RobustID: A Quantitative Framework for Evaluating the Resilience of Deep Learning Models Against Identity Manipulation
Keywords:
Adversarial Attack, Deep Learning, Identity Recognition, Robustness Evaluation, Security, Temporal Consistency, Transfer Robustness.Abstract
As deep learning models increasingly govern operational identity verification, their vulnerability to sophisticated adversarial manipulation presents a critical risk to digital integrity. This research introduces RobustID, a comprehensive evaluation framework designed to quantify and enhance the resilience of neural identity detectors. The framework systematically applies a multi-vector attack taxonomy, including adversarial perturbations (PGD/FGSM), presentation attacks (PA), and cross-modal latent injections across diverse biometric and behavioral datasets. A core technical contribution of RobustID is the integration of Bayesian uncertainty estimation to quantify detection degradation and identify the breaking points of state-of-the-art verification architectures. Furthermore, the study evaluates strategic mitigation regimens, including adversarial training, feature-space regularization, and multimodal redundancy. Empirical results reveal that while standard models are highly susceptible to texture-based and resolution-aware spoofing, the implementation of the RobustID-derived adaptive defenses can substantially improve model robustness without compromising baseline accuracy. By bridging the gap between theoretical adversarial AI and practical security, this research establishes a definitive methodology for deploying resilient, confidence-aware deep learning systems in high-stakes operational environments
Downloads
References
E. P. Galla, C. R. Madhavaram, and V. N. Boddapati, “Big data and AI innovations in biometric authentication for secure digital transactions,” SSRN, 2021.
A. Alzu’bi, F. Albalas, T. Al-Hadhrami, L. B. Younis, and A. Bashayreh, “Masked face recognition using deep learning: A review,” Electronics, vol. 10, no. 21, p. 2666, 2021.
I. Bezukladnikov, A. Kamenskih, A. Tur, A. Kokoulin, and A. Yuzhakov, “Technology: Person identification,” in Handbook of Smart Cities. Cham, Switzerland: Springer, 2021, pp. 653–686.
T. M. Fehlmann, Autonomous Real-Time Testing: Testing Artificial Intelligence and Other Complex Systems. Berlin, Germany: Logos Verlag, 2020.
S. Kumar, S. Prasanna, and X. Ruan, “A unified hybrid machine learning architecture for robust identity anomaly detection in large-scale digital ecosystems,” Journal of Electrical Systems, vol. 14, no. 1, pp. 160–173, 2018.
L. A. Babatunde, E. D. Etim, I. A. Essien, E. Cadet, J. O. Ajayi, E. D. Erigha, and E. Obuse, “Adversarial machine learning in cybersecurity: Vulnerabilities and defense strategies,” Journal of Frontiers in Multidisciplinary Research, vol. 1, no. 2, pp. 31–45, 2020.
S. Kumar and S. Prasanna, “Heterogeneous ensemble learning for robust adversarial pattern recognition in digital ecosystems,” Journal of Computational Analysis and Applications, vol. 27, no. 5, pp. 18–28, 2019.
A. J. Keith, Operational Decision Making under Uncertainty: Inferential, Sequential, and Adversarial Approaches, 2019.
S. K. S. Prasanna, “GeoDNN: Geometry-aware deep neural networks for cross-domain fingerprint spoof detection,” International Journal of Intelligent Systems and Applications in Engineering, vol. 6, no. 1, pp. 97–107, Mar. 2018.
Y. Zhong and W. Deng, “Towards transferable adversarial attack against deep face recognition,” IEEE Transactions on Information Forensics and Security, vol. 16, pp. 1452–1466, 2020.
G. Goswami, N. Ratha, A. Agarwal, R. Singh, and M. Vatsa, “Unravelling robustness of deep learning based face recognition against adversarial attacks,” in Proc. AAAI Conf. Artificial Intelligence, vol. 32, no. 1, Apr. 2018.
A. Agarwal, R. Singh, M. Vatsa, and A. Noore, “MagNet: Detecting digital presentation attacks on face recognition,” Frontiers in Artificial Intelligence, vol. 4, p. 643424, 2021.
F. Vakhshiteh, A. Nickabadi, and R. Ramachandra, “Adversarial attacks against face recognition: A comprehensive study,” IEEE Access, vol. 9, pp. 92735–92756, 2021.
R. Singh, A. Agarwal, M. Singh, S. Nagpal, and M. Vatsa, “On the robustness of face recognition algorithms against attacks and bias,” in Proc. AAAI Conf. Artificial Intelligence, vol. 34, no. 9, pp. 13583–13589, Apr. 2020.
Y. Wang, C. Zhang, X. Liao, X. Wang, and Z. Gu, “An adversarial attack system for face recognition,” Journal of Artificial Intelligence, vol. 3, no. 1, p. 1, 2021.
F. V. Massoli, F. Carrara, G. Amato, and F. Falchi, “Detection of face recognition adversarial attacks,” Computer Vision and Image Understanding, vol. 202, p. 103103, 2021.
L. Yang, Q. Song, and Y. Wu, “Attacks on state-of-the-art face recognition using attentional adversarial attack generative network,” Multimedia Tools and Applications, vol. 80, no. 1, pp. 855–875, 2021.
F. V. Massoli, F. Falchi, and G. Amato, “Cross-resolution face recognition adversarial attacks,” Pattern Recognition Letters, vol. 140, pp. 222–229, 2020.
M. Pautov, G. Melnikov, E. Kaziakhmedov, K. Kireev, and A. Petiushko, “On adversarial patches: Real-world attack on ArcFace-100 face recognition system,” in Proc. Int. Multi-Conf. Engineering, Computer and Information Sciences (SIBIRCON), Oct. 2019, pp. 391–396.
S. Soleymani, B. Chaudhary, A. Dabouei, J. Dawson, and N. M. Nasrabadi, “Differential morphed face detection using deep siamese networks,” in Proc. Int. Conf. Pattern Recognition, Cham, Switzerland: Springer, 2021, pp. 560–572.
Y. Dong et al., “Efficient decision-based black-box adversarial attacks on face recognition,” in Proc. IEEE/CVF Conf. Computer Vision and Pattern Recognition (CVPR), 2019, pp. 7714–7722.
D. Deb, J. Zhang, and A. K. Jain, “AdvFaces: Adversarial face synthesis,” in Proc. IEEE Int. Joint Conf. Biometrics (IJCB), Sep. 2020, pp. 1–10.
S. Gore and C. Puthillate, “Authentication and authorization of users in an information handling system between baseboard management controller and host operating system users,” U.S. Patent 11,038,874, 2021.
S. Venkatesh, R. Ramachandra, K. Raja, and C. Busch, “Face morphing attack generation and detection: A comprehensive survey,” IEEE Transactions on Technology and Society, vol. 2, no. 3, pp. 128–145, 2021.
S. K. S. Prasanna, “DeepSynth: A robust multi-layer neural detection of coordinated latent anomalies in high-dimensional identity systems,” International Journal of Intelligent Systems and Applications in Engineering, vol. 7, no. 1, pp. 66–77, Mar. 2019.
Downloads
Published
How to Cite
Issue
Section
License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
All papers should be submitted electronically. All submitted manuscripts must be original work that is not under submission at another journal or under consideration for publication in another form, such as a monograph or chapter of a book. Authors of submitted papers are obligated not to submit their paper for publication elsewhere until an editorial decision is rendered on their submission. Further, authors of accepted papers are prohibited from publishing the results in other publications that appear before the paper is published in the Journal unless they receive approval for doing so from the Editor-In-Chief.
IJISAE open access articles are licensed under a Creative Commons Attribution-ShareAlike 4.0 International License. This license lets the audience to give appropriate credit, provide a link to the license, and indicate if changes were made and if they remix, transform, or build upon the material, they must distribute contributions under the same license as the original.
