Vulnerability of Open-Source Face Recognition Systems to Blackbox Attacks: A Case Study with InsightFace

Nafiz Sadman, Kazi Amit Hasan, Elyas Rashno, Furkan Alaca, Yuan Tian, Farhana Zulkernine.

IEEE Symposium Series on Computational Intelligence (SSCI) 2023, December 5-8, Mexico City, Mexico.

This paper presents a comprehensive analysis of the security aspects of the InsightFace project (a popular open-source face recognition system) focusing on its susceptibility to three distinct black box attacks: Face Swap, Morphing, and Presentation. Open-source face recognition models are used in commercial applications, thereby motivating our security analysis. Our investigation entails a meticulous evaluation of the susceptibility of the project to false authentication when subjected to the three attacks. We observed from our experiments that InsightFace was not able to differentiate between legitimate images and manipulated images. The principal aim of this research is to draw attention to the security challenges inherent in open-source face recognition systems, often integrated into various public applications.

Authors' copy (PDF) IEEE Xplore