| Title | An Adversarial Perturbation Approach Against CNN-based Soft Biometrics Detection |
| Publication Type | Conference Paper |
| Year of Publication | 2019 |
| Authors | Marrone, Stefano, Sansone, Carlo |
| Conference Name | 2019 International Joint Conference on Neural Networks (IJCNN) |
| Date Published | jul |
| Keywords | adversarial perturbation approach, adversarial stickers, authentication, authentication systems, biometric approaches, biometric-based authentication systems, biometrics (access control), CNN-based soft biometrics detection, Computer vision, computer vision tasks, convolutional neural nets, daily life consumer electronics, data privacy, Data processing, Deep Learning, Expert Systems and Privacy, Gender, Human Behavior, human factors, keystroke dynamics, learning (artificial intelligence), Neural networks, Perturbation methods, privacy, privacy threats, pubcrawl, Scalability, security of data, sensitive information, subject ethnicity, unwanted soft biometrics-based identification |
| Abstract | The use of biometric-based authentication systems spread over daily life consumer electronics. Over the years, researchers' interest shifted from hard (such as fingerprints, voice and keystroke dynamics) to soft biometrics (such as age, ethnicity and gender), mainly by using the latter to improve the authentication systems effectiveness. While newer approaches are constantly being proposed by domain experts, in the last years Deep Learning has raised in many computer vision tasks, also becoming the current state-of-art for several biometric approaches. However, since the automatic processing of data rich in sensitive information could expose users to privacy threats associated to their unfair use (i.e. gender or ethnicity), in the last years researchers started to focus on the development of defensive strategies in the view of a more secure and private AI. The aim of this work is to exploit Adversarial Perturbation, namely approaches able to mislead state-of-the-art CNNs by injecting a suitable small perturbation over the input image, to protect subjects against unwanted soft biometrics-based identification by automatic means. In particular, since ethnicity is one of the most critical soft biometrics, as a case of study we will focus on the generation of adversarial stickers that, once printed, can hide subjects ethnicity in a real-world scenario. |
| DOI | 10.1109/IJCNN.2019.8851997 |
| Citation Key | marrone_adversarial_2019 |
An Adversarial Perturbation Approach Against CNN-based Soft Biometrics Detection