Some NIST face analysis evaluations test whether the software can detect presentation attacks, where a fake image is used to try to gain access to a device or space or simply to hide a person’s true identity. Presentation attacks can take many forms, such as applying makeup, holding up a printed photo, or displaying another person’s digital photo.
Credit:
M. Ngan, N. Hanacek/NIST
Facial recognition software is commonly used as a gatekeeper to access secure websites and electronic devices, but what if someone could defeat it by simply wearing a mask resembling the face of a other person ? A recently published study by the National Institute of Standards and Technology (NIST) reveals the current state of the art in software designed to detect this type of spoofing attack.
The new study appears alongside another that evaluates the software’s ability to flag potential problems with a photograph or digital image of the face, such as that captured for use in a passport. Together, the two NIST publications provide insight into how effectively modern image processing software accomplishes an increasingly important task: analyzing faces.
Face analysis is distinct from face recognition, which is perhaps a more familiar term. Generally speaking, facial recognition aims to identify a person based on an image, while facial analysis is concerned with characterizing the image, for example by flagging which images are themselves. same problems, whether due to nefarious intent or simply errors in capturing the photo.
These two publications are the first to appear on the subject since NIST has divided its Face Recognition Vendor Test (FRVT) program into two parts, the Face Recognition Technology Evaluation (FRTE) and the Face Analysis Technology Evaluation (FATE). Efforts involving image processing and analysis, as the two new publications do, are now classified under the FATE track. Technology testing in both areas aims to provide insights into the capabilities of algorithms to inform developers, end users, standardization processes and policy makers.
“Can a given software algorithm tell you if there is a problem with a face image? said Mei Ngan, a computer scientist at NIST. “For example, are the person’s eyes closed? Is the image blurry? Is the image actually a mask that resembles another person’s face? These are the kinds of defects that some developers claim their software can detect, and the FATE track is responsible for evaluating these claims.
Ngan is the author of the first study, Face Analysis Technology Evaluation (FATE) Part 10: Performance of Software-Based Passive Presentation Attack Detection (PAD) Algorithms, which evaluated the ability of facial analysis algorithms to detect whether these issues were evidence of an impersonation attack, known as PAD. The research team evaluated 82 software algorithms voluntarily submitted by 45 unique developers. The researchers tested the software with two different scenarios: identity theft, or trying to look like a specific other person; and escapism, or trying to avoid looking like oneself.
The team evaluated the algorithms with nine types of presentation attacks, with examples including a person wearing a sophisticated mask designed to mimic another person’s face and other simpler attacks such as holding up a photo of another person in front of the camera or wearing an N95 mask who was hiding. part of the wearer’s face.
The results varied widely across PAD algorithms, and Ngan noted one thing: Some developers’ algorithms worked well at detecting a given type of presentation attack in images, but none could detect all types of attacks. attack tested.
“Only a small percentage of developers could reasonably claim to detect certain presentation attacks using software,” she said. “Some developers’ algorithms could detect two or three types, but none caught them all.”
Other findings included that even the highest-performing PAD algorithms performed better in tandem.
“We asked if it would reduce the error rate if you combined the results of different algorithms. It turns out that this can be a good idea,” Ngan said. “When we took four of the top-performing algorithms in the spoofing test and merged their results, we found that the group did better than any of them alone.”
“Only a small percentage of developers could reasonably claim to detect certain presentation attacks using software. Some developers’ algorithms could detect two or three types, but none caught them all. —Mei Ngan, NIST computer scientist
The types of algorithms that Ngan and his co-authors evaluated have applications in casinos, for example, where a card counter who has been refused entry tries to sneak in by disguise. But the FATE track also evaluates algorithms that serve more everyday purposes, like checking whether your new ID photo might be rejected. That’s what the second of NIST’s new studies, Face Analysis Technology Evaluation (FATE) Part 11: Vector Evaluation of Face Image Quality: Detection of Specific Image Defects, explored.
“If you walk into a pharmacy and get a photo ID, you want to be sure your application won’t be rejected because there’s something wrong with the photo,” said study author Joyce Yang , NIST mathematician. “Blurry photos are an obvious problem, but there can also be problems with backlighting or simply wearing glasses. We explored algorithms created to flag issues that make a photo non-compliant with passport requirements.
The evaluation was the first of its kind under the FATE track, and the NIST team received seven algorithms from five developers. The study evaluated the algorithms on 20 different quality metrics, such as underexposure and background uniformity, all based on internationally accepted passport standards.
Yang said all algorithms showed mixed results. Each had their strengths, performing better on some of the 20 measures than others. The results will inform a standard that NIST is helping to develop – ISO/IEC 29794-5, which sets guidelines for the quality measures an algorithm should verify. THE Detection of specific image defects the results show how well the algorithms perform these checks.
One thing the study didn’t assess is the “quality” of an image, so don’t look for aesthetic judgments from your photo booth.
“We don’t decide whether the image itself is of good quality,” she said. “We just look to see if the image analysis is correct.”
