Home » Database



Face Identification System Evasion via Physical Countermeasures


MITRE’s AI Red Team demonstrated a physical-domain evasion attack on a commercial face identification service with the intention of inducing a targeted misclassification. This operation had a combination of traditional ATT&CK enterprise techniques such as finding Valid account, and Executing code via an API - all interleaved with adversarial ML specific attacks.


AVID Taxonomy Categorization

  • Risk domains: Security
  • SEP subcategories: S0100: Software Vulnerability; S0301: Information Leak; S0403: Adversarial Example
  • Lifecycle stages: L06: Deployment

Affected or Relevant Artifacts

  • Developer:
  • Deployer: Commercial Face Identification Service
  • Artifact Details:
    SystemCommercial Face Identification Service

Other information

  • Vulnerability Class: ATLAS Case Study
  • Date Published: 2023-03-31
  • Date Last Modified: 2023-03-31
  • Version: 0.2
  • AVID Entry