Attack Assessment and Augmented Identity Recognition for Human Skeleton Data

Computer Science > Machine Learning [Submitted on 25 Mar 2026] Attack Assessment and Augmented Identity Recognition for Human Skeleton Data Joseph G. Zalameda, Megan A. Witherow, Alexander M. Glandon, Jose Aguilera, Khan M. Iftekharuddin Machine learning models trained on small data sets for security applications are especially vulnerable to adversarial attacks. Person identification from LiDAR based skeleton data requires time consuming and expensive data acquisition for each subject identity. Recently, Assessment and Augmented Identity Recognition for Skeletons (AAIRS) has been used to train Hierarchical Co-occurrence Networks for Person Identification (HCN-ID) with small LiDAR based skeleton data sets. However, AAIRS does not evaluate robustness of HCN-ID to adversarial attacks or inoculate the model to defend against such attacks. Popular perturbation-based approaches to generating adversarial attacks are constrained to targeted perturbations added to real training samples, which is not ideal for inoculating models with small training sets. Thus, we propose Attack-AAIRS, a novel addition to the AAIRS framework. Attack-AAIRS leverages a small real data set and a GAN generated synthetic data set to assess and improve model robustness against unseen adversarial attacks. Rather than being constrained to perturbations of limited real training samples, the GAN learns the distribution of adversarial attack samples that exploit weaknesses in HCN-ID. Attack samples drawn from this distribution augment training for inoculation of the HCN-ID to improve robustness. Ten-fold cross validation of Attack-AAIRS yields increased robustness to unseen attacks- including FGSM, PGD, Additive Gaussian Noise, MI-FGSM, and BIM. The HCN-ID Synthetic Data Quality Score for Attack-AAIRS indicates that generated attack samples are of similar quality to the original benign synthetic samples generated by AAIRS. Furthermore, inoculated models show consistent final test accuracy with the original model trained on real data, demonstrating that our method improves robustness to adversarial attacks without reducing test performance on real data. Comments: 8 pages, 9 figures, 3 tables Subjects: Machine Learning (cs.LG); Cryptography and Security (cs.CR); Computer Vision and Pattern Recognition (cs.CV) Cite as: arXiv:2603.24232 [cs.LG]   (or arXiv:2603.24232v1 [cs.LG] for this version)   https://doi.org/10.48550/arXiv.2603.24232 Focus to learn more Journal reference: J. G. Zalameda, M. A. Witherow, A. M. Glandon, J. Aguilera and K. M. Iftekharuddin, "Attack Assessment and Augmented Identity Recognition for Human Skeleton Data," 2023 IJCNN, Gold Coast, Australia, 2023, pp. 1-8 Related DOI: https://doi.org/10.1109/IJCNN54540.2023.10191835 Focus to learn more Submission history From: Megan Witherow [view email] [v1] Wed, 25 Mar 2026 12:07:38 UTC (701 KB) Access Paper: view license Current browse context: cs.LG < prev   |   next > new | recent | 2026-03 Change to browse by: cs cs.CR cs.CV References & Citations NASA ADS Google Scholar Semantic Scholar Export BibTeX Citation Bookmark Bibliographic Tools Bibliographic and Citation Tools Bibliographic Explorer Toggle Bibliographic Explorer (What is the Explorer?) Connected Papers Toggle Connected Papers (What is Connected Papers?) Litmaps Toggle Litmaps (What is Litmaps?) scite.ai Toggle scite Smart Citations (What are Smart Citations?) Code, Data, Media Demos Related Papers About arXivLabs Which authors of this paper are endorsers? | Disable MathJax (What is MathJax?)