Go to OpenReview Archive homepageAdversarial Attack Resilient Computational Modeling for Person Re-Identification in Visual IoT Applications
Abstract: As edge computing devices for Internet of Things (IoT) applications become more capable, the demand for data-driven deep neural network (DNN)-based algorithms grows. However, this leads to increased model vulnerability to adversarial attack. The visual IoT (VIoT), a subdomain of IoT, has a great need for methods to improve the robustness of algorithms to such attacks, along with person re-identification (Re-ID) through the 3-D skeleton-based gait analysis. For other domains, either adversarial training or synthetic data augmentation has been shown to improve model performance in benign and adversarial attack cases. However, a combined approach that leverages both for robust classification in IoT has yet to be studied for 3-D skeleton-based Re-ID. In addition, assessment of 3-D skeleton-based Re-ID model vulnerability to adversarial attacks along with methods to improve robustness against such attacks is a critical literature gap. This work seeks to address these gaps by proposing an adversarial attack-tolerant computational framework for 3-D skeleton-based Re-ID. Our approach, for the first time in the literature, leverages both synthetic data augmentation using a generative adversarial network (GAN) and adversarial training through transfer learning of 3-D skeleton data on a convolutional neural network (CNN) for person Re-ID. We evaluate the robustness of our method against seven popular adversarial attacks across four unique Re-ID 3-D skeleton datasets. We demonstrate how our method responds to varying amounts of real data and study the viability of our method for deployment on edge devices. Our findings show that the proposed approach improves test accuracy in both the benign and adversarial cases. Our method is deployable to small and inexpensive edge devices popular in IoT such as the Raspberry Pi microcomputer.
Loading