{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,27]],"date-time":"2026-04-27T10:55:14Z","timestamp":1777287314208,"version":"3.51.4"},"publisher-location":"Cham","reference-count":36,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783031547751","type":"print"},{"value":"9783031547768","type":"electronic"}],"license":[{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2024]]},"DOI":"10.1007\/978-3-031-54776-8_17","type":"book-chapter","created":{"date-parts":[[2024,2,28]],"date-time":"2024-02-28T07:02:36Z","timestamp":1709103756000},"page":"432-459","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Living a\u00a0Lie: Security Analysis of\u00a0Facial Liveness Detection Systems in\u00a0Mobile Apps"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-1686-4981","authenticated-orcid":false,"given":"Xianbo","family":"Wang","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6387-8043","authenticated-orcid":false,"given":"Kaixuan","family":"Luo","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1179-7855","authenticated-orcid":false,"given":"Wing Cheong","family":"Lau","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2024,2,29]]},"reference":[{"key":"17_CR1","unstructured":"Baydakova, A.: For \\$200, You Can Trade Crypto With a Fake ID. https:\/\/www.coindesk.com\/policy\/2021\/10\/19\/for-200-you-can-trade-crypto-with-a-fake-id\/"},{"key":"17_CR2","doi-asserted-by":"crossref","unstructured":"Liu, T., Yang, B., Geng, Y., Du, S.: Research on face recognition and privacy in china-based on social cognition and cultural psychology. Front. Psychol. 12, 809736 (2021). https:\/\/www.frontiersin.org\/articles\/10.3389\/fpsyg.2021.809736","DOI":"10.3389\/fpsyg.2021.809736"},{"key":"17_CR3","unstructured":"Borak, M.: Chinese government-run facial recognition system hacked by tax fraudsters: report. https:\/\/www.scmp.com\/tech\/tech-trends\/article\/3127645\/chinese-government-run-facial-recognition-system-hacked-tax"},{"key":"17_CR4","unstructured":"Tang, A.: How a young hacker breaks the facial recognition system of Xiamen Bank app. https:\/\/china-caixin-com.translate.goog\/2020-03-12\/101527373.html?_x_tr_sl=auto &_x_tr_tl=en &_x_tr_hl=en-US &_x_tr_pto=wapp"},{"key":"17_CR5","first-page":"2673","volume-title":"\u201cSeeing is living? rethinking the security of facial liveness verification in the deepfake era,\u201d in 31st USENIX Security Symposium (USENIX Security 22)","author":"C Li","year":"2022","unstructured":"Li, C., et al.: \u201cSeeing is living? rethinking the security of facial liveness verification in the deepfake era,\u2019\u2019 in 31st USENIX Security Symposium (USENIX Security 22), pp. 2673\u20132690. USENIX Association, Boston, MA (2022)"},{"issue":"1","key":"17_CR6","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3425780","volume":"54","author":"Y Mirsky","year":"2021","unstructured":"Mirsky, Y., Lee, W.: The creation and detection of deepfakes: a survey. ACM Comput. Surv. (CSUR) 54(1), 1\u201341 (2021)","journal-title":"ACM Comput. Surv. (CSUR)"},{"key":"17_CR7","unstructured":"MobiTeC, C.: Security analysis of facial liveness detection systems in mobile apps (2023). https:\/\/mobitec.ie.cuhk.edu.hk\/facesdk"},{"issue":"1","key":"17_CR8","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3038924","volume":"50","author":"R Ramachandra","year":"2017","unstructured":"Ramachandra, R., Busch, C.: Presentation attack detection methods for face recognition systems: a comprehensive survey. ACM Comput. Surv.(CSUR) 50(1), 1\u201337 (2017)","journal-title":"ACM Comput. Surv.(CSUR)"},{"key":"17_CR9","doi-asserted-by":"crossref","unstructured":"Tang, D., Zhou, Z., Zhang, Y., Zhang, K.: Face flashing: a secure liveness detection protocol based on light reflections. In: 25th Annual Network and Distributed System Security Symposium, NDSS 2018, San Diego, California, USA, February 18\u201321 (2018)","DOI":"10.14722\/ndss.2018.23176"},{"key":"17_CR10","doi-asserted-by":"crossref","unstructured":"Chakraborty, S., Das, D.: An overview of face liveness detection. arXiv preprint arXiv:1405.2227 (2014)","DOI":"10.5121\/ijit.2014.3202"},{"key":"17_CR11","unstructured":"Facia: The future of faical recognition (2023). https:\/\/facia.ai\/wp-content\/uploads\/2023\/05\/The-Future-of-Facial-Recognition.pdf"},{"key":"17_CR12","doi-asserted-by":"crossref","unstructured":"Deng, Z., Chen, K., Meng, G., Zhang, X., Xu, K., Cheng, Y.: Understanding real-world threats to deep learning models in android apps. In: Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, pp. 785\u2013799 (2022)","DOI":"10.1145\/3548606.3559388"},{"key":"17_CR13","doi-asserted-by":"crossref","unstructured":"Junod, P., Rinaldini, J., Wehrli, J., Michielin, J.: Obfuscator-llvm-software protection for the masses. In: IEEE\/ACM 1st International Workshop on Software Protection. IEEE 2015, pp. 3\u20139 (2015)","DOI":"10.1109\/SPRO.2015.10"},{"key":"17_CR14","unstructured":"\u2018Shrink, obfuscate, and optimize your app. https:\/\/developer.android.com\/studio\/build\/shrink-code"},{"key":"17_CR15","unstructured":"Sun, Z., Sun, R., Lu, L., Mislove, A.: Mind your weight(s): a large-scale study on insufficient machine learning model protection in mobile apps. In: 30th USENIX Security Symposium (USENIX Security 21). USENIX Association, Aug. 2021, pp. 1955\u20131972 (2021)"},{"key":"17_CR16","unstructured":"Android Developers. Storage updates in Android 11. https:\/\/developer.android.com\/about\/versions\/11\/privacy\/storage"},{"key":"17_CR17","doi-asserted-by":"crossref","unstructured":"Yan, Y., et al.: Understanding and detecting overlay-based android malware at market scales. In: Proceedings of the 17th Annual International Conference on Mobile Systems, Applications, and Services, 2019, pp. 168\u2013179 (2019)","DOI":"10.1145\/3307334.3326094"},{"key":"17_CR18","doi-asserted-by":"crossref","unstructured":"Wang, X., Shi, S., Chen, Y., Lau, W.C.: Phyjacking: physical input hijacking for zero-permission authorization attacks on android. In: Proceedings 2022 Network and Distributed System Security Symposium. NDSS (2022)","DOI":"10.14722\/ndss.2022.24097"},{"key":"17_CR19","doi-asserted-by":"crossref","unstructured":"Fett, D., K\u00fcsters, R., Schmitz, G.: A comprehensive formal security analysis of OAuth 2.0. In: Proceedings of the ACM Conference on Computer and Communications Security, vol. 24\u201328-Octo, pp. 1204\u20131215 (2016)","DOI":"10.1145\/2976749.2978385"},{"key":"17_CR20","unstructured":"Ghasemisharif, M., Ramesh, A., Checkoway, S., Kanich, C., Polakis, J.: O single Sign-Off, where art thou? an empirical analysis of single Sign-On account hijacking and session management on the web. In: 27th USENIX Security Symposium (USENIX Security 18), Aug 2018, pp. 1475\u20131492 (2018)"},{"key":"17_CR21","doi-asserted-by":"crossref","unstructured":"Duan, Y., et al.: Things you may not know about android (un) packers: a systematic study based on whole-system emulation. In: NDSS (2018)","DOI":"10.14722\/ndss.2018.23296"},{"key":"17_CR22","unstructured":"rednaga. APKiD - Android Application Identifier. https:\/\/github.com\/rednaga\/APKiD"},{"key":"17_CR23","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"293","DOI":"10.1007\/978-3-319-24177-7_15","volume-title":"Computer Security \u2013 ESORICS 2015","author":"Y Zhang","year":"2015","unstructured":"Zhang, Y., Luo, X., Yin, H.: DexHunter: toward extracting hidden code from packed android applications. In: Pernul, G., Ryan, P.Y.A., Weippl, E. (eds.) ESORICS 2015. LNCS, vol. 9327, pp. 293\u2013311. Springer, Cham (2015). https:\/\/doi.org\/10.1007\/978-3-319-24177-7_15"},{"key":"17_CR24","doi-asserted-by":"crossref","unstructured":"Ibrahim, M., Imran, A., Bianchi, A.: Safetynot: on the usage of the safetynet attestation api in android. In: Proceedings of the 19th Annual International Conference on Mobile Systems, Applications, and Services, 2021, pp. 150\u2013162 (2021)","DOI":"10.1145\/3458864.3466627"},{"key":"17_CR25","doi-asserted-by":"crossref","unstructured":"Bianchi, A., et al.: Broken fingers: on the usage of the fingerprint api in android. In: oDSS (2018)","DOI":"10.14722\/ndss.2018.23079"},{"key":"17_CR26","volume-title":"Trustfa: Trustzone-assisted facial authentication on smartphone","author":"D Zhang","year":"2014","unstructured":"Zhang, D.: Trustfa: Trustzone-assisted facial authentication on smartphone. Tech, Rep (2014)"},{"key":"17_CR27","doi-asserted-by":"crossref","unstructured":"Bayerl, S.P., et al.: Offline model guard: Secure and private ml on mobile devices, In: Design, Automation and Test in Europe Conference & Exhibition (DATE). IEEE, pp. 460\u2013465 (2020)","DOI":"10.23919\/DATE48585.2020.9116560"},{"key":"17_CR28","unstructured":"Kurakin, A., Goodfellow, I., Bengio, S.: Adversarial machine learning at scale. arXiv preprint arXiv:1611.01236 (2016)"},{"key":"17_CR29","doi-asserted-by":"crossref","unstructured":"Goswami, G., Ratha, N., Agarwal, A., Singh, R., Vatsa, M.: Unravelling robustness of deep learning based face recognition against adversarial attacks. In: Proceedings of the AAAI Conference on Artificial Intelligence, vol. 32, no. 1, (2018)","DOI":"10.1609\/aaai.v32i1.12341"},{"key":"17_CR30","doi-asserted-by":"crossref","unstructured":"Sharif, M., Bhagavatula, S., Bauer, L., Reiter, M.K.: Accessorize to a crime: real and stealthy attacks on state-of-the-art face recognition. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, 2016, pp. 1528\u20131540 (2016)","DOI":"10.1145\/2976749.2978392"},{"key":"17_CR31","doi-asserted-by":"crossref","unstructured":"Westerlund, M.: The emergence of deepfake technology: a review. Technol. Innov. Manage. Rev. 9(11) (2019)","DOI":"10.22215\/timreview\/1282"},{"key":"17_CR32","unstructured":"Chen, Y., Ma, B., Ma, Z.: Biometric authentication under threat: liveness detection hacking, Black Hat USA (2019)"},{"key":"17_CR33","doi-asserted-by":"crossref","unstructured":"Al Rahat, T., Feng, Y., Tian, Y.: Oauthlint: an empirical study on oauth bugs in android applications. In: 2019 34th IEEE\/ACM International Conference on Automated Software Engineering (ASE), 2019, pp. 293\u2013304 (2019)","DOI":"10.1109\/ASE.2019.00036"},{"key":"17_CR34","doi-asserted-by":"publisher","unstructured":"Shi, S., Wang, X., Lau, W.C.: Mossot: an automated blackbox tester for single sign-on vulnerabilities in mobile applications. In: Proceedings of the 2019 ACM Asia Conference on Computer and Communications Security, ser. Asia CCS \u201919. New York, NY, USA: Association for Computing Machinery, 2019, p. 269\u2013282. https:\/\/doi.org\/10.1145\/3321705.3329801","DOI":"10.1145\/3321705.3329801"},{"key":"17_CR35","doi-asserted-by":"crossref","unstructured":"Yang, W., Li, J., Zhang, Y., Gu, D.: Security analysis of third-party in-app payment in mobile applications. J. Inform. Secur. Appl. 48, 102358 (2019). https:\/\/www.sciencedirect.com\/science\/article\/pii\/S2214212619301632","DOI":"10.1016\/j.jisa.2019.102358"},{"key":"17_CR36","doi-asserted-by":"crossref","unstructured":"Zhang, X., et al.: Understanding the (in) security of cross-side face verification systems in mobile apps: a system perspective. In: IEEE Symposium on Security and Privacy (SP). IEEE Computer Society 2023, pp. 934\u2013950 (2023)","DOI":"10.1109\/SP46215.2023.10179474"}],"container-title":["Lecture Notes in Computer Science","Applied Cryptography and Network Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-54776-8_17","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,3,5]],"date-time":"2024-03-05T16:18:39Z","timestamp":1709655519000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-54776-8_17"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024]]},"ISBN":["9783031547751","9783031547768"],"references-count":36,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-54776-8_17","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024]]},"assertion":[{"value":"29 February 2024","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ACNS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Applied Cryptography and Network Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Abu Dhabi","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"United Arab Emirates","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2024","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"5 March 2024","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"8 March 2024","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"22","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"acns2024","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/wp.nyu.edu\/acns2024\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"HotCRP","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"230","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"54","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"23% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"4","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"4-6","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}