Review of KIISC (정보보호학회지)

Korea Institute of Information Security and Cryptology (한국정보보호학회)
권호 표지

딥러닝 기반 얼굴인식 모델에 대한 변조 영역 제한 기만공격

  • 류권상 (공주대학교 대학원 융합과학과) ;
  • 박호성 (공주대학교 산학협력단) ;
  • 최대선 (공주대학교 의료정보학과)
  • Published : 2019.06.30
Download PDF
⟨ Previous Next ⟩

Abstract

최근 딥러닝 기술은 다양한 분야에서 놀라운 성능을 보여주고 있어 많은 서비스에 적용되고 있다. 얼굴인식 또한 딥러닝 기술을 접목하여 높은 수준으로 얼굴인식이 가능해졌다. 하지만 딥러닝 기술은 원본 이미지를 최소한으로 변조시켜 딥러닝 모델의 오인식을 발생시키는 적대적 예제에 취약하다. 이에 따라, 본 논문에서는 딥러닝 기반 얼굴인식 시스템에 대해 적대적 예제를 이용하여 기만공격 실험을 수행하였으며 실제 얼굴에 분장할 수 있는 영역을 고려하여 설정된 변조 영역에 따른 기만공격 성능을 분석한다.

Keywords

References

  1. 김형일, 문진영, 박종열, "딥러닝 기반 고성능 얼굴인식 기술 동향", 전자통신동향분석, 33(4), pp. 43-53, 2018 https://doi.org/10.22648/ETRI.2018.J.330405
  2. M. Wang, W. Deng, "Deep Face Recognition: A Survey," arXiv preprint arXiv:1804.06655, 2018.
  3. W. Liu, Y. Wen, Z. Yu, and M. Yang, "Large-Margin Softmax Loss for Convolutional Neural Networks," Proceedings of the 33rd International Conference on Machine Learning, pp. 507-516, 2016.
  4. W. Liu, Y. Wen, Z. Yu, M. Li, B. Raj, and L. Song, "SphereFace: Deep Hypersphere Embedding for Face Recognition," Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition, IEEE, pp. 212-220, 2017.
  5. H. Wang, Y. Wang, Z. Zhou, X. Ji, D. Gong, J. Zhou, and W. Liu, "CosFace: Large Margin Cosine Loss for Deep Face Recognition," Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition, IEEE, pp. 5265-5274, 2018.
  6. Y. Zheng, D.K. Pal, and M. Savvides, "Ring loss: Convex Feature Normalization for Face Recognition," Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition, IEEE, pp. 5089-5097, 2018.
  7. J. Deng, J. Guo, N. Xue, and S. Zafeiriou, "ArcFace: Additive Angular Margin Loss for Deep Face Recognition," arXiv preprint arXiv:1801.07698, 2018.
  8. G. Hinton, L. Deng, D. Yu, G. Dahl, A.R. Mohamed, N. Jaitly, and T. Sainath, "Deep Neural Networks for Acoustic Modeling in Speech Recognition," IEEE Signal Processing Magazine, 29(6), pp. 82-97, 2012. https://doi.org/10.1109/MSP.2012.2205597
  9. S. Potluri and C. Diedrich, "Accelerated Deep Neural Networks for Enhanced Intrusion Detection System," 2016 IEEE 21st International Conference on Emerging technologies and Factory Automation, pp. 1-8, 2016.
  10. C. Szegedy, W. Zaremba, I. Sutskever, J. Bruna, D. Erhan, I. Goodfellow, and R. Fergus, "Intriguing Properties of Neural Networks," arXiv preprint arXiv:1312.6199, 2013.
  11. K. Eykholt, I. Evtimov, E. Fernandes, B. Li, A. Rahmati, C. Xiao, and D. Song, "Robust Physical-World Attacks on Deep Learning Visual Classification," Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition, IEEE, pp. 1625-1634, 2018.
  12. N. Papernot, P. McDaniel, S. Jha, M. Fredrikson, Z.B. Celik, and A. Swami, "The Limitations of Deep Learning in Adversarial Settings," 2016 IEEE European Symposium on Security and Privacy, IEEE, pp. 372-387, 2016.
  13. 권현, 윤현수, 최대선, "Evasion attack에 대한 인공지능 보안 이슈," 정보과학회지, 36(2), pp. 32-36, 2018.
  14. I. Goodfellow, J. Shlens, and C. Szegedy, "Explaining and Harnessing Adversarial Examples," arXiv preprint arXiv:1412.6572, 2014.
  15. S.M Moosavi-Dezfooli, A. Fawzi, and P. Frossard, "Deepfool: a Simple and Accurate Method to Fool Deep Neural Networks," Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition, IEEE, pp. 2574-2582, 2016.
  16. N. Carlini, D. Wagner, "Towards Evaluating the Robustness of Neural Networks," 2017 IEEE Symposium on Security and Privacy, IEEE, pp. 39-57, 2017.
  17. K. Zhang, Z. Zhang, Z. Li, and Y. Qiao, "Joint Face Detection and Alignment using Multi-task Cascaded Convolutional Networks," IEEE Signal Processing Letters, 23(10), pp. 1499-1503, 2016. https://doi.org/10.1109/LSP.2016.2603342
  18. A. Bulat and G. Tzimiropoulos, "How Far are We from Solving The 2D & 3D Face Alignment Problem?(and a Dataset of 230,000 3D Facial Landmarks)," Proceedings of the IEEE International Conference on Computer Vision, IEEE, pp. 1021-1030, 2017.
  19. K. He, X. Zhang, S.Ren, and J. Sun, "Identity Mappings in Deep Residual Networks," European Conference on Computer Vision, Springer, pp. 630-645, 2016.
  20. M.T. Ribeiro, S. Singh, and C. Guestrin, "Why Should I Trust You?: Explaining the Predictions of Any Classifier," Proceedings of the 22nd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, ACM, pp. 1135-1144, 2016.