Red Bleed: A Pragmatic Near-Infrared Presentation Attack on Facial Biometric Authentication Systems
Bowen Hu
34th USENIX Security Symposium (USENIX Security '25) · Day 3 · Authentication
In an era where facial recognition has become ubiquitous, securing these systems against sophisticated impersonation attempts is paramount. This talk, "Red Bleed: A Pragmatic Near-Infrared Presentation Attack on Facial Biometric Authentication Systems," presented by Bowen Hu from Nanyang Technological University, unveils a critical vulnerability in facial recognition systems that rely on **near-infrared (NIR)** imaging for anti-spoofing. The research, conducted in collaboration with Dr. Kolong and Professor Chip Hong Chong, demonstrates a novel and practical method to bypass these systems by crafting a digital display capable of projecting realistic NIR facial images.
AI review
Solid, original hardware-meets-ML attack research that cracks a widely held assumption — that NIR imaging is inherently spoof-resistant — with a reproducible, low-cost ($350) physical build and a generative model that removes the hardest practical prerequisite. 100% success rate against Windows Hello across three major OEMs and a resulting CVE make this more than an academic exercise.