The reviewed record of science sign in
Pith

arxiv: 2210.09153 · v2 · pith:JDEFKA4W · submitted 2022-10-17 · cs.CV · cs.LG

Face Pasting Attack

Reviewed by Pith T0 review T1 audit T2 compute T3 formal T4 kernel pith:JDEFKA4Wrecord.jsonopen to challenge →

classification cs.CV cs.LG
keywords attackfacetargetapproachclassconfidencehighestmodel
0
0 comments X
read the original abstract

Cujo AI and Adversa AI hosted the MLSec face recognition challenge. The goal was to attack a black box face recognition model with targeted attacks. The model returned the confidence of the target class and a stealthiness score. For an attack to be considered successful the target class has to have the highest confidence among all classes and the stealthiness has to be at least 0.5. In our approach we paste the face of a target into a source image. By utilizing position, scaling, rotation and transparency attributes we reached 3rd place. Our approach took approximately 200 queries per attack for the final highest score and about ~7.7 queries minimum for a successful attack. The code is available at https://github.com/bunni90/FacePastingAttack .

This paper has not been read by Pith yet.

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.