【FAS Survey】《Deep learning for face anti-spoofing: A Survey》

在这里插入图片描述

在这里插入图片描述

PAMI-2022

最新成果:https://github.com/ZitongYu/DeepFAS


文章目录

  • 1 Introduction & Background
    • 1.1 Face Spoofing Attacks
    • 1.2 Datasets for Face Anti-Spoofing
    • 1.3 Evaluation Metrics
    • 1.4 Evaluation Protocols
  • 2 Deep FAS with Commercial RGB Camera
    • 2.1 Hybrid (Handcraft + Deep Learning) Method
    • 2.2 Traditional Deep Learning Method
      • 2.2.1 Direct Supervision With Binary Cross Entropy Loss
      • 2.2.2 Pixel-Wise Supervision
    • 2.3 Generalized Deep Learning Method
      • 2.3.1 Generalization to Unseen Domain
      • 2.3.2 Generalization to Unknown Attack Types
  • 3 Deep FAS with Advanced Sensors
    • 3.1 Uni-Modal Deep Learning Upon Specialized Sensor
    • 3.2 Multi-Modal Deep Learning
  • 4 Discussion and Future Directions
    • 4.1 Architecture, Supervision and Interpretability
    • 4.2 Representation Learning
    • 4.3 Real-World Open-Set FAS
    • 4.4 Generic and Unified PA Detection
    • 4.5 Privacy-Preserved Training
  • Last but no least

1 Introduction & Background

人脸识别系统,automatic face recognition (AFR) system:

在这里插入图片描述

  • parallel fusion,并行
  • serial scheme,串联

人脸活检:

  • face presentation attack detection or face liveness detection

人脸活检方法分类:

  • 传统方法
  • 深度学习

(1)传统方法

Most traditional algorithms are designed based on human liveness cues and handcrafted features

liveness cues 包括但不限于:

  • eye-blinking
  • face and head movement(nodding and smiling)
  • gaze tracking
  • remote physiological signals(rPPG)
  • screen bezel(屏幕边框)
  • irregular/limited geometric depth distribution
  • abnormal reflection(the face surface of print/replay and transparent mask attacks are usually with irregular/limited geometric depth distribution and abnormal reflection, respectively.)
  • moire pattern(摩尔条纹)
  • illumination changes
  • physiological signals

classical handcrafted descriptors designed for extracting effective spoofing patterns from various color spaces(RGB, HSV, and YCbCr)

  • LBP
  • SIFT
  • SURF
  • HOG
  • DoG
  • image quality
  • optical flow motion

(2)深度学习的方法

是本文讨论的重点,作者总结如下
在这里插入图片描述

1.1 Face Spoofing Attacks

攻击类型,automatic face recognition (AFR) system 经常分为这两类

  • digital manipulation(in the digital virtual domain)
  • physical presentation attacks(PAs)

本文重点讨论 PAs——misleads the real-world AFR systems via presenting face upon physical mediums in front of the imaging sensors

PAs 不同切入角度有不同的分类形式
在这里插入图片描述
根据 attackers’ intention

  • impersonation:entails the use of spoof to be recognized as someone else via copying a genuine user’s facial attributes to special mediums such as photo, electronic screen, and 3D mask(拿着别人的假脸攻击)
  • obfuscation:hide or remove the attacker’s own identity using various methods such as glasses, makeup, wig, and disguised face.(在自己脸上作假来攻击)

根据 geometry property

  • 2D attacks——Flat/wrapped printed photos, eye/mouth-cut photos, and digital replay of videos are common 2D attack variants
  • 3D attacks——hard/rigid masks can be made from paper, resin, plaster, or plastic, flexible soft masks are usually composed of silicon or latex
    • low-fidelity 3D mask(低仿 3D)
    • high fidelity mask(高仿 3D)

根据 facial region covering

  • whole attacks
  • partial attacks

1.2 Datasets for Face Anti-Spoofing

Sensor:

  • multispectral SWIR(短波红外,1400 - 2500 nm)
  • NIR(750-1400 nm)
  • RGB
  • depth
  • Thermal
  • four-directional polarized
  • other specialized sensors (e.g., Light field camera)

数据集(prevailing public FAS datasets):data amount, subject numbers, modality / sensor, environmental setup, and attack types.

在这里插入图片描述

samples(图片数) and subjects(IDs)

公开数据发展的趋势:

  • large scale data amount
  • diverse data distribution
  • multiple modalities and specialized sensors

在这里插入图片描述

1.3 Evaluation Metrics

评价指标

  • Rejection Rate (FRR)
  • False Acceptance Rate (FAR)
  • Half Total Error Rate (HTER)
  • Equal Error Rate (EER)
  • Area Under the Curve (AUC)
  • Attack Presentation Classification Error Rate (APCER),
  • Bonafide Presentation Classification Error Rate (BPCER)
  • Average Classification Error Rate (ACER) ,越低越好

1.4 Evaluation Protocols

测试方式(evaluation protocols):

  • intra-dataset intra-type:with slight domain shift
  • cross-dataset intra-type:train on source domains and test on shifted target domain
  • intra-dataset cross-type(leave-one-type-out setting)
  • cross-dataset cross-type(train on datasets A test on datasets B)

在这里插入图片描述
上图评价指标都是越低越好

open-set problem in practice,需要考虑 unseen domain generalization

2 Deep FAS with Commercial RGB Camera

在这里插入图片描述

在这里插入图片描述

2.1 Hybrid (Handcraft + Deep Learning) Method

有如下三种混合形式

在这里插入图片描述
存在的缺点

(1)crafted features highly rely on the expert knowledge and not learnable, which are inefficient once enough training data are available;

(2)there might be feature gaps/incompatibility between handcrafted and deep features, resulting in performance saturation.

2.2 Traditional Deep Learning Method

在这里插入图片描述

  • 二分类的方法 supervision With Binary Cross Entropy Loss
  • pixel-wise auxiliary/generative supervisions

下面展开说说

2.2.1 Direct Supervision With Binary Cross Entropy Loss

在这里插入图片描述

treat FAS as a binary classification problem (e.g., ‘0’ for live while ‘1’ for spoofing faces, or vice versa)

bonafide versus PA

与常见的二分类视觉任务的不同点在于

  • self-evolving problem(attack vs. defense develop iteratively)
  • content-irrelevant (e.g., not related to facial attribute and ID)
  • subtle and with fine-grained details

very challenging to distinguish by even human eyes,性别二分类关注的是 semantic features,活检关注的是 arbitrary and unfaithful clues (e.g., screen bezel) for spoofing patterns,such intrinsic live/spoof clues are usually closely related with some position-aware auxiliary tasks.

存在的缺点:

  • these supervision signals only provide global (spatial/temporal) constraints for live/spoof embedding learning, which may causes FAS models to easily overfit to unfaithful patterns.

  • usually black-box and the characteristic of their learned features are hard to understand

2.2.2 Pixel-Wise Supervision

在这里插入图片描述

(1)Pixel-Wise Supervision With Auxiliary Task

provide more fine-grained and contextual task-related clues for better intrinsic feature learning,而不是 unfaithful patterns (e.g., screen bezel).

auxiliary supervision signals:

  • pseudo depth labels
  • binary mask labels——attack-type-agnostic and spatially interpretable
  • 3D point cloud map
  • Fourier spectra
  • reflection maps
  • ternary map
  • original face input reconstruction
  • pixel-wise reconstruction constraints
  • LBP texture map

存在的缺点:

  • usually relies on the high-quality (e.g., high-resolution) training data for fine grained spoof clue mining, and is harder to provide effective supervision signals when training data are too noisy and with low quality
  • the pseudo auxiliary labels are either human-designed or generated by other off-the-shelf algorithms, which are not always trustworthy

(2)Pixel-Wise Supervision With Generative Model

usually relaxes the expert-designed hard constraints (e.g.,auxiliary tasks), and leaves the decoder to reconstruct more natural spoof-related trace.

The generated spoof patterns are visually insightful, and are challenging to manually describe with human prior knowledge.

缺点

such soft pixel-wise supervision might easily fall into the local optimum and overfit on unexpected interference (e.g., sensor noise),

解决方式之一

Pixel-Wise Supervision With Generative Model + Pixel-Wise Supervision With Auxiliary Task

2.3 Generalized Deep Learning Method

在这里插入图片描述

Traditional end-to-end deep learning 缺点,下面场景会翻车

  • unseen dominant conditions——indicate the spoof irrelated external changes (e.g., lighting and sensor noise) but actually influence the appearance quality
  • unknown attack types——mean the novel attack types with intrinsic physical properties (e.g., material and geometry) which have not occurred in the training phase

Generalized Deep Learning Method

  • domain adaptation
  • generalization techniques
  • zero/few-shot learning
  • anomaly detection

2.3.1 Generalization to Unseen Domain

Domain adaptation(DA) vs Domain Generalization(DG)

在这里插入图片描述
一个需要无标签的 target domain 数据,一个不需要 target domain 的数据

(1)Domain adaptation(DA)

The distribution of source and target features are usually matched in a learned feature space

minimize the distribution discrepancy between the source and the target domain by utilizing unlabeled target data,

缺点

  • it is difficult and expensive to collect a lot of unlabeled target data
  • the source face data are usually inaccessible when deploying FAS models on the target domain

(2)Domain Generalization(DG)

缺点

domain generalization benefits FAS models to perform well in unseen domain, but it is still unknown whether it deteriorates the discrimination capability for spoofing detection under the seen scenarios.

2.3.2 Generalization to Unknown Attack Types

(1)Zero/Few-Shot Learning

缺点

few-shot learning 在 zero-shot case 场景会翻车

the failed detection usually occurs in the challenging attack types (e.g., transparent mask, funny eye, and makeup), which share similar appearance distribution with the bonafide

(2)Anomaly Detection

first trains a reliable one-class classifier to accurately cluster the live samples. Then any samples (e.g., unknown attacks) outside the margin of the live sample cluster would be detected as attacks

缺点

suffer from discrimination degradation compared with conventional live/spoof classification in the real-world open-set scenarios (i.e., both known and unknown attacks).

3 Deep FAS with Advanced Sensors

在这里插入图片描述

3.1 Uni-Modal Deep Learning Upon Specialized Sensor

在这里插入图片描述
绿色框还有个 medium 的评价,P < M < G < VG

NIR (900 to 1800nm), poor imaging quality in long distance

SWIR(940nm and 1450nm)

dynamic flash is sensitive under outdoor environments and is not user-friendly due to the long temporal activation time

3.2 Multi-Modal Deep Learning

(1)Multi-Modal Fusion

  • feature-level fusions
    modality features are usually extracted from separate branches with high computational cost
  • input-level fusions
  • decision-level fusions

(2)Cross-Modal Translation

pseudo modalities could be generated via cross-modality translation

missing modal data for multi-modal FAS

4 Discussion and Future Directions

the limitations of the current development

  • Limited live/spoof representation capacity with sub-optimal deep architectures, supervisions, and learning strategies
  • Evaluation under saturating and unpractical testing benchmarks and protocols
  • Isolating the anti-spoofing task on only the face area and physical attacks
  • Insufficient consideration about the interpretability and privacy issues

4.1 Architecture, Supervision and Interpretability

automatically search and find the best-suited temporal architectures especially for multi-modal usage

rich temporal context vs binary or pixel-wise supervision

More advanced feature visualization manners and fine-grained pixel-wise spoof segmentation should be developed for interpretable FAS

4.2 Representation Learning

transfer learning——缓解过拟合
disentangled learning——disentangle the intrinsic spoofing clues from the noisy representation
metric learning
self-supervised and semi-supervised learning

4.3 Real-World Open-Set FAS

GrandTest

4.4 Generic and Unified PA Detection

在这里插入图片描述

AFR-aware and FAS-aware

digital and physical attack types

4.5 Privacy-Preserved Training

federated learning

Last but no least

向「假脸」说 No:用OpenCV搭建活体检测器

活体检测的方法有很多,包括:

  • 纹理分析(Texture analysis),该方法计算了面部区域的局部二值模式(Local Binary Patterns,LBP),用 SVM 将面部分为真实面部和伪造面部;

  • 频率分析(Frequency analysis),比如检查面部的傅立叶域;

  • 可变聚焦分析(Variable focusing analysis),例如检查连续两帧间像素值的变化;

  • 启发式算法(Heuristic-Based algorithms),包括眼球运动、嘴唇运动和眨眼检测。这些算法试图追踪眼球运动和眨眼行为,来确保用户不是拿着谁的照片(因为照片不会眨眼也不会动嘴唇);

  • 光流算法(Optical Flow algorithm),即检测 3D 对象和 2D 平面产生的光流的属性和差异;

  • 3D 面部形状(3D face shape),类似于 iPhone 上的面部识别系统,这种算法可以让面部识别系统区分真实面部和其他人的照片或打印出来的图像;


暂时下载不到的文章 for free

  • Unknown presentation attack detection with face rgb images
  • Fake iris detection using structured light
  • FaceRevelio: a face liveness detection system for smartphones with a single front camera
  • Meaningful adversarial stickers for face recognition in physical world

阅读笔记

  • 【DDFD】《Multi-view Face Detection Using Deep Convolutional Neural Networks》(ICMR-2015)

  • 【IoU Loss】《UnitBox: An Advanced Object Detection Network》(ACM MM-2016)

  • 【FAS】《Face Anti-Spoofing Using Patch and Depth-Based CNNs》(IJCB-2017)

  • 【MLFP】《Face Presentation Attack with Latex Masks in Multispectral Videos》(CVPRW-2017)

  • 【Face Detection】《Face Detection using Deep Learning: An Improved Faster RCNN Approach》(Neurocomputing-2018)

  • 【GDConv】《MobileFaceNets:Efficient CNNs for Accurate RealTime Face Verification on Mobile Devices》(CCBR-2018)

  • 【CASIA-SURF】《A Dataset and Benchmark for Large-scale Multi-modal Face Anti-spoofing》(CVPR-2019)

  • 【FAS-FRN】《Recognizing Multi-modal Face Spoofing with Face Recognition Networks》(CVPR-2019 workshop)

  • 【FaceBagNet】《FaceBagNet:Bag-of-local-features Model for Multi-modal Face Anti-spoofing》(CVPR-2019 workshop)

  • 【FeatherNets】《FeatherNets:Convolutional Neural Networks as Light as Feather for Face Anti-spoofing》(CVPR-2019 workshop)

  • 【WMCA】《Biometric Face Presentation Attack Detection with Multi-Channel Convolutional Neural Network》(TIFS-2019)

  • 【WebFace260M】《WebFace260M:A Benchmark Unveiling the Power of Million-Scale Deep Face Recognition》(CVPR-2021)

  • 【EMFace】《EMface: Detecting Hard Faces by Exploring Receptive Field Pyramids》(arXiv-2021)

本文来自互联网用户投稿,该文观点仅代表作者本人,不代表本站立场。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如若转载,请注明出处:/a/362150.html

如若内容造成侵权/违法违规/事实不符,请联系我们进行投诉反馈qq邮箱809451989@qq.com,一经查实,立即删除!

相关文章

MFC 对话框架构

目录 Win32对话框回顾 对话框架构 无模式对话框架构程序执行过程 Win32对话框回顾 MFC框架中都是无模式对话框&#xff0c;不会阻塞&#xff0c;先回顾一下无模式对话框的创建&#xff1a; 添加对话框资源查找资源&#xff0c;FindResource加载资源&#xff0c;LoadResour…

idea自动生成实体类

第一步&#xff1a;idea连接数据库 出现这个就连接成功 第二步&#xff1a;选择数据库 第三步&#xff1a;创建实体类 也可以点击数据库一下子全部创建 选择创建实体类所放位置 这样就完成了&#xff0c;点击看看对其做相应修改

防火墙双向NAT配置

目录 拓扑需求 配置配置服务器映射配置NAT策略配置访问外网的NAT 配置安全策略 测试 拓扑 需求 分公司内部的客户端可以通过公网地址访问到内部的服务器 主要配置区域 配置 测试之前记得开启服务器的服务 配置服务器映射 配置NAT策略 源地址和目的地址同时转换 配置访问…

高等数学:微分

本文主要参考视频&#xff1a; 【建议收藏】同济七版《高等数学》精讲视频 | 期末考试 | 考研零基础 | 高数小白_哔哩哔哩_bilibili 3.3.1.1 微分的定义_哔哩哔哩_bilibili 3.3.5.1 导数与微分区别_哔哩哔哩_bilibili 仅供本人学习使用。 什么是微分 相对于导数来说&#xff0c…

简单实践 java spring cloud 负载均衡

1 概要 1.1 实现一个最简单的微服务。远程调用负载均衡&#xff0c;基本上完成了最核心的微服务框架。 远程调用&#xff1a;RestTemplate 注册中心&#xff1a;eureka 负载均衡&#xff1a;Ribbon 1.2 要点 1.2.1 依赖 1.2.1.1 主框架依赖 spring boot 依赖 <depe…

【JavaScript 漫游】【004】数据类型 object

文章简介 本文为【JavaScript 漫游】专栏的第 004 篇文章&#xff0c;记录 JS 数据类型 object 的重要知识点。 . 运算符和 [] 运算符Object.keys 方法delete 命令in 运算符for ... in ... 对象概述 JS 的对象是一组“键值对”&#xff08;key-value&#xff09;的集合&…

基于ssm的法律咨询系统(有报告)。Javaee项目,ssm项目。

演示视频&#xff1a; 基于ssm的法律咨询系统&#xff08;有报告&#xff09;。Javaee项目&#xff0c;ssm项目。 项目介绍&#xff1a; 采用M&#xff08;model&#xff09;V&#xff08;view&#xff09;C&#xff08;controller&#xff09;三层体系结构&#xff0c;通过Sp…

【百度Apollo】自动驾驶规划技术:实现安全高效的智能驾驶

&#x1f3ac; 鸽芷咕&#xff1a;个人主页 &#x1f525; 个人专栏:《linux深造日志》《粉丝福利》 ⛺️生活的理想&#xff0c;就是为了理想的生活! ⛳️ 推荐 前些天发现了一个巨牛的人工智能学习网站&#xff0c;通俗易懂&#xff0c;风趣幽默&#xff0c;忍不住分享一下…

springboot-前后端分离——第二篇

本篇主要介绍一个发送请求的工具—postman&#xff0c;然后对请求中的参数进行介绍&#xff0c;例如简单参数、实体参数、数组参数、集合参数、日期类型参数以及json类型参数&#xff0c;对这些参数接收进行总结。最后对响应数据进行介绍&#xff0c;使用统一响应结果返回浏览器…

MIT6.5830 实验0

前置 本次实验使用 Golang 语言实现&#xff0c;在之前的年份中&#xff0c;都是像 cs186 那样使用 Java 实现。原因&#xff1a; Golang 语言作为现代化语言&#xff0c;简单易上手但功能强大。 使参加实验的同学有同一起跑线&#xff0c;而不是像Java那样&#xff0c;有些同…

增加 CentOS 系统的交换空间/虚拟内存(swap)大小

增加 CentOS 系统的交换空间/虚拟内存&#xff08;swap&#xff09;大小 文章目录 增加 CentOS 系统的交换空间/虚拟内存&#xff08;swap&#xff09;大小 检查当前交换空间&#xff1a; 在终端中执行以下命令来查看当前的交换空间情况&#xff1a; swapon --show这将显示当…

二级域名分发全解密支持对接易支付

二级域名分发全解密支持对接易支付 先改epay里面的config.php 你的支付域名 然后再改&#xff0c;二级域名分发网站 环境&#xff1a;php74 伪静态&#xff1a; location / { try_files $uri $uri/ /index.php?$query_string; } 源代码&#xff1a;百度网盘 密码&#xff1a;1…

实现注册登录时数据的加密传输(含前后端具体代码)

前言 http/https协议提交在被抓包时请求内容是明文的, 直接传输账号密码的风险非常大&#xff0c;故这里我们要对数据加密处理&#xff0c;并生成校验码&#xff0c;防止数据篡改 Http/https传输账户密码等数据时需要加密处理的原因主要有以下几点&#xff1a; 数据保密性&a…

20240131在WIN10下配置whisper

20240131在WIN10下配置whisper 2024/1/31 18:25 首先你要有一张NVIDIA的显卡&#xff0c;比如我用的PDD拼多多的二手GTX1080显卡。【并且极其可能是矿卡&#xff01;】800&#xffe5; 2、请正确安装好NVIDIA最新的545版本的驱动程序和CUDA。 2、安装Torch 3、配置whisper http…

理解部署描述符的元素

理解部署描述符的元素 部署描述符是文件名为web.xml的XML文件&#xff0c;其包含了Web应用程序的配置信息。每个Web应用程序都有一个web.xml文件。web.xml文件的元素可用于指定servlet的初始化参数、不同文件的MIME类型、侦听器类&#xff0c;以及将URL模式映射到servlet上。一…

【SparkML系列3】特征提取器TF-IDF、Word2Vec和CountVectorizer

本节介绍了用于处理特征的算法&#xff0c;大致可以分为以下几组&#xff1a; 提取&#xff08;Extraction&#xff09;&#xff1a;从“原始”数据中提取特征。转换&#xff08;Transformation&#xff09;&#xff1a;缩放、转换或修改特征。选择&#xff08;Selection&…

【 USRP 相控阵】X波段相控阵开发平台用户指南

包装 一共三件。 1、AD9081-FMCA-EBZ AD9081 MxFE Evaluation Board, https://www.analog.com/eval-ad9081 AD9081 的全功能评估板使用 ACE 软件进行控制的 PC 软件HMC7044 的板载时钟用于管理套件和 FPGA 时钟选择切换到外部直接时钟 AD9081-FMCA-EBZ 评估板包括以各种模…

pinctrl/gpio子系统(1)-pinctrl子系统介绍及驱动源码分析

1.简介 在如今的驱动开发工作中&#xff0c;实际上已经很少去对着寄存器手册进行驱动开发了&#xff0c;一般板子拿到手&#xff0c;已经有原厂的驱动开发工程师&#xff0c;在gpio子系统、pinctrl子系统中将自家芯片的引脚适配好了。 我们直接基于设备树已配置好的寄存器值&a…

基于YOLOv8的工业油污缺陷检测,多种优化方法---自研注意力CPMS基于CBAM优化, mAP@0.5提升近五个点(二)

&#x1f4a1;&#x1f4a1;&#x1f4a1;本文主要内容:详细介绍了工业油污缺陷检测整个过程&#xff0c;从数据集到训练模型到结果可视化分析&#xff0c;以及如何优化提升检测性能。 &#x1f4a1;&#x1f4a1;&#x1f4a1;加入CPMS mAP0.5由原始的0.648提升至0.699 1.工业…

JMeter 下载、安装、启动

JMeter安装部署依赖Java环境&#xff0c;所以首先得安装JDK。 JDK下载JDK环境变量配置 ① 新建系统环境变量JAVA_HOME ② 编辑系统变量Path ③ 新建系统变量CLASSPATH变量 JMeter下载安装 Apache JMeter - Apache JMeter™ JMeter安装部署依赖Java环境&#xff0c;所以首…