Source distinguishability under distortion-limited attack: an optimal transport perspective

We analyze the distinguishability of two sources in a Neyman-Pearson setup when an attacker is allowed to modify the output of one of the two sources subject to an additive distortion constraint. By casting the problem in a game-theoretic framework and by exploiting the parallelism between the attacker's goal and optimal transport theory, we introduce the concept of security margin defined as the maximum average per-sample distortion introduced by the attacker for which the two sources can be distinguished ensuring arbitrarily small, yet positive, error exponents for type I and type II error probabilities. Several versions of the problem are considered according to the available knowledge about the sources. We compute the security margin for some classes of sources and derive general bounds assuming that the distortion is measured in terms of the mean square error between the original and the attacked sequence. The analysis of the game and the study of the distinguishability of the sources are extended to the case in which the distortion constraint is defined in terms of the maximum distance.