Ruse: making human’ photos unusable for facial recognition systems

Ruse

Mobile camera-based application that attempts to alter photos to preserve their utility to humans while making them unusable for facial recognition systems.

Usage example

The app is developed as a camera-based app, allowing for the modification of faces on new camera capture or current photos on camera roll with the goal of keeping them useful for social media and human consumption while making it difficult for facial recognition systems to utilize them accurately and effectively.

This is done through a variety of methods based on previous research. Due to the limits of mobile and TensorFlow Lite, learning on the device itself is not possible—so some of the more advanced techniques are not yet possible (but research and development may yield future results.)

The Jupyter notebook illustrates the “arbitrary fast style” adversarial technique that is possible on mobile:

In the long term, this technique will be applied selectively (likey to segments of the photographs), along with perlin/simplex noise generated on a per-image basis, a la https://github.com/kieranbrowne/camera-adversaria.

A variety of methods are used to conceal the faces from commercial recognition systems (e.g. arbitrary file transfer, perlin noise introduction). Before saving to the camera roll or being used for online purposes, an onboard facility checks to see if faces can be detected.

The effect of these adversarial approaches may then be checked without needing to have network access.

(Future versions plan on including a similar onboard estimation of how a sample recognition system fairs against the modified image (classification as opposed to merely detection.))

Install

Copyright (c) 2019 derrumbe