{"id":"https://openalex.org/W4411635516","doi":"https://doi.org/10.1145/3731715.3733425","title":"SAP-DIFF: Semantic Adversarial Patch Generation for Black-Box Face Recognition Models via Diffusion Models","display_name":"SAP-DIFF: Semantic Adversarial Patch Generation for Black-Box Face Recognition Models via Diffusion Models","publication_year":2025,"publication_date":"2025-06-25","ids":{"openalex":"https://openalex.org/W4411635516","doi":"https://doi.org/10.1145/3731715.3733425"},"language":"en","primary_location":{"id":"doi:10.1145/3731715.3733425","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3731715.3733425","pdf_url":null,"source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2025 International Conference on Multimedia Retrieval","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://doi.org/10.1145/3731715.3733425","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5074024282","display_name":"M. Wang","orcid":null},"institutions":[{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Mingsi Wang","raw_affiliation_strings":["State Key Laboratory of Cyberspace Security Defense, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China and School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"State Key Laboratory of Cyberspace Security Defense, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China and School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I4210165038"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5109651995","display_name":"Shun Yao","orcid":null},"institutions":[{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Shuaiyin Yao","raw_affiliation_strings":["State Key Laboratory of Cyberspace Security Defense, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China and School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"State Key Laboratory of Cyberspace Security Defense, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China and School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I4210165038"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5109799726","display_name":"Chang Yue","orcid":null},"institutions":[{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Chang Yue","raw_affiliation_strings":["State Key Laboratory of Cyberspace Security Defense, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China and School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"State Key Laboratory of Cyberspace Security Defense, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China and School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I4210165038"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100357409","display_name":"Lijie Zhang","orcid":"https://orcid.org/0009-0007-5515-9376"},"institutions":[{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Lijie Zhang","raw_affiliation_strings":["State Key Laboratory of Cyberspace Security Defense, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China and School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"State Key Laboratory of Cyberspace Security Defense, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China and School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I4210165038"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5017417068","display_name":"Guozhu Meng","orcid":"https://orcid.org/0000-0001-6388-2571"},"institutions":[{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Guozhu Meng","raw_affiliation_strings":["State Key Laboratory of Cyberspace Security Defense, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China and School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"State Key Laboratory of Cyberspace Security Defense, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China and School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I4210165038"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5074024282"],"corresponding_institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I4210165038"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.12938055,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"1404","last_page":"1413"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11448","display_name":"Face recognition and analysis","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1707","display_name":"Computer Vision and Pattern Recognition"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11448","display_name":"Face recognition and analysis","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1707","display_name":"Computer Vision and Pattern Recognition"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9929999709129333,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10775","display_name":"Generative Adversarial Networks and Image Synthesis","score":0.9919999837875366,"subfield":{"id":"https://openalex.org/subfields/1707","display_name":"Computer Vision and Pattern Recognition"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7278184294700623},{"id":"https://openalex.org/keywords/face","display_name":"Face (sociological concept)","score":0.6587556600570679},{"id":"https://openalex.org/keywords/black-box","display_name":"Black box","score":0.6187878251075745},{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.598234236240387},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.5554811358451843},{"id":"https://openalex.org/keywords/diffusion","display_name":"Diffusion","score":0.48852407932281494},{"id":"https://openalex.org/keywords/facial-recognition-system","display_name":"Facial recognition system","score":0.4283844828605652},{"id":"https://openalex.org/keywords/pattern-recognition","display_name":"Pattern recognition (psychology)","score":0.3408169746398926},{"id":"https://openalex.org/keywords/physics","display_name":"Physics","score":0.059735238552093506}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7278184294700623},{"id":"https://openalex.org/C2779304628","wikidata":"https://www.wikidata.org/wiki/Q3503480","display_name":"Face (sociological concept)","level":2,"score":0.6587556600570679},{"id":"https://openalex.org/C94966114","wikidata":"https://www.wikidata.org/wiki/Q29256","display_name":"Black box","level":2,"score":0.6187878251075745},{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.598234236240387},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.5554811358451843},{"id":"https://openalex.org/C69357855","wikidata":"https://www.wikidata.org/wiki/Q163214","display_name":"Diffusion","level":2,"score":0.48852407932281494},{"id":"https://openalex.org/C31510193","wikidata":"https://www.wikidata.org/wiki/Q1192553","display_name":"Facial recognition system","level":3,"score":0.4283844828605652},{"id":"https://openalex.org/C153180895","wikidata":"https://www.wikidata.org/wiki/Q7148389","display_name":"Pattern recognition (psychology)","level":2,"score":0.3408169746398926},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.059735238552093506},{"id":"https://openalex.org/C36289849","wikidata":"https://www.wikidata.org/wiki/Q34749","display_name":"Social science","level":1,"score":0.0},{"id":"https://openalex.org/C144024400","wikidata":"https://www.wikidata.org/wiki/Q21201","display_name":"Sociology","level":0,"score":0.0},{"id":"https://openalex.org/C97355855","wikidata":"https://www.wikidata.org/wiki/Q11473","display_name":"Thermodynamics","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3731715.3733425","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3731715.3733425","pdf_url":null,"source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2025 International Conference on Multimedia Retrieval","raw_type":"proceedings-article"}],"best_oa_location":{"id":"doi:10.1145/3731715.3733425","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3731715.3733425","pdf_url":null,"source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2025 International Conference on Multimedia Retrieval","raw_type":"proceedings-article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":44,"referenced_works":["https://openalex.org/W2022590153","https://openalex.org/W2096733369","https://openalex.org/W2145287260","https://openalex.org/W2418633638","https://openalex.org/W2535873859","https://openalex.org/W2788741149","https://openalex.org/W2905342581","https://openalex.org/W2932026309","https://openalex.org/W2945735611","https://openalex.org/W2962898354","https://openalex.org/W2963342110","https://openalex.org/W2963428752","https://openalex.org/W2969664989","https://openalex.org/W2969985801","https://openalex.org/W2970534682","https://openalex.org/W2972986629","https://openalex.org/W2973021304","https://openalex.org/W2991429372","https://openalex.org/W3015646845","https://openalex.org/W3110144845","https://openalex.org/W3119391778","https://openalex.org/W3125713917","https://openalex.org/W3150974997","https://openalex.org/W3171792482","https://openalex.org/W3179647175","https://openalex.org/W3180355996","https://openalex.org/W3201386741","https://openalex.org/W4282936640","https://openalex.org/W4298184887","https://openalex.org/W4306309425","https://openalex.org/W4312918928","https://openalex.org/W4312933868","https://openalex.org/W4366396176","https://openalex.org/W4386076048","https://openalex.org/W4386076532","https://openalex.org/W4388283710","https://openalex.org/W4388867283","https://openalex.org/W4390872822","https://openalex.org/W4393160691","https://openalex.org/W4402623739","https://openalex.org/W4403422358","https://openalex.org/W4403579163","https://openalex.org/W4405181589","https://openalex.org/W4405181995"],"related_works":["https://openalex.org/W2502115930","https://openalex.org/W2482350142","https://openalex.org/W4246396837","https://openalex.org/W3126451824","https://openalex.org/W1561927205","https://openalex.org/W3191453585","https://openalex.org/W4297672492","https://openalex.org/W4310988119","https://openalex.org/W3009622996","https://openalex.org/W2384651879"],"abstract_inverted_index":{"Given":[0],"the":[1,5,83,121,140,144,158,200,209],"need":[2,84],"to":[3,39,48,81,113,135,139,154,208],"evaluate":[4],"robustness":[6],"of":[7,58,146,191,202],"face":[8],"recognition":[9],"(FR)":[10],"models,":[11],"many":[12],"efforts":[13],"have":[14],"focused":[15],"on":[16,62,171],"adversarial":[17,35,70,115,147],"patch":[18,71],"attacks":[19,29,64,79],"that":[20,109,178],"mislead":[21],"FR":[22,66,173],"models":[23,112,174],"by":[24,204],"introducing":[25],"localized":[26],"perturbations.":[27],"Impersonation":[28],"are":[30],"a":[31,105,150,197],"significant":[32],"threat":[33],"because":[34],"perturbations":[36,119,156],"allow":[37],"attackers":[38],"disguise":[40],"themselves":[41],"as":[42],"legitimate":[43],"users.":[44],"This":[45],"can":[46],"lead":[47],"severe":[49],"consequences,":[50],"including":[51],"data":[52],"breaches,":[53],"system":[54],"damage,":[55],"and":[56,94,149,167,175,196],"misuse":[57],"resources.":[59],"However,":[60],"research":[61],"such":[63],"in":[65,77,120,199],"remains":[67],"limited.":[68],"Existing":[69],"generation":[72],"methods":[73],"exhibit":[74],"limited":[75],"efficacy":[76],"impersonation":[78],"due":[80],"(1)":[82],"for":[85],"high":[86],"attacker":[87],"capabilities,":[88],"(2)":[89],"low":[90],"attack":[91,165,187],"success":[92,188],"rates,":[93],"(3)":[95],"excessive":[96],"query":[97],"requirements.":[98],"To":[99],"address":[100],"these":[101],"challenges,":[102],"we":[103],"propose":[104],"novel":[106],"method":[107,180],"SAP-DIFF":[108],"leverages":[110],"diffusion":[111],"generate":[114,136],"patches":[116],"via":[117],"semantic":[118],"latent":[122],"space":[123],"rather":[124],"than":[125],"direct":[126],"pixel":[127],"manipulation.":[128],"We":[129],"introduce":[130],"an":[131,185],"attention":[132],"disruption":[133],"mechanism":[134],"features":[137],"unrelated":[138],"original":[141],"face,":[142],"facilitating":[143],"creation":[145],"samples":[148],"directional":[151],"loss":[152],"function":[153],"guide":[155],"toward":[157],"target":[159],"identity's":[160],"feature":[161],"space,":[162],"thereby":[163],"enhancing":[164],"effectiveness":[166],"efficiency.":[168],"Extensive":[169],"experiments":[170],"popular":[172],"datasets":[176],"demonstrate":[177],"our":[179],"outperforms":[181],"state-of-the-art":[182],"approaches,":[183],"achieving":[184],"average":[186],"rate":[189],"improvement":[190],"45.66%":[192],"(all":[193],"exceeding":[194],"40%),":[195],"reduction":[198],"number":[201],"queries":[203],"about":[205],"40%":[206],"compared":[207],"SOTA":[210],"approach.":[211]},"counts_by_year":[],"updated_date":"2026-03-27T05:58:40.876381","created_date":"2025-10-10T00:00:00"}