Morphing attacks are an emerging threat to state-of-the-art Face Recognition (FR) systems, which aim to create a single image that contains the biometric information of multiple identities. Diffusion Morphs (DiM) are a recently proposed morphing attack that has achieved state-of-the-art performance for representation-based morphing attacks. However, none of the existing research on DiMs have leveraged the iterative nature of DiMs and left the DiM model as a black box, treating it no differently than one would a Generative Adversarial Network (GAN) or Varational AutoEncoder (VAE). We propose a greedy strategy on the iterative sampling process of DiM models which searches for an optimal step guided by an identity-based heuristic function. We compare our proposed algorithm against ten other state-of-the-art morphing algorithms using the open-source SYN-MAD 2022 competition dataset. We find that our proposed algorithm is unreasonably effective, fooling all of the tested FR systems with an MMPMR of 100%, outperforming all other morphing algorithms compared.

翻译：融合攻击是对先进人脸识别系统的新兴威胁，其旨在创建包含多个身份生物特征信息的单一图像。扩散融合是近期提出的一种融合攻击方法，在基于表示的融合攻击中取得了最优性能。然而，现有关于扩散融合的研究均未利用其迭代特性，仅将扩散融合模型视为黑箱处理，与生成对抗网络或变分自编码器无异。本文针对扩散融合模型的迭代采样过程提出一种贪心策略，通过基于身份信息的启发式函数引导搜索最优步骤。我们使用开源SYN-MAD 2022竞赛数据集，将所提算法与十种其他先进融合算法进行比较。结果表明，所提算法具有异常高效性，以100%的MMPMR指标成功欺骗所有测试人脸识别系统，性能优于所有对比融合算法。