SoK: Anti-Facial Recognition Technology

Wenger, Emily; Shan, Shawn; Zheng, Haitao; Zhao, Ben Y.

doi:10.48550/arxiv.2112.04558

Cited by 1 publication

(1 citation statement)

References 54 publications

(87 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…At this point, the attacker can perform additional analyses on the images to extract different types of information. For example, they could run the image through a face recognition system [33], [6], [52]; or if the CSIS system also reports user identity, they can automatically place a specific user at a specific physical location.…”

Section: Introductionmentioning

confidence: 99%

Experimental Analyses of the Physical Surveillance Risks in Client-Side Content Scanning

Hooda,

Labunets,

Kohno

et al. 2024

Proceedings 2024 Network and Distributed System Security Symposium

View full text Add to dashboard Cite

Content scanning systems employ perceptual hashing algorithms to scan user content for illicit material, such as child pornography or terrorist recruitment flyers. Perceptual hashing algorithms help determine whether two images are visually similar while preserving the privacy of the input images. Several efforts from industry and academia propose scanning on client devices such as smartphones due to the impending rollout of end-to-end encryption that will make server-side scanning difficult. These proposals have met with strong criticism because of the potential for the technology to be misused for censorship. However, the risks of this technology in the context of surveillance are not well understood. Our work informs this conversation by experimentally characterizing the potential for one type of misuse -attackers manipulating the content scanning system to perform physical surveillance on target locations. Our contributions are threefold: (1) we offer a definition of physical surveillance in the context of client-side image scanning systems; (2) we experimentally characterize this risk and create a surveillance algorithm that achieves physical surveillance rates more than 30% by poisoning 0.2% of the perceptual hash database; (3) we experimentally study the trade-off between the robustness of client-side image scanning systems and surveillance, showing that more robust detection of illicit material leads to an increased potential for physical surveillance in most settings.

show abstract

Section: Introductionmentioning

confidence: 99%