Abstract
We study a randomized variant of one type of biometric recognition algorithms, which is intended to mitigate adversarial attacks. We show that the problem of an estimation of the security of the proposed algorithm can be formulated in the form of an estimation of statistical distance between the probability distributions, induced by the initial and the randomized algorithm. A variant of practical password-based implementation is discussed. The results of experimental evaluation are given. The preliminary verison of this research was presented at CTCrypt 2020 workshop.
Similar content being viewed by others
Notes
Local binary patterns.
References
Lavrentyeva, G.M., Novoselov, S.A., Kozlov, A.V., Kudashev, O.Y., Shchemelinin, V.L., Matveev, Y.N., De Marsico, M.: Audio-replay attacks spoofing detection for speaker recognition systems. Sci. Tech. J. Inf. Technol. Mech. Opt. 18(3), 428–436 (2018)
Matveev, Y.N., Volkova, S.S.: Convolutional neural networks for anti-face spoofing. Sci. Tech. J. Inf. Technol. Mech. Opt. 17(4), 702–710 (2017)
Kruglova, S., Marshalko, G.: Investigating the possibility of bypassing biometric facial recognition systems using the LBP algorithm. Voprosy kiberbrzopasnosti 1, 45–52 (2019)
Ahonen, T., Hadid, A., Pietikainen, M.: Face description with local binary patterns: application to face recognition. IEEE Trans. Pattern Anal. Mach. Intell. 12, 2037–2041 (2006)
Recommendations for Standardisation R 50.1.111-2016. Information Technology. Cryptographic Data Protection. Password Protection of Key Information (2016)
Recommendations for Standardisation R 1323565.1.022-2018. Information Technology. Cryptographic Data Protection. Key Derivation Functions (2018)
Fisher, R.A., Yates, F.: Oliver and Boyd (1938)
Ojo, J.A., Adeniran, S.A.: Colour face image database for skin segmentation, face detection, recognition and tracking of black faces under real-life situations. Int. J. Image Process. 4(6), 600 (2011)
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Conflict of interest
All authors declare that they have no conflicts of interest.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Marshalko, G., Koreshkova, S. Protection against adversarial attacks with randomization of recognition algorithm. J Comput Virol Hack Tech 20, 127–133 (2024). https://doi.org/10.1007/s11416-023-00503-z
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11416-023-00503-z