Abstract
Recent research has demonstrated that deep neural networks, typically used in finger vein recognition, are susceptible to different types of attacks, such as adversarial attacks, data poisoning attacks, and backdoor attacks. Among the attacks, backdoor attacks occur in almost every stage of the deep learning pipeline. Finger vein recognition has extensively been used in real-world applications for personal identity authentication. To develop a secure finger vein recognition system, one must study possible backdoor attacks, which can embed hidden malicious behaviors into the system. Existing backdoor attacks are as easily perceptible as conspicuous spatial triggers and difficult-to-resist data augmentation. To address this issue, we propose a novel frequency-injection-based backdoor attack method capable of delivering attacks in finger vein recognition. Specifically, images are transformed from the spatial domain to the frequency domain by discrete wavelet transform (DWT), and the trigger injects several times in the high-frequency part in the vertical direction. Experimental results of public finger vein datasets validate the proposed method's effectiveness, showing good attack performance and bypassing backdoor defense.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
