Page 5 - IJEEE-2022-Vol18-ISSUE-1
P. 5

Received: 24 September 2021            Revised: 30 October 2021    Accepted: 30 October 2021
DOI: 10.37917/ijeee.18.1.1
                                                                                              Vol. 18| Issue 1| June 2022
                                                                                                                       ? Open Access

Iraqi Journal for Electrical and Electronic Engineering

Original Article

Face Recognition System Against Adversarial Attack
          Using Convolutional Neural Network

                                                        Ansam Kadhim, Salah Al-Darraji
                 Department of Computer Science, College of Education for Pure Sciences, University of Basrah, Iraq

Correspondence
*Ansam Kadhim
Computer Science Department,
College of Education for Pure Sciences,
University of Basrah, Basrah, Iraq
Email: pgs2181@uobasrah.edu.iq

Abstract
Face recognition is the technology that verifies or recognizes faces from images, videos, or real-time streams. It can be used in
security or employee attendance systems. Face recognition systems may encounter some attacks that reduce their ability to
recognize faces properly. So, many noisy images mixed with original ones lead to confusion in the results. Various attacks that
exploit this weakness affect the face recognition systems such as Fast Gradient Sign Method (FGSM), Deep Fool, and
Projected Gradient Descent (PGD). This paper proposes a method to protect the face recognition system against these attacks
by distorting images through different attacks, then training the recognition deep network model, specifically Convolutional
Neural Network (CNN), using the original and distorted images. Diverse experiments have been conducted using combinations
of original and distorted images to test the effectiveness of the system. The system showed an accuracy of 93% using FGSM
attack, 97% using deep fool, and 95% using PGD.
KEYWORDS: Face Recognition, Convolutional Neural Network, Adversarial Attacks.

                         I. INTRODUCTION                           medicine, and security issues. FR technology is considered
                                                                   one of the most important methods that deal with images of
    Face Recognition (FR) is a technique that is used to           faces for different people. This technology is compatible to
recognize faces in images and videos using various                 discover any noises in faces [6] using CNN algorithm.
algorithms. As the face is the most important identification       Therefore, it decreases noises from most images of faces for
part in the body of a human, it is useful in many fields for       the train and test dataset.
people's identification, such as in airports for security issues.
Therefore, face recognition is necessary for such                        It is not possible to tell the difference between a real
applications. Many factors affect the clarity of the face such     face and an image of a face and cannot be easily recognized
as resolution, illumination, and facial expressions. Noise         by machine learning algorithms. Therefore, biometric
also plays a negative role in faking faces. The technology of      sensors can improve recognition accuracy. The advantage of
face recognition tries to remove noises from faces to get          this technology is to enhance security and social
higher accuracy. Consequently, it discovers the original           environments. It can be used in online banking and medical
images to enhance the results using suitable algorithms for        records for Personal Identification. However, the CNN
this purpose.                                                      algorithm is used for this purpose in many areas. In some
                                                                   applications, where the recognition accuracy is required to
    Hence, it is reasonable that most companies use this           be high, some factors may affect the recognition, such as
technology to get to know their staff and avoid strangers,         intentionally added noise. When the noise was added, the
especially, if the number of employees is high. This               classification of the input image was wrong, as explained by
technology is related to computer programming and gives            Szegedy et al. [7]. To recognize faces, different systems can
full information about a person rapidly. The technology of         be used, and these systems are required to eliminate noise in
face recognition was used in most popular regions, for             faces.
example, 98 countries use this technology. So, the defense
techniques by using layers in the CNN algorithm were used              This paper aims at identifying the problem of noisy faces
to increase adversarial training [1, 2, 3, 4, and 5] on dataset    (unclear faces) and adversarial images. FR technique is a
training. This helps them to get results as soon as possible,      difficult process, especially if the images are blurry or
especially, in the airport, passengers, traveling, working,        unclear. Therefore, FR with a suitable algorithm can be used

This is an open access article under the terms of the Creative Commons Attribution License, which permits use, distribution and
reproduction in any medium, provided the original work is properly cited.
© 2021 The Authors. Iraqi Journal for Electrical and Electronic Engineering by College of Engineering, University of Basrah.

https://doi.org/10.37917/ijeee.18.1.1                                                         https://www.ijeee.edu.iq 1
   1   2   3   4   5   6   7   8   9   10