Researchers develop AI to fool facial recognition tech

A team from the University of Toronto has created an algorithm to disrupt the technology

AI artificial intelligence

A team of engineering researchers from the University of Toronto have created an algorithm to dynamically disrupt facial recognition systems.

Led by professor Parham Aarabi and graduate student Avishek Bose, the team used a deep learning technique called "adversarial training", which pits two artificial intelligence algorithms against each other.

Aarabi and Bose designed a set of two neural networks, the first one identifies faces and the other works on disrupting the facial recognition task of the first. The two constantly battle and learn from each other, setting up an ongoing AI arms race.

"The disruptive AI can 'attack' what the neural net for the face detection is looking for," Bose said in an interview with Eureka Alert.

"If the detection AI is looking for the corner of the eyes, for example, it adjusts the corner of the eyes so they're less noticeable. It creates very subtle disturbances in the photo, but to the detector, they're significant enough to fool the system."

The result looks similar to an Instagram filter that can be applied to photos to protect privacy. The algorithm targets very specific pixels in the image, making subtle changes that are almost imperceptible to the human eye.

"The key here was to train the two neural networks against each other, with one creating an increasingly robust facial detection system, and the other creating an ever stronger tool to disable facial detection," added Bose.

Concerns over privacy and data security are high with questions being asked of the likes of Google, Amazon and the Metropolitan Police in London who are implementing and providing facial recognition technology.

Google has unveiled doorbells that use facial recognition cameras, which will go on sale in British suburbs, raising concerns about invasion of privacy.

Amazon has come under fire from the American Civil liberties Union (ACLU) and others for providing the US police force with its facial recognition software.

London's Met police were said to be using 'dangerously inaccurate' facial recognition technology that is claimed to have a failure rate of 98%.

Aarabi believes 'anti' facial recognition systems can benefit personal privacy as the neural nets become more and more advanced.

"Personal privacy is a real issue as facial recognition becomes better and better," added Aarabi. "This is one way in which beneficial anti-facial-recognition systems can combat that ability."

"Ten years ago these algorithms would have to be human-defined, but now neural nets learn by themselves, you don't need to supply them anything except training data.

"In the end, they can do some really amazing things. It's a fascinating time in the field, there's enormous potential."

Image credit: Shutterstock 

Featured Resources

Four cyber security essentials that your board of directors wants to know

The insights to help you deliver what they need

Download now

Data: A resource much too valuable to leave unprotected

Protect your data to protect your company

Download now

Improving cyber security for remote working

13 recommendations for security from any location

Download now

Why CEOS should care about the move to SAP S/4HANA

And how they can accelerate business value

Download now

Recommended

Secure your Wi-Fi against hackers in 10 steps
Security

Secure your Wi-Fi against hackers in 10 steps

23 Nov 2020
How to protect against a DDoS attack
Security

How to protect against a DDoS attack

17 Nov 2020
Workday's Accounting Center helps businesses manage financial data
chief financial officer (CFO)

Workday's Accounting Center helps businesses manage financial data

30 Oct 2020
The IT Pro Panel
Business strategy

The IT Pro Panel

26 Oct 2020

Most Popular

80% of cyber professionals say the Computer Misuse Act is working against them
Security

80% of cyber professionals say the Computer Misuse Act is working against them

20 Nov 2020
Cisco acquires container security startup Banzai Cloud
Security

Cisco acquires container security startup Banzai Cloud

18 Nov 2020
What is phishing?
phishing

What is phishing?

25 Nov 2020