@inproceedings{f94cab2a38c44e3c838807aaa0428560,
title = "AdversariaLeak: External Information Leakage Attack Using Adversarial Samples on Face Recognition Systems",
abstract = "Face recognition (FR) systems are vulnerable to external information leakage (EIL) attacks, which can reveal sensitive information about the training data, thus compromising the confidentiality of the company{\textquoteright}s proprietary and the privacy of the individuals concerned. Existing EIL attacks mainly rely on unrealistic assumptions, such as a high query budget for the attacker and massive computational power, resulting in impractical EIL attacks. We present AdversariaLeak, a novel and practical query-based EIL attack that targets the face verification model of the FR systems by using carefully selected adversarial samples. AdversariaLeakuses substitute models to craft adversarial samples, which are then handpicked to infer sensitive information. Our extensive evaluation on the MAAD-Face and CelebA datasets, which includes over 200 different target models, shows that AdversariaLeakoutperforms state-of-the-art EIL attacks in inferring the property that best characterizes the FR model{\textquoteright}s training set while maintaining a small query budget and practical attacker assumptions.",
keywords = "Adversarial Samples, External Information Leakage, Face Recognition",
author = "Roye Katzav and Amit Giloni and Edita Grolman and Hiroo Saito and Tomoyuki Shibata and Tsukasa Omino and Misaki Komatsu and Yoshikazu Hanatani and Yuval Elovici and Asaf Shabtai",
note = "Publisher Copyright: {\textcopyright} The Author(s), under exclusive license to Springer Nature Switzerland AG 2025.; 18th European Conference on Computer Vision, ECCV 2024 ; Conference date: 29-09-2024 Through 04-10-2024",
year = "2025",
month = jan,
day = "1",
doi = "10.1007/978-3-031-73226-3_17",
language = "English",
isbn = "9783031732256",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
publisher = "Springer Science and Business Media Deutschland GmbH",
pages = "288--303",
editor = "Ale{\v s} Leonardis and Elisa Ricci and Stefan Roth and Olga Russakovsky and Torsten Sattler and G{\"u}l Varol",
booktitle = "Computer Vision – ECCV 2024 - 18th European Conference, Proceedings",
address = "Germany",
}