AdvHat: Real-world adversarial attack on ArcFace Face ID system

2019-08-23Code Available0· sign in to hype

Stepan Komkov, Aleksandr Petiushko

Code Available — Be the first to reproduce this paper.

Code

github.com/papermsucode/advhat
OfficialIn papertf★ 0
github.com/Jiawei955/detection-of-physical-adversarial-attack
tf★ 0
github.com/MindSpore-paper-code-3/code9/tree/main/Arcface
mindspore★ 0
github.com/MindSpore-paper-code-2/code400/tree/main/Arcface
mindspore★ 0

Abstract

In this paper we propose a novel easily reproducible technique to attack the best public Face ID system ArcFace in different shooting conditions. To create an attack, we print the rectangular paper sticker on a common color printer and put it on the hat. The adversarial sticker is prepared with a novel algorithm for off-plane transformations of the image which imitates sticker location on the hat. Such an approach confuses the state-of-the-art public Face ID model LResNet100E-IR, ArcFace@ms1m-refine-v2 and is transferable to other Face ID models.

Tasks

Adversarial Attack Real-World Adversarial Attack

AdvHat: Real-world adversarial attack on ArcFace Face ID system

Code

Abstract

Tasks

Reproductions