Adversarial Machine Learning

This project study the attacks and defences on AI and deep learning in adversarial setup in which an attacker is aiming at model failures while the defender is aiming at protecting it.


Adversarial Information Fusion in Distributed Sensor Networks

Adversarial Signal Processing is an emerging discipline that aims at studying signal processing techniques explicitly thought to withstand the intentional attacks of one or more adversaries aiming at system failure. Its final aim is modeling the inter-play between a Defender, wishing to carry out a certain processing task, and an Attacker, aiming at impeding it. A natural framework to model this inter-play relies on Game-Theory since it provides a powerful mathematical model of conflict and cooperation between rational decision-makers. This framework helps to overcome the so called ”cat & mouse” loop in which researchers and system designers continuously develop new attacks and countermeasures in a never-ending loop. In this project, we apply some general ideas from the Adv-SP field to the problem of Adversar- ial Information Fusion in Distributed Sensor Networks. In these networks, some distributed sensors, for instance autonomous sensors, actuators, mobile devices, must provide some information about the state of an observed sys- tem. In the centralized approach, the information collected by the sensors is sent to a ”Fusion Center” (FC). By using all the information received from the nodes, the FC is responsible of making final global decision about the state of the system of interest. The actual process of integrating the information submitted by several sources into a coherent understanding of the system state is called ”Information Fusion”. Therefore, Information Fusion, in general, refers to particular mathematical functions, algorithms, methods and procedures for combining information. This term is very flexible and the classification of various techniques depends on different perspectives i.e. type of information, type of data representation, level of information abstraction, and others.


Infomation Fusion in adversarial setting

Consensus Algorithm as an example of Signal processing over graphs. A set of nodes try to agree about a data value through iterations. We studied this problem in adversarial setting where some of the nodes are adversaries

AI-Based Anti-counterfeiting Technology

ViSeQR® technology protects companies from counterfeiting and ensures the secure traceability of products. It also allows the collection of data for market researches, thanks to its cloud platform. Itís a customizable solution, easy to integrate into the production process. The consumer can verify in a simple and intuitive way, directly from her/his device, the authenticity of the product that she/he is buying: just taking a picture of the stamp on the free App.

The smart stamp integrates a common technology of optical reading (bar codes) with a procedure developed by ViDiTrust which establish an univocal link between the public information (present in the bar code) and the “private” information (invisible to the human eye). The following image reproduces an example of a smart stamp in the square design version, that measures approximately 2×2 cm and, as can be seen from the image, has the size of a coin of 2 euros.

The smart stamp is NOT a simple QR code: its frame is not reproducible and the integration of the stamp in the graphic prints generates printed elements fully uncounterfeitable.

Smart Stamp