Julianne Moore, Lead AI Systems Architect, is conducting an investigation on a facial recognition access...

The scenario describes a situation where an attacker manipulates input data at inference time to deceive an AI model into producing incorrect outputs. The use of specially crafted eyeglasses with noisy patterns is a classic example of an adversarial attack , where small, intentional perturbations are introduced to inputs (in this case, visual patterns) to exploit weaknesses in the model’s perception.

Adversarial attacks do not require altering the model’s code or training data, which aligns with the scenario where both were verified as intact. Instead, they exploit how models interpret inputs, causing them to misclassify or misidentify objects or individuals. In facial recognition systems, adversarial examples—such as modified images, accessories, or patterns—can lead to false positives or impersonation.

Other options are incorrect:

Prompt injection applies to language models where malicious input manipulates system behavior.

Data poisoning involves corrupting the training dataset, which is explicitly ruled out.

Model theft refers to extracting or copying a model, not deceiving it during operation.

CAIPM highlights adversarial attacks as a critical AI-specific security risk, especially in computer vision systems used for authentication and safety-critical applications.

Therefore, the correct answer is Adversarial Attacks , as it best describes the method used to bypass the system.