An autonomous decision-making framework for gait recognition systems against adversarial attack using reinforcement learning.

Journal: ISA transactions
PMID: 36494214

Abstract

Gait identification based on Deep Learning (DL) techniques has recently emerged as biometric technology for surveillance. We leveraged the vulnerabilities and decision-making abilities of the DL model in gait-based autonomous surveillance systems when attackers have no access to underlying model gradients/structures using a patch-based black-box adversarial attack with Reinforcement Learning (RL). These automated surveillance systems are secured, blocking the attacker's access. Therefore, the attack can be conducted in an RL framework where the agent's goal is determining the optimal image location, causing the model to perform incorrectly when perturbed with random pixels. Furthermore, the proposed adversarial attack presents encouraging results (maximum success rate = 77.59%). Researchers should explore system resilience scenarios (e.g., when attackers have no system access) before using these models in surveillance applications.

Authors

  • Muazzam Maqsood
    Department of Computer Science, COMSATS University Islamabad, Attock Campus, Attock, Pakistan.
  • Sadaf Yasmin
    Department of Computer Science, COMSATS University Islamabad, Attock Campus, Attock, Pakistan.
  • Saira Gillani
    Department of Information technology and Computer science, University of Central Punjab, Lahore, Pakistan.
  • Farhan Aadil
    Department of Computer Science, COMSATS University Islamabad, Attock Campus, Attock, Pakistan.
  • Irfan Mehmood
    Department of Computer Science and Engineering, Sejong University, Seoul, Republic of Korea.
  • Seungmin Rho
    Department of Industrial Security, Chung-Ang University, Seoul, Republic of Korea (06974).
  • Sang-Soo Yeo
    Department of Computer Engineering, Mokwon University, Daejeon, 35349, Republic of Korea.

Keywords

External Resources

Popular Topics
Recent Journals