AttackNet: Enhancing Biometric Security via Tailored Convolutional Neural Network Architectures for Liveness Detection

TL;DR

AttackNet addresses the spoofing risk in biometric liveness detection by introducing a lightweight, three-phase CNN architecture designed for robustness on mobile and embedded devices. The approach emphasizes cross-dataset generalization, evaluated across diverse datasets including silicone masks, 3D masks, multispectral spoofs, and a proprietary dataset, with extensive analysis of training on fused datasets to improve generalization. The paper demonstrates competitive efficiency (≈$22.7$ MFLOPs and ≈$0.3$M parameters) and substantial cross-dataset performance gains, while acknowledging persistent generalization challenges—particularly with MSSpoof—and outlining clear directions for future enhancements (attention mechanisms, dataset expansion, real-world deployment). Grad-CAM analyses provide interpretability by unveiling dataset-dependent attention to skin texture and lighting cues. Overall, AttackNet represents a promising step toward scalable, robust liveness detection suitable for real-world biometric security systems.

Abstract

Biometric security is the cornerstone of modern identity verification and authentication systems, where the integrity and reliability of biometric samples is of paramount importance. This paper introduces AttackNet, a bespoke Convolutional Neural Network architecture, meticulously designed to combat spoofing threats in biometric systems. Rooted in deep learning methodologies, this model offers a layered defense mechanism, seamlessly transitioning from low-level feature extraction to high-level pattern discernment. Three distinctive architectural phases form the crux of the model, each underpinned by judiciously chosen activation functions, normalization techniques, and dropout layers to ensure robustness and resilience against adversarial attacks. Benchmarking our model across diverse datasets affirms its prowess, showcasing superior performance metrics in comparison to contemporary models. Furthermore, a detailed comparative analysis accentuates the model's efficacy, drawing parallels with prevailing state-of-the-art methodologies. Through iterative refinement and an informed architectural strategy, AttackNet underscores the potential of deep learning in safeguarding the future of biometric security.

Figures (5)

• Figure 1: AttackNet Architecture attacknet
• Figure 2: Datasets employed: csmad_datasetkinectunder_spoofing_attackseffectiveness_local_binary and ours. In red we marked example attack images, and in green -- bonafide ones.
• Figure 3: Loss and accuracy curves for 150 epochs while training on Fused dataset.
• Figure 4: Attention maps built using Grad-CAM technology for four datasets. Highlighted regions show activations that contributed the most to the classification decision, where temperature represents the intensity. Left column -- what led to "attack" decision, right -- what led to "bonafide" decision.
• Figure 5: ROC curves of the model trained on the fuzed dataset and then tested on datasets used. Unfortunately, the model did not generalize well on the MSSPoof dataset, so it is not included in the figure.