TY - GEN
T1 - A negative number vulnerability for histogram-based face recognition systems
AU - Baroughi, Alireza Farrokh
AU - Craver, Scott
AU - Mohsin, Mohammed Faizan
N1 - Publisher Copyright: © 2015 ACM.
PY - 2015/6/17
Y1 - 2015/6/17
N2 - A popular method of face identification is the use of local binary pattern (LBP) histograms. In this method, a face image is partitioned into regions, and a histogram of features is produced for each region; faces are compared by measuring the similarity of their histograms through statistics such as ?2 score or K-L divergence. Comparison of histograms, however, is particularly prone to exploitation via a negative-number bug if coded naively. This allows a surprisingly precise and powerful attack: if an adversary can alter a histogram to change a single zero to a negative number of appropriate magnitude, the change will induce a negligible difference in matching under ordinary use, but match an attacker to an intended victim if the attacker briefly displays a printed striped pattern to a camera. This tampering is minor and can be inflicted long before the attack, allowing the insertion of a back door in a face recognition system that will behave normally until the moment of exploitation. We exhibit an example of this bug in the wild, in the OpenCV computer vision library, and illustrate the effectiveness of this attack in impersonating multiple victims.
AB - A popular method of face identification is the use of local binary pattern (LBP) histograms. In this method, a face image is partitioned into regions, and a histogram of features is produced for each region; faces are compared by measuring the similarity of their histograms through statistics such as ?2 score or K-L divergence. Comparison of histograms, however, is particularly prone to exploitation via a negative-number bug if coded naively. This allows a surprisingly precise and powerful attack: if an adversary can alter a histogram to change a single zero to a negative number of appropriate magnitude, the change will induce a negligible difference in matching under ordinary use, but match an attacker to an intended victim if the attacker briefly displays a printed striped pattern to a camera. This tampering is minor and can be inflicted long before the attack, allowing the insertion of a back door in a face recognition system that will behave normally until the moment of exploitation. We exhibit an example of this bug in the wild, in the OpenCV computer vision library, and illustrate the effectiveness of this attack in impersonating multiple victims.
KW - Biometrics
KW - Face identification
KW - Local binary pattern
KW - OpenCV
UR - https://www.scopus.com/pages/publications/84962826212
U2 - 10.1145/2756601.2756617
DO - 10.1145/2756601.2756617
M3 - Conference contribution
T3 - IH and MMSec 2015 - Proceedings of the 2015 ACM Workshop on Information Hiding and Multimedia Security
SP - 155
EP - 160
BT - IH and MMSec 2015 - Proceedings of the 2015 ACM Workshop on Information Hiding and Multimedia Security
PB - Association for Computing Machinery, Inc
T2 - 3rd ACM Information Hiding and Multimedia Security Workshop, IH and MMSec 2015
Y2 - 17 June 2015 through 19 June 2015
ER -