Research Outline

Counter AI Technologies

Goals

To find information on the current research that exists in regard to counter AI such as deep fakes and biometric spoofing.

Early Findings

  • Biometric authentication is one of the most used security technology in the digital ID space.
  • An instance of this trend is in the smartphone sector where brands like Apple have developed biometric unlock features using fingerprints and facial features.
  • However, "fraudsters, hackers and other cybercriminals are unfortunately working to circumvent these defenses and access valuable user data, but biometrics providers are creating measures to anticipate and counter the latest threats."
  • Different methods are used by cyber criminals to beat biometric authentication measures. A major method is spoofing, which is the security industry term for faking biometric identifiers to impersonate legitimate users and gain access.
  • Technologies such as artificial intelligence, machine learning, 3D printing, and advanced sensors are double-edged swords because they can be used to develop tools that improve security and they can also be used to develop tools that utilize these technologies to break defenses.
  • Spoofing relies on creating fake physical characteristics such as facial features, fingerprints or vein patterns so as to trick sensors into recognizing users who are not actually there.
  • In 2018, German security researchers at the Chaos Communication Congress conference demonstrated a fake hand designed to outsmart palm-vein scanners (the hand was designed in about one month). This shows that counter AI technologies can be used to break security by tricking AI based security systems.
  • Additional, facial recognition biometrics can also be spoofed with certain technologies and researchers from the University of North Carolina "used rendering software to create 3D models of human heads, based on publicly accessible Facebook pictures."
  • The researchers then used a VR system to submit the models to facial recognition programs that included BioID, KeyLemon, Mobius, True Key, and 1D. They ended up successfully spoofing four of the facial recognition programs with success rates that ranged between 55% and 85%.
  • There exists numerous peer reviewed research papers on the topic of deep fakes and biometric spoofing.