# Evaluating gait system vulnerabilities through PPO and GAN-generated adversarial attacks

**Authors:** El Mehdi Saoudi, Jaafar Jaafari, Said Jai Andaloussi

PMC · DOI: 10.1038/s41598-026-37011-1 · Scientific Reports · 2026-01-23

## TL;DR

This paper explores how gait recognition systems can be tricked using adversarial patches, showing major security risks in biometric technologies.

## Contribution

A novel method combining PPO and GANs is introduced to generate adversarial patches that deceive gait recognition systems.

## Key findings

- Adversarial patches significantly reduced recognition accuracy in tested gait datasets.
- The method effectively exploits model weaknesses without being detected by human oversight.
- Results highlight critical vulnerabilities in deep learning-based gait recognition systems.

## Abstract

This study delves into the vulnerabilities of deep learning-based gait recognition systems against adversarial attacks, a critical issue considering the increasing reliance on these technologies in high-security environments. We highlight a major issue concerning the susceptibility of these systems to adversarial interventions that compromise their reliability. The importance of this issue stems from the critical role of gait recognition in applications where security and accuracy are paramount. Our approach introduces an advanced methodology that integrates Proximal Policy Optimization (PPO) with Generative Adversarial Networks (GANs) to create and deploy adversarial attacks in the form of targeted adversarial patches. These patches are designed to deceive gait recognition algorithms without detection by human oversight, exploiting the models’ weaknesses to induce misclassification. This methodology not only leverages the strengths of GANs to produce deceptive examples but also innovatively utilizes PPO to ascertain their optimal placements, thereby maximizing the disruption on gait recognition systems. We assess the impact of these attacks using the CASIA Gait Database: Dataset B and the OU-ISIR Treadmill Dataset B - Clothes variation-, covering both real-world and controlled environments. Our results demonstrate a significant decline in recognition accuracy post-attack, underscoring the effectiveness of our adversarial approach. These findings underscore critical security flaws and actively inform the broader discussion aimed at boosting the robustness of gait recognition systems. The impact of our research extends significantly, providing crucial insights that aid in the creation of more secure, attack-resistant biometric recognition systems, thereby enhancing the resilience of gait recognition technologies against the backdrop of advancing cyber threats.

## Full-text entities

- **Species:** Homo sapiens (human, species) [taxon 9606]

## Full text

_Full body text omitted from this summary view._ Fetch the complete paper as Markdown: https://tomesphere.com/paper/PMC12901303/full.md

## Figures

12 figures with captions in the complete paper: https://tomesphere.com/paper/PMC12901303/full.md

## References

17 references — full list in the complete paper: https://tomesphere.com/paper/PMC12901303/full.md

---
Source: https://tomesphere.com/paper/PMC12901303