Vulnerability Analysis of Cross-Spectral Face Recognition Systems to Presentation Attacks
Cross-spectral face recognition (CFR) systems are engineered to enhance facial recognition operations, particularly under suboptimal conditions by facilitating cross-modal matching. A primary application involves matching near-infrared (NIR) images with visible-spectrum (VIS) images. This technology claims robustness against illumination variations and presentation attacks, such as spoofing attempts using artifacts. However, the research addressing the resilience of CFR systems specifically against such presentation attacks is sparse. This paper aims to fill this gap by meticulously evaluating the susceptibility of NIR-VIS CFR systems to presentation attacks using a comprehensive experimental framework.
Methodology Overview
The study utilized the WMCA dataset, which includes diverse spoofing attacks such as printed photographs, replayed videos, and various masks, captured using modalities like RGB, depth, infrared, and thermal. New evaluation protocols were crafted to specifically address the vulnerability of CFR models to impersonation attacks using VIS-VIS and VIS-NIR matching settings. The CFR systems evaluated include Domain Invariant Units (DIU) and Switch Style Modulation Blocks (SSMB), both trained on the MCXFace dataset for robustness across spectral discrepancies, alongside a commercial face recognition system.
Key Findings
The results reveal significant vulnerabilities in CFR systems when exposed to specific attacks, particularly laser-printed photo attacks in the NIR domain, where the Impostor Attack Presentation Match Rate (IAPMR) reached alarmingly high levels across all evaluated models. Despite general reductions in attack effectiveness for other formats such as video replays and inkjet prints in the NIR setting, laser-printed images consistently compromised the systems, suggesting critical susceptibility to specific types of NIR-reflective materials.
Implications and Future Directions
The findings have several implications. Firstly, current defenses in CFR systems against presentation attacks are insufficient, highlighting an urgent need for more robust attack detection mechanisms tailored to the NIR spectral characteristics. This calls for advancements in Presentation Attack Detection (PAD) methodologies applicable without reliance on VIS data, as typically the probe phase solely offers NIR inputs in real-world scenarios.
Future work should focus on developing NIR-specific PAD technologies and further exploring the impact of NIR-absorptive or reflective inks on spoofing detection capabilities. Additionally, while these results concentrate on impersonation attacks, exploring obfuscation strategies could reveal further vulnerabilities pertinent to practical applications, given the ease of executing such attacks in the NIR spectrum.
In conclusion, although offering operational advantages, cross-spectral face recognition systems in their current form are notably susceptible to certain presentation attacks, necessitating targeted research efforts to bolster security measures and build resilient biometric solutions.