: Data

435 views • 14 slides
C O M M U N I C A T I O N S 1 0 1 K A T I E C O T H R O N S A M R A Y B U R N C O M M U

C O M M U N I C A T I O N S 1 0 1 K A T I E C O T H R O N S A M R A Y B U R N C O M M U

C O M M U N I C A T I O N S 1 0 1 K A T I E C O T H R O N S A M R A Y B U R N C O M M U N I C A T I O N S 1 0 1 W H A T I S C O M M U N I C A T I O N ? T H E A B I L I T Y T O C O N V E Y I N F O R M A T I O N T O O T H E R S

301 views • 10 slides
Geographic Top-level Domain Names NCUC Fellowship Programme Bruna Martins dos Santos

Geographic Top-level Domain Names NCUC Fellowship Programme Bruna Martins dos Santos

Geographic Top-level Domain Names NCUC Fellowship Programme Bruna Martins dos Santos Geographical Top-level Domain Names: Use of Country, territory or place names and references to language or people descriptions as a generic Top-level Domain

322 views • 5 slides
Google Master Slides Monday, April 20 @ 12pm Why should I even care about Mater Slides? 1. Saves

Google Master Slides Monday, April 20 @ 12pm Why should I even care about Mater Slides? 1. Saves

Google Master Slides Monday, April 20 @ 12pm Why should I even care about Mater Slides? 1. Saves you time 2. Consistency in design 3. Create more visually stimulating presentations 4. Become a slideshow presentation ninja Kimberly Larson

401 views • 18 slides
DOMAIN COMMUNITY REFERENCE GROUP Meeting #20 Wednesday 12 February, Seasons Botanic Gardens 1

DOMAIN COMMUNITY REFERENCE GROUP Meeting #20 Wednesday 12 February, Seasons Botanic Gardens 1

DOMAIN COMMUNITY REFERENCE GROUP Meeting #20 Wednesday 12 February, Seasons Botanic Gardens 1 WORKS UPDATE 2 ANZAC STATION PROGRAM 3 CURRENT AND UPCOMING WORKS North box base slab construction Shed finishing works Diaphragm

1.09k views • 44 slides
Investor Presentation November 2018 Forward-Looking Statements and Other Disclaimers

Investor Presentation November 2018 Forward-Looking Statements and Other Disclaimers

Investor Presentation November 2018 Forward-Looking Statements and Other Disclaimers Forward-Looking Statements and Cautionary Statements The foregoing contains forward -looking statements within the meaning of Section 27A of the Securities

482 views • 25 slides
COP4020 Paper and Presentation General paper and presentation requirements You are to produce a

COP4020 Paper and Presentation General paper and presentation requirements You are to produce a

COP4020 Paper and Presentation General paper and presentation requirements You are to produce a paper and a presentation comparing and contrasting two programming languages. You can choose two programming languages that are closely related to

331 views • 3 slides
Magnolia Oil & Gas Corporation Investor Presentation May 2019 Disclaimer FORWARD LOOKING

Magnolia Oil & Gas Corporation Investor Presentation May 2019 Disclaimer FORWARD LOOKING

Magnolia Oil & Gas Corporation Investor Presentation May 2019 Disclaimer FORWARD LOOKING STATEMENTS The information in this presentation and the oral statements made in connection therewith include forward-looking statements within

373 views • 25 slides

More recommend