Face recognition is not secure, United States scientists with photos crack-IT-face recognition information

As people pay more attention to information security and a variety of consumer electronic products in the fingerprint to unlock unlock the unlock, face and IRIS technologies is also becoming popular, it has become almost a standard to password. For their safety and convenience on the merits also has been controversial, and currently do not form a unified conclusion. Recently, from the United States a research team at the University of North Carolina for face recognition with pictures cast a negative vote.

According to foreign media reports, a research team from the University of North Carolina with their recently in social media (Facebook) collected a number of photos, using special computer synthesis and rendering technology, you can generate a planar 3D model display on the phone. They then use this model to test, found as many as five were security system in 4/5 to 85% time to be measured, can be easily fooled. More important is that they can collect on the Facebook photos is very limited, and there is no guarantee of quality, there is only a 45-degree angle-side face.

According to the team, just like a real hacker and a stalker, they collected a total of 20 volunteer photo posted on the social media, and then based on these photos to make 3D model of the face of each volunteer and add facial expressions and gestures such as blinking, making the models look like staring at the camera. Even more crucial is that due to the quantity and quality of photographs cannot be guaranteed, so the scientists had to "artificial" has some photos of the missing information, such as shadow, facial wrinkles, such as in the photo. The most extreme example of this is, there are several volunteers in two or three photos were posted on social media, and the pixel is still very low.

Information on how to prevent hackers using similar means to obtain user data, a researcher of the team at the Usenix Security Conference said: at present, some with additional hardware device manufacturers have been able to avoid the occurrence of similar situations, for example, Tobii company against Microsoft Windows Hello launched eye-tracking cameras face recognition system. But for now this additional hardware might raise the cost of security systems, whether consumers will accept, manufacturers also further considerations.

In addition, real face will emit infrared radiation, no matter how realistic the photo or 3D model will not, using this line of thought can also be security had to do some workarounds to avoid malicious attacks by hackers using similar means.

人脸识别也不安全，美国科学家用几张照片就破解了 - 人脸识别 - IT资讯

随着人们对信息安全越来越重视，各种消费级电子产品中指纹解锁、人脸解锁和虹膜解锁等技术也日渐流行，几乎成了密码之外的另一项标配。对于他们之间在安全性和便利性上的优劣也一直存有争议，目前并没有形成一个统一的结论。近日，来自美国北卡罗来纳大学的一个科研团队用几张照片为人脸识别投了一张反对票。

据外媒报道，近日来自北卡罗来纳大学的一个研究团队凭借他们在社交媒体（Facebook）上收集到的若干照片，利用特殊的电脑合成和渲染技术，可以生成一个平面化的3D模型显示在手机上。随后他们利用这个模型进行测试，发现有高达4/5的被测安全系统在55%到85%的被测时间内，都可以被轻松骗过。更重要的是，他们在Facebook上能收集到的照片非常有限，质量也没有保证，有些还只是45度角的侧脸。

据该团队介绍，就像真正的黑客和跟踪狂一样，他们一共收集了20名志愿者发布在社交媒体上的照片，然后根据这些照片制作每位志愿者的面部3D模型，并加入面部表情和眨眼睛等小动作，使得该模型像是在盯着摄像头的样子。更关键的是，由于照片的数量和质量都不能得到保障，因此科学家们还不得不“人造”了一些照片丢失的信息，例如照片中的阴影、面部表情的褶皱等。最极端的例子是，有几位志愿者只在社交媒体上发布了两三张照片，并且像素还很低。

关于如何避免黑客利用类似手段获取用户数据，团队的一位研究者在Usenix安全大会上表示：目前一些厂商已经可以利用额外的硬件设备来避免类似的情况发生，例如Tobii公司针对微软Windows Hello人脸识别系统推出的眼球追踪摄像头。但是目前来说这种增加额外硬件的方式可能会提高安全系统的成本，消费者是否能接受，厂商还要进一步考量。

除此之外，真正的人脸会发出红外辐射，而照片或者3D模型无论再逼真也不会，利用这一思路也可以在安全曾面做一些规避措施，避免黑客利用类似手段进行恶意攻击。