@article{1151,
  author = {Dalton Cole and Sara Newman and Dan Lin},
  title = {A New Facial Authentication Pitfall and Remedy in Web Services},
  abstract = {Facial authentication has become more and more popular on personal devices. Due to the ease of use, it has great potential to be widely deployed for web-service authentication in the near future whereby people can easily log on to online accounts from different devices without memorizing lengthy passwords. However, the growing number of attacks on machine learning especially the Deep Neural Networks (DNN) which is commonly used for facial recognition, imposes big challenges on the successful roll-out of such web-service face authentication. Although there have been studies on defending some machine learning attacks, we are not aware of any specific effort devoted to the web-service facial authentication setting. In this article, we first demonstrate a new data poisoning attack that does not require to have any knowledge of the server-side and just needs a handful of malicious photo injections to enable an attacker to easily impersonate the victim in the existing facial authentication systems. We then propose a novel defensive approach called DEFEAT that leverages deep learning techniques to automatically detect such attacks. We have conducted extensive experiments on real datasets and our experimental results show that our defensive approach achieves more than 90 percent detection accuracy.},
  year = {2022},
  journal = {IEEE Transactions on Dependable and Secure Computing},
  volume = {19},
  number = {4},
  pages = {2635-2647},
  month = {July},
  issn = {1941-0018},
  url = {https://ieeexplore.ieee.org/document/9382920},
  doi = {10.1109/TDSC.2021.3067794},
}