Article

Template Inversion Attack Using Synthetic Face Images Against Real Face Recognition Systems

Authors:
Hatef Otroshi at Idiap Research Institute
Hatef Otroshi
Sébastien Marcel at Idiap Research Institute
Sébastien Marcel
Download citation
To read the full-text of this research, you can request a copy directly from the authors.

Abstract

In this paper, we use synthetic data and propose a new method for template inversion attacks against face recognition systems. We use synthetic data to train a face reconstruction model to generate high-resolution (i.e., 1024×10241024\times 1024 ) face images from facial templates. To this end, we use a face generator network to generate synthetic face images and extract their facial templates using the face recognition model as our training set. Then, we use the synthesized dataset to learn a mapping from facial templates to the intermediate latent space of the same face generator network. We propose our method for both whitebox and blackbox TI attacks. Our experiments show that the trained model with synthetic data can be used to reconstruct face images from templates extracted from real face images. In our experiments, we compare our method with previous methods in the literature in attacks against different state-of-the-art face recognition models on four different face datasets, including the MOBIO, LFW, AgeDB, and IJB-C datasets, demonstrating the effectiveness of our proposed method on real face recognition datasets. Experimental results show our method outperforms previous methods on high-resolution 2D face reconstruction from facial templates and achieve competitive results with SOTA face reconstruction methods. Furthermore, we conduct practical presentation attacks using the generated face images in digital replay attacks against real face recognition systems, showing the vulnerability of face recognition systems to presentation attacks based on our TI attack (with synthetic train data) on real face datasets.

No full-text available

Request Full-text Paper PDF

To read the full-text of this research,
you can request a copy directly from the authors.

... The template inversion attack defense method proposed by H. Otroshi Shahreza et al. realized resistance to template inversion attacks by training high-resolution face reconstruction models on synthetic data. However, its security performance in practical applications needed further verification, and the generality of the method in the face of different template structures was still insufficient [15]. M.-T. ...
... Therefore, feature-level fusion is the most effective fusion strategy among the three schemes. Finally, the study compares the feature-level fusion-supported face feature extraction algorithm based on the improved ResNet18 with the more advanced face recognition technologies presented in references [13][14][15], and [16]. In Fig 12, the accuracy of the study's proposed method exceeds 98.34% in all experiments and reaches a maximum of 99.64%, showing great stability and accuracy. ...
... The accuracy of HRFR Defense Model [14] ranges from 95.14% to 95.89%, which is the lowest among all the reference methods. RGB-D ASSGNet [15] performs better in some experiments, with accuracy between 95.29% and 97.35%, but fluctuates more and is less stable than the proposed method. CMDA ...
ResNet18 facial feature extraction algorithm improved based on hybrid domain attention mechanism
Article
Full-text available
In the research of face recognition technology, the traditional methods usually show poor recognition accuracy and insufficient generalization ability when faced with complex scenes such as lighting changes, posture changes and skin color diversity. To solve these problems, based on the improvement of adaptive boosting to improve the accuracy of face detection, the study proposes a residual network 18-layer face feature extraction algorithm based on hybrid domain attention mechanism algorithm. The study introduces channel-domain and spatial-domain attention mechanism to enhance the extraction of face image features. The outcomes indicated that the recognition accuracy of the proposed method on multiple face image datasets, labeled field face datasets, and celebrity facial attribute datasets exceeded 98.34% and reached up to 99.64%, which was better than the current state-of-the-art methods. After combining channel and spatial attention mechanism, the false detection rate was as low as 2.50%, which was lower than the false detection rate of other methods. In addition to enhancing face recognition’s robustness and accuracy, the work offers fresh concepts and resources for face recognition’s potential uses in intricate scenarios in the future.
View
... Then, they trained an MLP network to map facial embeddings to the input latent codes of StyleGAN2 [20]. In [39], authors used generated images by StyleGAN3 [21] and trained a mapping from face embeddings of synthetic faces to the intermediate layers of StyleGAN3. In [38] a semi-supervised learning approach was used to find a mapping to the intermediate latent space of EG3D [4]. ...
Face Reconstruction from Face Embeddings using Adapter to a Face Foundation Model
Preprint
Full-text available
  • Nov 2024
Face recognition systems extract embedding vectors from face images and use these embeddings to verify or identify individuals. Face reconstruction attack (also known as template inversion) refers to reconstructing face images from face embeddings and using the reconstructed face image to enter a face recognition system. In this paper, we propose to use a face foundation model to reconstruct face images from the embeddings of a blackbox face recognition model. The foundation model is trained with 42M images to generate face images from the facial embeddings of a fixed face recognition model. We propose to use an adapter to translate target embeddings into the embedding space of the foundation model. The generated images are evaluated on different face recognition models and different datasets, demonstrating the effectiveness of our method to translate embeddings of different face recognition models. We also evaluate the transferability of reconstructed face images when attacking different face recognition models. Our experimental results show that our reconstructed face images outperform previous reconstruction attacks against face recognition models.
View
View
Biometric cryptosystems: a comprehensive survey
Article
Full-text available
Biometric Cryptosystem (BCS) combines characteristics of both the fields: biometric and cryptosystem, where biometric provides authentication and cryptosystem imparts security. Any biometric system is prone to attacks/security threats and BCS is an attempt to enhance system security without compromising its performance. BCS is surrounded by the concept of key; whereby key needs to be secured along with biometric signals using particular technique. In this work, a survey of 150 such techniques is presented. Furthermore, a separate section is dedicated to analyze the performance of these techniques. BCS is prone to various attacks and this study covers 30 such attacks, its countermeasures to thwart these attacks. In order to simulate BCS, a list of generic/attack type databases is also provided covering various physiological and behavioral biometrics. A brief discussion is presented on challenges and recommendations in BCS. Finally, several research directions are provided for the researchers working in this fascinating area.
View
Fairness in Biometrics: A Figure of Merit to Assess Biometric Verification Systems
Article
Full-text available
  • Aug 2021
Machine learning-based (ML) systems are being largely deployed since the last decade in a myriad of scenarios impacting several instances in our daily lives. With this vast sort of applications, aspects of fairness start to rise in the spotlight due to the social impact that this can get in some social groups. In this work aspects of fairness in biometrics are addressed. First, we introduce a figure of merit that is able to evaluate and compare fairness aspects between multiple biometric verification systems, the so-called Fairness Discrepancy Rate (FDR). A use case with two synthetic biometric systems is introduced and demonstrates the potential of this figure of merit in extreme cases of demographic differentials. Second, a use case using face biometrics is presented where several systems are evaluated compared with this new figure of merit using three public datasets exploring gender and race demographics.
View
MIPGAN -Generating Strong and High Quality Morphing Attacks Using Identity Prior Driven GAN
Article
Full-text available
  • Apr 2021
Face morphing attacks target to circumvent Face Recognition Systems (FRS) by employing face images derived from multiple data subjects (e.g., accomplices and malicious actors). Morphed images can be verified against contributing data subjects with a reasonable success rate, given they have a high degree of facial resemblance. The success of morphing attacks is directly dependent on the quality of the generated morph images. We present a new approach for generating strong attacks extending our earlier framework for generating face morphs. We present a new approach using an Identity Prior Driven Generative Adversarial Network, which we refer to as MIPGAN (Morphing through Identity Prior driven GAN). The proposed MIPGAN is derived from the StyleGAN with a newly formulated loss function exploiting perceptual quality and identity factor to generate a high quality morphed facial image with minimal artefacts and with high resolution. We demonstrate the proposed approach’s applicability to generate strong morphing attacks by evaluating its vulnerability against both commercial and deep learning based Face Recognition System (FRS) and demonstrate the success rate of attacks. Extensive experiments are carried out to assess the FRS’s vulnerability against the proposed morphed face generation technique on three types of data such as digital images, re-digitized (printed and scanned) images, and compressed images after re-digitization from newly generated MIPGAN Face Morph Dataset. The obtained results demonstrate that the proposed approach of morph generation poses a high threat to FRS.
View
ArcFace: Additive Angular Margin Loss for Deep Face Recognition
Article
Full-text available
  • Jan 2018
Convolutional neural networks have significantly boosted the performance of face recognition in recent years due to its high capacity in learning discriminative features. To enhance the discriminative power of the Softmax loss, multiplicative angular margin and additive cosine margin incorporate angular margin and cosine margin into the loss functions, respectively. In this paper, we propose a novel supervisor signal, additive angular margin (ArcFace), which has a better geometrical interpretation than supervision signals proposed so far. Specifically, the proposed ArcFace cos(θ+m)\cos(\theta + m) directly maximise decision boundary in angular (arc) space based on the L2 normalised weights and features. Compared to multiplicative angular margin cos(mθ)\cos(m\theta) and additive cosine margin cosθm\cos\theta-m, ArcFace can obtain more discriminative deep features. We also emphasise the importance of network settings and data refinement in the problem of deep face recognition. Extensive experiments on several relevant face recognition benchmarks, LFW, CFP and AgeDB, prove the effectiveness of the proposed ArcFace. Most importantly, we get state-of-art performance in the MegaFace Challenge in a totally reproducible way. We make data, models and training/test code public available~\footnote{https://github.com/deepinsight/insightface}.
View
AgeDB: The First Manually Collected, In-the-Wild Age Database
Conference Paper
Full-text available
  • Jul 2017
Over the last few years, increased interest has arisen with respect to age-related tasks in the Computer Vision community. As a result, several "in-the-wild" databases annotated with respect to the age attribute became available in the literature. Nevertheless, one major drawback of these databases is that they are semi-automatically collected and annotated and thus they contain noisy labels. Therefore, the algorithms that are evaluated in such databases are prone to noisy estimates. In order to overcome such drawbacks, we present in this paper the first, to the best of knowledge, manually collected "in-the-wild" age database, dubbed AgeDB, containing images annotated with accurate to the year, noise-free labels. As demonstrated by a series of experiments utilizing state-of-the-art algorithms, this unique property renders AgeDB suitable when performing experiments on age-invariant face verification, age estimation and face age progression "in-the-wild".
View
Continuously Reproducing Toolchains in Pattern Recognition and Machine Learning Experiments
Conference Paper
Full-text available
  • Aug 2017
Pattern recognition and machine learning research work often contains experimental results on real-world data, which corroborates hypotheses and provides a canvas for the development and comparison of new ideas. Results, in this context, are typically summarized as a set of tables and figures, allowing the comparison of various methods, highlighting the advantages of the proposed ideas. Unfortunately , result reproducibility is often an overlooked feature of original research publications, competitions, or benchmark evaluations. The main reason for such a gap is the complexity on the development of software associated with these reports. Software frameworks are difficult to install, maintain, and distribute, while scientific experiments often consist of many steps and parameters that are difficult to report. The increasingly rising complexity of research challenges make it even more difficult to reproduce experiments and results. In this paper, we emphasize that a reproducible research work should be repeatable, shareable, extensible, and stable, and discuss important lessons we learned in creating, distributing, and maintaining software and data for reproducible research in pattern recognition and machine learning. We focus on a specific use-case of face recognition and describe in details how we can make the recognition experiments reproducible in practice.
View
Adversarial Biometric Recognition : A review on biometric system security from the adversarial machine-learning perspective
Article
Full-text available
  • Sep 2015
In this article, we review previous work on biometric security under a recent framework proposed in the field of adversarial machine learning. This allows us to highlight novel insights on the security of biometric systems when operating in the presence of intelligent and adaptive attackers that manipulate data to compromise normal system operation. We show how this framework enables the categorization of known and novel vulnerabilities of biometric recognition systems, along with the corresponding attacks, countermeasures, and defense mechanisms. We report two application examples, respectively showing how to fabricate a more effective face spoofing attack, and how to counter an attack that exploits an unknown vulnerability of an adaptive face-recognition system to compromise its face templates.
View
Session variability modelling for face authentication
Article
Full-text available
  • Sep 2013
This study examines session variability modelling for face authentication using Gaussian mixture models. Session variability modelling aims to explicitly model and suppress detrimental within-class (inter-session) variation. The authors examine two techniques to do this, inter-session variability modelling (ISV) and joint factor analysis (JFA), which were initially developed for speaker authentication. We present a self-contained description of these two techniques and demonstrate that they can be successfully applied to face authentication. In particular, they show that using ISV leads to significant error rate reductions of, on average, 26% on the challenging and publicly available databases SCface, BANCA, MOBIO and multi-PIE. Finally, the authors show that a limitation of both ISV and JFA for face authentication is that the session variability model captures and suppresses a significant portion of between-class variation.
View
Bob: a free signal processing and machine learning toolbox for researchers
Conference Paper
Full-text available
  • Oct 2012
Bob is a free signal processing and machine learning toolbox originally developed by the Biometrics group at Idiap Research Institute, Switzerland. The toolbox is designed to meet the needs of researchers by reducing development time and efficiently processing data. Firstly, Bob provides a researcher-friendly Python environment for rapid development. Secondly, efficient processing of large amounts of multimedia data is provided by fast C++ implementations of identified bottlenecks. The Python environment is integrated seamlessly with the C++ library, which ensures the library is easy to use and extensible. Thirdly, Bob supports reproducible research through its integrated experimental protocols for several databases. Finally, a strong emphasis is placed on code clarity, documentation, and thorough unit testing. Bob is thus an attractive resource for researchers due to this unique combination of ease of use, efficiency, extensibility and transparency. Bob is an open-source library and an ongoing community effort.
View
View
View
View
View
View
View
Reconstruct Face from Features based on Genetic Algorithm using GAN Generator as a Distribution Constraint
Article
  • Nov 2022
  • COMPUT SECUR
Face recognition based on deep convolutional neural networks (CNN) shows superior accuracy performance attributed to the high discriminative features extracted. Yet, the security and privacy of the extracted features from deep learning models (deep features) have often been overlooked. This paper proposes the reconstruction of face images from deep features without accessing the CNN network configurations as a constrained optimization problem. Such optimization minimizes the distance between the features extracted from the original face image and the reconstructed face image. Instead of directly solving the optimization problem in the image space, we innovatively reformulate the problem by looking for a latent vector of a generative adversarial networks (GAN) generator, then use it to generate the face image. The GAN generator serves a dual role in this novel framework, i.e., face distribution constraint of the optimization goal and a face generator. To solve this optimization problem, We present an optimization approach based on a Genetic Algorithm. On top of the novel optimization task, we also propose an attack pipeline to impersonate the target user based on the generated face image. Our results show that the generated face images can achieve a state-of-the-art successful attack rate of 99.33% on Labeled Faces in the Wild (LFW) under type-I attack at a false accept rate of 0.1%. Our work sheds light on biometric deployment to meet privacy-preserving and security policies.
View
View
View
View
View
View
View
View
Biometrics: Trust, But Verify
Article
  • Oct 2021
Over the past two decades, biometric recognition has exploded into a plethora of different applications around the globe. This proliferation can be attributed to the high levels of authentication accuracy and user convenience that biometric recognition systems afford end-users. However, in-spite of the success of biometric recognition systems, there are a number of outstanding problems and concerns pertaining to the various sub-modules of biometric recognition systems that create an element of mistrust in their use -both by the scientific community and also the public at large. Some of these problems include: i) questions related to system recognition performance, ii) security (spoof attacks, adversarial attacks, template reconstruction attacks and demographic information leakage), iii) uncertainty over the bias and fairness of the systems to all users, iv) explainability of the seemingly black-box decisions made by most recognition systems, and v) concerns over data centralization and user privacy. In this paper, we provide an overview of each of the aforementioned open-ended challenges. We survey work that has been conducted to address each of these concerns and highlight the issues requiring further attention. Finally, we provide insights into how the biometric community can address core biometric recognition systems design issues to better instill trust, fairness, and security for all.
View
View
View
View
View
Deep High-Resolution Representation Learning for Visual Recognition
Article
  • Apr 2020
High-resolution representations are essential for position-sensitive vision problems, such as human pose estimation, semantic segmentation, and object detection. Existing state-of-the-art frameworks first encode the input image as a low-resolution representation through a subnetwork that is formed by connecting high-to-low resolution convolutions in series (e.g., ResNet, VGGNet), and then recover the high-resolution representation from the encoded low-resolution representation. Instead, our proposed network, named as High-Resolution Network (HRNet), maintains high-resolution representations through the whole process. There are two key characteristics: (i) Connect the high-to-low resolution convolution streams in parallel and (ii) repeatedly exchange the information across resolutions. The benefit is that the resulting representation is semantically richer and spatially more precise. We show the superiority of the proposed HRNet in a wide range of applications, including human pose estimation, semantic segmentation, and object detection, suggesting that the HRNet is a stronger backbone for computer vision problems. All the codes are available at https://github.com/HRNet .
View
A Style-Based Generator Architecture for Generative Adversarial Networks
Article
  • Jan 2020
We propose an alternative generator architecture for generative adversarial networks, borrowing from style transfer literature. The new architecture leads to an automatically learned, unsupervised separation of high-level attributes (e.g., pose and identity when trained on human faces) and stochastic variation in the generated images (e.g., freckles, hair), and it enables intuitive, scale-specific control of the synthesis. The new generator improves the state-of-the-art in terms of traditional distribution quality metrics, leads to demonstrably better interpolation properties, and also better disentangles the latent factors of variation. To quantify interpolation quality and disentanglement, we propose two new, automated methods that are applicable to any generator architecture. Finally, we introduce a new, highly varied and high-quality dataset of human faces.
View
View
View
View
On the Reconstruction of Face Images from Deep Face Templates
Article
  • Apr 2018
State-of-the-art face recognition systems are based on deep (convolutional) neural networks. Therefore, it is imperative to determine to what extent face templates derived from deep networks can be inverted to obtain the original face image. In this paper, we study the vulnerabilities of a state-of-the-art face recognition system based on template reconstruction attack. We propose a neighborly de-convolutional neural network ( NbNet ) to reconstruct face images from their deep templates. In our experiments, we assumed that no knowledge about the target subject and the deep network are available. To train the NbNet reconstruction models, we augmented two benchmark face datasets (VGG-Face and Multi-PIE) with a large collection of images synthesized using a face generator. The proposed reconstruction was evaluated using type-I (comparing the reconstructed images against the original face images used to generate the deep template) and type-II (comparing the reconstructed images against a different face image of the same subject) attacks. Given the images reconstructed from NbNets , we show that for verification, we achieve TAR of 95.20 percent (58.05 percent) on LFW under type-I (type-II) attacks @ FAR of 0.1 percent. Besides, 96.58 percent (92.84 percent) of the images reconstructed from templates of partition fa ( fb ) can be identified from partition fa in color FERET. Our study demonstrates the need to secure deep templates in face recognition systems.
View
View
View
Biometric Template Protection: A Systematic Literature Review of Approaches and Modalities
Chapter
  • Dec 2016
With the emergence of biometric authentication systems, template protection for biometrics captured attention in the recent years. The privacy concern arises due to storage and misuse of biometric data in various applications. This chapter systematically reviews the published literature on Biometric Template Protection (BTP) during 2005-2016 and covers the methods described in more than hundred articles. It aims to present the current status of BTP schemes by a methodical analysis and taxonomy of BTP approaches, modalities, the fusion of modalities (multimodal), and hybrid methods. It also presents research implications, and extraction outcomes of Systematic Literature Review (SLR) conducted on BTP schemes. This research work helps researchers and practitioners to find relevant information on BTP methods thereby reducing time and complexity in searching the appropriate studies.
View
Inverting face embeddings with convolutional neural networks
Article
  • Jun 2016
Deep neural networks have dramatically advanced the state of the art for many areas of machine learning. Recently they have been shown to have a remarkable ability to generate highly complex visual artifacts such as images and text rather than simply recognize them. In this work we use neural networks to effectively invert low-dimensional face embeddings while producing realistically looking consistent images. Our contribution is twofold, first we show that a gradient ascent style approaches can be used to reproduce consistent images, with a help of a guiding image. Second, we demonstrate that we can train a separate neural network to effectively solve the minimization problem in one pass, and generate images in real-time. We then evaluate the loss imposed by using a neural network instead of the gradient descent by comparing the final values of the minimized loss function.
View
View
Biometric Template Protection: Bridging the performance gap between theory and practice
Article
  • Sep 2015
Biometric recognition is an integral component of modern identity management and access control systems. Due to the strong and permanent link between individuals and their biometric traits, exposure of enrolled users? biometric information to adversaries can seriously compromise biometric system security and user privacy. Numerous techniques have been proposed for biometric template protection over the last 20 years. While these techniques are theoretically sound, they seldom guarantee the desired noninvertibility, revocability, and nonlinkability properties without significantly degrading the recognition performance. The objective of this work is to analyze the factors contributing to this performance divide and highlight promising research directions to bridge this gap. The design of invariant biometric representations remains a fundamental problem, despite recent attempts to address this issue through feature adaptation schemes. The difficulty in estimating the statistical distribution of biometric features not only hinders the development of better template protection algorithms but also diminishes the ability to quantify the noninvertibility and nonlinkability of existing algorithms. Finally, achieving nonlinkability without the use of external secrets (e.g., passwords) continues to be a challenging proposition. Further research on the above issues is required to cross the chasm between theory and practice in biometric ?template protection.
View
Simulated Annealing
Chapter
  • Jan 1987
In its original form [KIR82], [ČER85] the simulated annealing algorithm is based on the analogy between the simulation of the annealing pf solids and the problem of solving large combinatorial optimization problems. For this reason the algorithm became known as “simulated annealing”. In condensed matter physics, annealing denotes a physical process in which a solid in a heat bath is heated up by increasing the temperature of the heat bath to a maximum value at which all particles of the solid randomly arrange themselves in the liquid phase, followed by cooling through slowly lowering the temperature of the heat bath. In this way, all particles arrange themselves in the low energy ground state of a corresponding lattice, provided the maximum temperature is sufficiently high and the cooling is carried out sufficiently slowly. Starting off at the maximum value of the temperature, the cooling phase of the annealing process can be described as follows.
View
Adam: A Method for Stochastic Optimization
Article
  • Dec 2014
We introduce Adam, an algorithm for first-order gradient-based optimization of stochastic objective functions. The method is straightforward to implement and is based an adaptive estimates of lower-order moments of the gradients. The method is computationally efficient, has little memory requirements and is well suited for problems that are large in terms of data and/or parameters. The method is also ap- propriate for non-stationary objectives and problems with very noisy and/or sparse gradients. The method exhibits invariance to diagonal rescaling of the gradients by adapting to the geometry of the objective function. The hyper-parameters have intuitive interpretations and typically require little tuning. Some connections to related algorithms, on which Adam was inspired, are discussed. We also analyze the theoretical convergence properties of the algorithm and provide a regret bound on the convergence rate that is comparable to the best known results under the online convex optimization framework. We demonstrate that Adam works well in practice when experimentally compared to other stochastic optimization methods.
View
On the vulnerability of face verification systems to hill-climbing attacks
Article
  • Mar 2010
  • PATTERN RECOGN
In this paper, we use a hill-climbing attack algorithm based on Bayesian adaption to test the vulnerability of two face recognition systems to indirect attacks. The attacking technique uses the scores provided by the matcher to adapt a global distribution computed from an independent set of users, to the local specificities of the client being attacked. The proposed attack is evaluated on an eigenface-based and a parts-based face verification system using the XM2VTS database. Experimental results demonstrate that the hill-climbing algorithm is very efficient and is able to bypass over 85% of the attacked accounts (for both face recognition systems). The security flaws of the analyzed systems are pointed out and possible countermeasures to avoid them are also proposed.
View
Labeled Faces in the Wild: A Database forStudying Face Recognition in Unconstrained Environments
Article
  • Oct 2008
Most face databases have been created under controlled conditions to facilitate the study of specific parameters on the face recognition problem. These parameters include such variables as position, pose, lighting, background, camera quality, and gender. While there are many applications for face recognition technology in which one can control the parameters of image acquisition, there are also many applications in which the practitioner has little or no control over such parameters. This database, Labeled Faces in the Wild, is provided as an aid in studying the latter, unconstrained, recognition problem. The database contains labeled face photographs spanning the range of conditions typically encountered in everyday life. The database exhibits “natural” variability in factors such as pose, lighting, race, accessories, occlusions, and background. In addition to describing the details of the database, we provide specific experimental paradigms for which the database is suitable. This is done in an effort to make research performed with the database as consistent and comparable as possible. We provide baseline results, including results of a state of the art face recognition system combined with a face alignment system. To facilitate experimentation on the database, we provide several parallel databases, including an aligned version.
View
Genetic Algorithms: A Survey
Article
  • Jul 1994
Genetic algorithms provide an alternative to traditional optimization techniques by using directed random searches to locate optimal solutions in complex landscapes. We introduce the art and science of genetic algorithms and survey current issues in GA theory and practice. We do not present a detailed study, instead, we offer a quick guide into the labyrinth of GA research. First, we draw the analogy between genetic algorithms and the search processes in nature. Then we describe the genetic algorithm that Holland introduced in 1975 and the workings of GAs. After a survey of techniques proposed as improvements to Holland's GA and of some radically different approaches, we survey the advances in GA theory related to modeling, dynamics, and deception.< >
View
Labeled faces in the wild: A database for studying face recognition in unconstrained environments
  • Oct 2007
  • 7-49
  • G B Huang
  • M Ramesh
  • T Berg
  • E Learned-Miller
G. B. Huang, M. Ramesh, T. Berg, and E. Learned-Miller, "Labeled faces in the wild: A database for studying face recognition in unconstrained environments," University of Massachusetts, Amherst, Tech. Rep. 07-49, October 2007.
Realistic face reconstruction from deep embeddings
  • 1
  • Vendrow
E. Vendrow and J. Vendrow, "Realistic face reconstruction from deep embeddings," in Proceedings of NeurIPS 2021 Workshop Privacy in Machine Learning, 2021.
Alias-free generative adversarial networks
  • T Karras
Handbook of Biometric Anti-Spoofing: Presentation Attack Detection and Vulnerability Assessment
  • Jan 2023
  • S Marcel
  • J Fierrez
  • N Evans
S. Marcel, J. Fierrez, and N. Evans, Handbook of Biometric Anti-Spoofing: Presentation Attack Detection and Vulnerability Assessment. Springer, 2023.
Alias-free generative adversarial networks
  • Jan 2021
  • Adv Neural Inform Process Syst
  • T Karras
  • M Aittala
  • S Laine
  • E Härkönen
  • J Hellsten
  • J Lehtinen
  • T Aila
T. Karras, M. Aittala, S. Laine, E. Härkönen, J. Hellsten, J. Lehtinen, and T. Aila, "Alias-free generative adversarial networks," Advances in Neural Information Processing Systems, vol. 34, 2021.