Summary of Sample Correlation For Fingerprinting Deep Face Recognition, by Jiyang Guan et al.
Sample Correlation for Fingerprinting Deep Face Recognition
by Jiyang Guan, Jian Liang, Yanbo Wang, Ran He
First submitted to arxiv on: 30 Dec 2024
Categories
- Main: Computer Vision and Pattern Recognition (cs.CV)
- Secondary: Artificial Intelligence (cs.AI)
GrooveSquid.com Paper Summaries
GrooveSquid.com’s goal is to make artificial intelligence research accessible by summarizing AI papers in simpler terms. Each summary below covers the same AI paper, written at different levels of difficulty. The medium difficulty and low difficulty versions are original summaries written by GrooveSquid.com, while the high difficulty version is the paper’s original abstract. Feel free to learn from the version that suits you best!
| Summary difficulty | Written by | Summary |
|---|---|---|
| High | Paper authors | High Difficulty Summary Read the original abstract here |
| Medium | GrooveSquid.com (original content) | Medium Difficulty Summary The paper presents a novel method, SAmple Correlation (SAC), for detecting model stealing attacks in deep face recognition. Model stealing is a threat to the rights of the original model owner, as an off-the-shelf face recognition model can be stolen and used without permission. The proposed SAC-JC method selects JPEG compressed samples as inputs and calculates the correlation matrix among their outputs to identify potential model stealing attacks. The paper demonstrates that SAC successfully defends against various attacks in deep face recognition tasks, including face verification and emotion recognition, achieving high performance metrics such as AUC, p-value, and F1-score. Additionally, the method is extended to object recognition datasets like Tiny-ImageNet and CIFAR10, showcasing superior performance compared to previous methods. |
| Low | GrooveSquid.com (original content) | Low Difficulty Summary This paper is about keeping someone’s secret face-recognition model from being stolen. When a company makes a super-good face-recognition model, it can be copied by others without permission. The researchers are trying to stop this by creating a new way to detect when someone tries to steal the model. They call this method SAmple Correlation (SAC). SAC works by taking pictures and comparing them to see if they’re similar or not. This helps to figure out if someone is trying to steal the model or not. The researchers tested SAC on some face-recognition tasks and found that it worked really well. |
Keywords
» Artificial intelligence » Auc » F1 score » Face recognition
