A Genetic Attack Against Machine Learning Classifiers to Steal Biometric Actigraphy Profiles from Health Related Sensor Data

In this work, we propose the use of a genetic-algorithm-based attack against machine learning classifiers with the aim of ‘stealing’ users’ biometric actigraphy profiles from health related sensor data. The target classification model uses daily actigraphy patterns for user identification. The biome...

Descripción completa

Detalles Bibliográficos
Autores principales: Garcia-Ceja, Enrique, Morin, Brice, Aguilar-Rivera, Anton, Riegler, Michael Alexander
Formato: Online Artículo Texto
Lenguaje:English
Publicado: Springer US 2020
Materias:
Image & Signal Processing
Acceso en línea:https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7497442/
https://www.ncbi.nlm.nih.gov/pubmed/32929615
http://dx.doi.org/10.1007/s10916-020-01646-y
_version_ 1783583319317807104
author Garcia-Ceja, Enrique
Morin, Brice
Aguilar-Rivera, Anton
Riegler, Michael Alexander
author_facet Garcia-Ceja, Enrique
Morin, Brice
Aguilar-Rivera, Anton
Riegler, Michael Alexander
author_sort Garcia-Ceja, Enrique
collection PubMed
description In this work, we propose the use of a genetic-algorithm-based attack against machine learning classifiers with the aim of ‘stealing’ users’ biometric actigraphy profiles from health related sensor data. The target classification model uses daily actigraphy patterns for user identification. The biometric profiles are modeled as what we call impersonator examples which are generated based solely on the predictions’ confidence score by repeatedly querying the target classifier. We conducted experiments in a black-box setting on a public dataset that contains actigraphy profiles from 55 individuals. The data consists of daily motion patterns recorded with an actigraphy device. These patterns can be used as biometric profiles to identify each individual. Our attack was able to generate examples capable of impersonating a target user with a success rate of 94.5%. Furthermore, we found that the impersonator examples have high transferability to other classifiers trained with the same training set. We also show that the generated biometric profiles have a close resemblance to the ground truth profiles which can lead to sensitive data exposure, like revealing the time of the day an individual wakes-up and goes to bed.
format Online
Article
Text
id pubmed-7497442
institution National Center for Biotechnology Information
language English
publishDate 2020
publisher Springer US
record_format MEDLINE/PubMed
spelling pubmed-74974422020-10-01 A Genetic Attack Against Machine Learning Classifiers to Steal Biometric Actigraphy Profiles from Health Related Sensor Data Garcia-Ceja, Enrique Morin, Brice Aguilar-Rivera, Anton Riegler, Michael Alexander J Med Syst Image & Signal Processing In this work, we propose the use of a genetic-algorithm-based attack against machine learning classifiers with the aim of ‘stealing’ users’ biometric actigraphy profiles from health related sensor data. The target classification model uses daily actigraphy patterns for user identification. The biometric profiles are modeled as what we call impersonator examples which are generated based solely on the predictions’ confidence score by repeatedly querying the target classifier. We conducted experiments in a black-box setting on a public dataset that contains actigraphy profiles from 55 individuals. The data consists of daily motion patterns recorded with an actigraphy device. These patterns can be used as biometric profiles to identify each individual. Our attack was able to generate examples capable of impersonating a target user with a success rate of 94.5%. Furthermore, we found that the impersonator examples have high transferability to other classifiers trained with the same training set. We also show that the generated biometric profiles have a close resemblance to the ground truth profiles which can lead to sensitive data exposure, like revealing the time of the day an individual wakes-up and goes to bed. Springer US 2020-09-15 2020 /pmc/articles/PMC7497442/ /pubmed/32929615 http://dx.doi.org/10.1007/s10916-020-01646-y Text en © The Author(s) 2020 Open AccessThis article is licensed under a Creative Commons Attribution 4.0 International License, which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence, and indicate if changes were made. The images or other third party material in this article are included in the article's Creative Commons licence, unless indicated otherwise in a credit line to the material. If material is not included in the article's Creative Commons licence and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder. To view a copy of this licence, visit http://creativecommons.org/licenses/by/4.0/.
spellingShingle Image & Signal Processing
Garcia-Ceja, Enrique
Morin, Brice
Aguilar-Rivera, Anton
Riegler, Michael Alexander
A Genetic Attack Against Machine Learning Classifiers to Steal Biometric Actigraphy Profiles from Health Related Sensor Data
title A Genetic Attack Against Machine Learning Classifiers to Steal Biometric Actigraphy Profiles from Health Related Sensor Data
title_full A Genetic Attack Against Machine Learning Classifiers to Steal Biometric Actigraphy Profiles from Health Related Sensor Data
title_fullStr A Genetic Attack Against Machine Learning Classifiers to Steal Biometric Actigraphy Profiles from Health Related Sensor Data
title_full_unstemmed A Genetic Attack Against Machine Learning Classifiers to Steal Biometric Actigraphy Profiles from Health Related Sensor Data
title_short A Genetic Attack Against Machine Learning Classifiers to Steal Biometric Actigraphy Profiles from Health Related Sensor Data
title_sort genetic attack against machine learning classifiers to steal biometric actigraphy profiles from health related sensor data
topic Image & Signal Processing
url https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7497442/
https://www.ncbi.nlm.nih.gov/pubmed/32929615
http://dx.doi.org/10.1007/s10916-020-01646-y
work_keys_str_mv AT garciacejaenrique ageneticattackagainstmachinelearningclassifierstostealbiometricactigraphyprofilesfromhealthrelatedsensordata
AT morinbrice ageneticattackagainstmachinelearningclassifierstostealbiometricactigraphyprofilesfromhealthrelatedsensordata
AT aguilarriveraanton ageneticattackagainstmachinelearningclassifierstostealbiometricactigraphyprofilesfromhealthrelatedsensordata
AT rieglermichaelalexander ageneticattackagainstmachinelearningclassifierstostealbiometricactigraphyprofilesfromhealthrelatedsensordata
AT garciacejaenrique geneticattackagainstmachinelearningclassifierstostealbiometricactigraphyprofilesfromhealthrelatedsensordata
AT morinbrice geneticattackagainstmachinelearningclassifierstostealbiometricactigraphyprofilesfromhealthrelatedsensordata
AT aguilarriveraanton geneticattackagainstmachinelearningclassifierstostealbiometricactigraphyprofilesfromhealthrelatedsensordata
AT rieglermichaelalexander geneticattackagainstmachinelearningclassifierstostealbiometricactigraphyprofilesfromhealthrelatedsensordata

Ejemplares similares