Facial Liveness Verification (FLV) is widely used for identity authentication in many security-sensitive domains and offered as Platform-as-a-Service (PaaS) by leading cloud vendors. Yet, with the rapid advances in synthetic media techniques (e.g., deepfake), the security of FLV is facing unprecedented challenges, about which little is known thus far. To bridge this gap, in this paper, we conduct the first systematic study on the security of FLV in real-world settings. Specifically, we present LiveBugger, a new deepfake-powered attack framework that enables customizable, automated security evaluation of FLV. Leveraging LiveBugger, we perform a comprehensive empirical assessment of representative FLV platforms, leading to a set of interesting findings. For instance, most FLV APIs do not use anti-deepfake detection; even for those with such defenses, their effectiveness is concerning (e.g., it may detect high-quality synthesized videos but fail to detect low-quality ones). We then conduct an in-depth analysis of the factors impacting the attack performance of LiveBugger: a) the bias (e.g., gender or race) in FLV can be exploited to select victims; b) adversarial training makes deepfake more effective to bypass FLV; c) the input quality has a varying influence on different deepfake techniques to bypass FLV. Based on these findings, we propose a customized, two-stage approach that can boost the attack success rate by up to 70%. Further, we run proof-of-concept attacks on several representative applications of FLV (i.e., the clients of FLV APIs) to illustrate the practical implications: due to the vulnerability of the APIs, many downstream applications are vulnerable to deepfake. Finally, we discuss potential countermeasures to improve the security of FLV. Our findings have been confirmed by the corresponding vendors.
翻译:在对安全敏感的许多领域,Facial Lives Vior(FLV)被广泛用于身份认证,由云端主要供应商作为平台自动安全评估(PaaS)提供。然而,随着合成媒体技术(如深假)的快速发展,FLV的安全正面临前所未有的挑战,而迄今为止对这些挑战还鲜为人知。为了缩小这一差距,我们在本文件中首次对现实世界环境中的FLV安全进行了系统研究。具体地说,我们提出了LiveBugger,这是一个新的深层Fake动力攻击框架,使得FLV能够定制自动化的安全评估。LiveBugger,我们对有代表性的FLV平台进行了全面的实证评估,导致了一系列有趣的发现。例如,大多数FLV AP没有使用防腐蚀性检测;即使有这种防御能力,我们也能讨论(例如,它可能检测到高质量合成视频视频,但却无法检测出低质量指标。我们随后对LiveBublax的进攻性反应进行深入分析。我们可以通过LiveBuck的双向Freval view view a creal deal deal deal lives lives lives laction) press press press press (e) roduction) roduction (我们能能能能能能向不同的分析,我们向不同的分析,我们可以向Fleval be view view view view viewd) violde) view view vial be viewdaldaldaldaldald) view viewdaldald) viewddddaldaldalddal (我们可以进一步 viewdaldald) 。