Security of pattern recognition systems in adversarial environments

TitleSecurity of pattern recognition systems in adversarial environments
Publication TypeMiscellaneous
Year of Publication2012
AuthorsBiggio, B, Fumera, G, Marcialis, GL, Roli, F

Pattern recognition and machine learning techniques are also used in adversarial settings, like biometric authentication, network intrusion detection, and spam filtering, in which intelligent and adaptive adversaries may manipulate data to undermine their operation. This behaviour raises three main open problems: (i) understanding potential vulnerabilities of pattern recognition techniques; (ii) evaluating their security, namely, the performance degradation under the corresponding attacks; and (iii) developing pattern recognition systems robust to attacks. In this work we summarize our contributions to the field, in particular, to the security evaluation of classifiers in adversarial settings. We shortly discuss the main aspects of a framework which we have recently proposed to address this issue, and present three examples in the above mentioned applications. Further, we briefly discuss our experimental findings related to the security of multimodal biometric systems, where fake biometric traits can be used to mislead user verification. These results were obtained in the context of the FP 7 European Project “Tabula Rasa”, in which our research group is involved.

Citation Keybiggio12-girpr
biggio12-girpr.pdf235.41 KB