Publication Details
Security Implications of Deepfakes in Face Authentication
deepfake, facial recognition, biometrics systems, machine learning, computer
security
Deepfakes are media generated by deep learning and are nearly indistinguishable
from real content to humans. Deepfakes have seen a significant surge in
popularity in recent years. There have been numerous papers discussing their
effectiveness in deceiving people. What's equally, if not more concerning, is the
potential vulnerability of facial and voice recognition systems to deepfakes. The
misuse of deepfakes to spoof automated facial recognition systems can threaten
various aspects of our lives, including financial security and access to secure
locations. This issue remains largely unexplored. Thus, this paper investigates
the technical feasibility of a spoofing attack on facial recognition. Firstly, we
perform a threat analysis to understand what facial recognition use cases allow
the execution of deepfake spoofing attacks. Based on this analysis, we define the
attacker model for these attacks on facial recognition systems. Then, we
demonstrate the ability of deepfakes to spoof two commercial facial recognition
systems. Finally, we discuss possible means to prevent such spoofing attacks.
@inproceedings{BUT188029,
author="Milan {Šalko} and Anton {Firc} and Kamil {Malinka}",
title="Security Implications of Deepfakes in Face Authentication",
booktitle="Proceedings of the ACM Symposium on Applied Computing",
year="2024",
pages="1376--1384",
publisher="Association for Computing Machinery",
address="Avila",
doi="10.1145/3605098.3635953",
isbn="979-8-4007-0243-3",
url="https://dl.acm.org/doi/10.1145/3605098.3635953"
}