Farah Wahida

Farah Wahida is currently pursuing a Ph.D. in Computing Technology at the School of Computing Technologies, RMIT University, Melbourne, Australia. She completed her B.Sc. and M.Sc. in Computer Science and Engineering from Rajshahi University of Engineering and Technology (RUET), Bangladesh. Before starting her Ph.D., she worked as a Lecturer in the Department of Computer Science and Engineering at Varendra University, Bangladesh.

Research: My research focuses on developing secure, privacy-preserving, and attack-resilient face recognition systems for distributed and edge-AI environments. Face recognition is widely used in smart surveillance, biometric authentication, and intelligent security systems; however, it also raises serious concerns related to privacy leakage, adversarial manipulation, and unreliable learning under malicious data conditions. To address these challenges, my research investigates both privacy-preserving learning techniques and defensive mechanisms against adversarial attacks.
The first part of my work explores privacy-preserving face recognition in distributed smart city surveillance using adversarial machine learning and federated learning. This approach aims to protect sensitive facial data by reducing the need to share raw biometric images while still supporting collaborative model training. The second part focuses on backdoor attack mitigation, where natural-looking facial triggers such as makeup, sunglasses, or accessories can secretly manipulate model predictions. This work detects poisoned facial images using a vision-language model ensemble and applies corrective recovery to reduce the effect of the trigger while preserving recognition utility.
The third part of my research introduces a privacy-aware image transformation strategy using modified CutMix and scrambled image representations. This method transforms facial images before training so that visual privacy is enhanced while useful identity-related features are retained. The fourth part investigates label flipping attacks, where malicious changes in training labels can degrade model performance and reliability. By analysing this attack scenario, the research contributes to understanding and improving the robustness of biometric models under corrupted training conditions.
Overall, these four research directions contribute to the development of trustworthy biometric AI systems that can preserve user privacy, resist adversarial threats, and operate reliably in real-world distributed and edge-based environments