Adar: Adversarial activity recognition in wearables

Ramesh Kumar Sah, Hassan Ghasemzadeh

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Scopus citations

Abstract

Recent advances in machine learning and deep neural networks have led to the realization of many important applications in the area of personalized medicine. Whether it is detecting activities of daily living or analyzing images for cancerous cells, machine learning algorithms have become the dominant choice for such emerging applications. In particular, the state-of-the-art algorithms used for human activity recognition (HAR) using wearable inertial sensors utilize machine learning algorithms to detect health events and to make predictions from sensor data. Currently, however, there remains a gap in research on whether or not and how activity recognition algorithms may become the subject of adversarial attacks. In this paper, we take the first strides on (1) investigating methods of generating adversarial example in the context of HAR systems; (2) studying the vulnerability of activity recognition models to adversarial examples in feature and signal domain; and (3) investigating the effects of adversarial training on HAR systems. We introduce Adar11Software code and experimental data for Adar are available online at https://github.com/rameshKrSah/Adar., a novel computational framework for optimization-driven creation of adversarial examples in sensor-based activity recognition systems. Through extensive analysis based on real sensor data collected with human subjects, we found that simple evasion attacks are able to decrease the accuracy of a deep neural network from 95.1% to 3.4% and from 93.1% to 16.8% in the case of a convolutional neural network. With adversarial training, the robustness of the deep neural network increased on the adversarial examples by 49.1% in the worst case while the accuracy on clean samples decreased by 13.2%.

Original languageEnglish (US)
Title of host publication2019 IEEE/ACM International Conference on Computer-Aided Design, ICCAD 2019 - Digest of Technical Papers
PublisherInstitute of Electrical and Electronics Engineers Inc.
ISBN (Electronic)9781728123509
DOIs
StatePublished - Nov 2019
Externally publishedYes
Event38th IEEE/ACM International Conference on Computer-Aided Design, ICCAD 2019 - Westin Westminster, United States
Duration: Nov 4 2019Nov 7 2019

Publication series

NameIEEE/ACM International Conference on Computer-Aided Design, Digest of Technical Papers, ICCAD
Volume2019-November
ISSN (Print)1092-3152

Conference

Conference38th IEEE/ACM International Conference on Computer-Aided Design, ICCAD 2019
Country/TerritoryUnited States
CityWestin Westminster
Period11/4/1911/7/19

ASJC Scopus subject areas

  • Software
  • Computer Science Applications
  • Computer Graphics and Computer-Aided Design

Fingerprint

Dive into the research topics of 'Adar: Adversarial activity recognition in wearables'. Together they form a unique fingerprint.

Cite this