The ability of Deep Neural Networks (DNNs) to make fast predictions with high accuracy made them very popular in real-time applications. DNNs are nowadays in use for secure access to services or mobile devices. However, as DNNs use increased, at the same time attack techniques are born to “break” them. This paper presents a particular way to fool DNNs by moving from one spectrum to another one. The application field we explore is face recognition. The attack is first built on a trained Face DNN on Visible, Near Infrared or Thermal images, then transposed to another spectrum to fool another DNN. The attacks performed are based on the Fast Gradient Sign Method with the aim to misclassify the subject knowing the DNN to attack (White-Box Attack) but without knowing the DNN on which the attack will be transposed (Black-Box Attack). Results show that this cross-spectral attack is able to fool the most popular DNN architectures. In worst cases the DNN becomes useless to perform face recognition after the attack.

深度神经网络（DNN）能够以高精度进行快速预测的能力使其在实时应用中非常受欢迎。如今，DNN用于安全访问服务或移动设备。但是，随着DNN的使用增加，攻击技术应运而生，以“破坏”它们。本文提出了一种通过从一种频谱转移到另一种频谱来欺骗DNN的特殊方法。我们探索的应用领域是人脸识别。攻击首先建立在经过训练的人脸DNN上，以可见，近红外或热图像为基础，然后将其转换为另一个光谱以欺骗另一个DNN。所执行的攻击基于快速梯度符号方法，目的是将知道要攻击的DNN（白盒攻击）但不知道将在其上进行攻击的DNN（黑盒攻击）错误地对主体进行分类。结果表明，这种跨频谱攻击能够欺骗最流行的DNN架构。在最坏的情况下，攻击后DNN无法执行面部识别。