Filters








419 Hits in 8.9 sec

Adversarial Attacks on Black Box Video Classifiers: Leveraging the Power of Geometric Transformations [article]

Shasha Li, Abhishek Aich, Shitong Zhu, M. Salman Asif, Chengyu Song, Amit K. Roy-Chowdhury, Srikanth V. Krishnamurthy
2021 arXiv   pre-print
Query-efficient black-box attacks rely on effectively estimated gradients towards maximizing the probability of misclassifying the target video.  ...  When compared to the image classification models, black-box adversarial attacks against video classification models have been largely understudied.  ...  On the other hand, it highlights a key drawback of different video classifiers which will allow adversaries to design more sophisticated attacks, both in white-box and black-box settings.  ... 
arXiv:2110.01823v2 fatcat:odbyyanlqzfk5pljkxxp7xquc4

Automated Testing of AI Models [article]

Swagatam Haldar, Deepak Vijaykeerthy, Diptikalyan Saha
2021 arXiv   pre-print
The last decade has seen tremendous progress in AI technology and applications. With such widespread adoption, ensuring the reliability of the AI models is crucial.  ...  In this paper, we extend the capability of the AITEST tool to include the testing techniques for Image and Speech-to-text models along with interpretability testing for tabular models.  ...  [26] , and dynamic ones that generates black-box adversarial examples via Bayesian Optimisation [25] .  ... 
arXiv:2110.03320v1 fatcat:pj54fu3mbne4np55schxd5ul6m

Advances in adversarial attacks and defenses in computer vision: A survey [article]

Naveed Akhtar, Ajmal Mian, Navid Kardan, Mubarak Shah
2021 arXiv   pre-print
In [2], we reviewed the contributions made by the computer vision community in adversarial attacks on deep learning (and their defenses) until the advent of year 2018.  ...  However, it is now known that DL is vulnerable to adversarial attacks that can manipulate its predictions by introducing visually imperceptible perturbations in images and videos.  ...  [35] claimed that these signals leverage the geometric correlations between the decision boundaries of classifiers.  ... 
arXiv:2108.00401v2 fatcat:23gw74oj6bblnpbpeacpg3hq5y

Blacklight: Scalable Defense for Neural Networks against Query-Based Black-Box Attacks [article]

Huiying Li, Shawn Shan, Emily Wenger, Jiayun Zhang, Haitao Zheng, Ben Y. Zhao
2022 arXiv   pre-print
In particular, query-based black-box attacks do not require knowledge of the deep learning model, but can compute adversarial examples over the network by submitting queries and inspecting returns.  ...  Blacklight is also robust against several powerful countermeasures, including an optimal black-box attack that approximates white-box attacks in efficiency.  ...  the limits of q and w, and then leverages those results to optimize a guided transformation attack.  ... 
arXiv:2006.14042v3 fatcat:qy6fj3k3ejbxhotqizzwz4v7lq

Comparative Analysis of Different Machine Learning Classifiers for the Prediction of Chronic Diseases [chapter]

Rajesh Singh, Anita Gehlot, Dharam Buddhi
2022 Comparative Analysis of Different Machine Learning Classifiers for the Prediction of Chronic Diseases  
Chronic Diseases are the most dangerous diseases for humans and have significant effects on human life. Chronic Diseases like heart disease & Diabetes are the main causes of death.  ...  This paper forms the basis of understanding the difficulty of the domain and the amount of efficiency achieved by the various methods recently.  ...  option for power generation in the commercial space such that the penetration of this technology into market would improve the energy efficiency and also quality of the environment by decarbonization.  ... 
doi:10.13052/rp-9788770227667 fatcat:da47mjbbyzfwnbpde7rgbrlppe

Adversarial Examples on Object Recognition: A Comprehensive Survey [article]

Alex Serban, Erik Poll, Joost Visser
2020 arXiv   pre-print
In this article we discuss the impact of adversarial examples on security, safety, and robustness of neural networks.  ...  Deep neural networks are at the forefront of machine learning research.  ...  There is clearly more research on white box attacks than black box attacks, and more attacks use noise perturbations than geometric transformations.  ... 
arXiv:2008.04094v2 fatcat:7xycyybhpvhshawt7fy3fzeana

Adversarial Attacks against Face Recognition: A Comprehensive Study [article]

Fatemeh Vakhshiteh, Ahmad Nickabadi, Raghavendra Ramachandra
2021 arXiv   pre-print
In this article, we present a comprehensive survey on adversarial attacks against FR systems and elaborate on the competence of new countermeasures against them.  ...  Further, we propose a taxonomy of existing attack and defense methods based on different criteria. We compare attack methods on the orientation and attributes and defense approaches on the category.  ...  Experimental results on FaceNet, SphereFace, and one commercial FR system demonstrated the vulnerability of such models to light projection attacks in both white-box and black-box attack settings.  ... 
arXiv:2007.11709v3 fatcat:jfhcxj6hp5esvcclf2dsehfad4

Threat of Adversarial Attacks on Deep Learning in Computer Vision: A Survey [article]

Naveed Akhtar, Ajmal Mian
2018 arXiv   pre-print
This article presents the first comprehensive survey on adversarial attacks on deep learning in Computer Vision.  ...  We review the works that design adversarial attacks, analyze the existence of such attacks and propose defenses against them.  ...  Details on this work and example videos of the adversarial attacks can be found on the following URL: http://yclin.me/adversarial attack RL/. In another work, Huang et al.  ... 
arXiv:1801.00553v3 fatcat:xfk7togp5bhxvbxtwox3sckqq4

Adversarial Attacks against Face Recognition: A Comprehensive Study

Fatemeh Vakhshiteh, Ahmad Nickabadi, Raghavendra Ramachandra
2021 IEEE Access  
In this article, we present a comprehensive survey on adversarial attacks against FR systems and elaborate on the competence of new countermeasures against them.  ...  Further, we propose a taxonomy of existing attack and defense methods based on different criteria.  ...  Regarding the capacity attribute, we found that most of the attack generation techniques are white-box attacks. In the scenario of black-box attacks, focusing on CNN model orientation, Dong et al.  ... 
doi:10.1109/access.2021.3092646 fatcat:7cj5z57wxvcbvjmckifkobraoq

RoVISQ: Reduction of Video Service Quality via Adversarial Attacks on Deep Learning-based Video Compression [article]

Jung-Woo Chang, Mojan Javaheripi, Seira Hidano, Farinaz Koushanfar
2022 arXiv   pre-print
Unlike previously proposed attacks on video classification, our adversarial perturbations are the first to withstand compression.  ...  Our attack framework, dubbed RoVISQ, manipulates the Rate-Distortion (R-D) relationship of a video compression model to achieve one or both of the following goals: (1) increasing the network bandwidth,  ...  [32] employ standard geometric transformations for query-efficient black-box attacks. The attacks proposed in [9] , [32] , [46] , [62] are all performed offline.  ... 
arXiv:2203.10183v2 fatcat:vwzz5tc4q5c4laamii6eesvdry

Sanitization of Visual Multimedia Content: A Survey of Techniques, Attacks, and Future Directions [article]

Hanaa Abbas, Roberto Di Pietro
2022 arXiv   pre-print
This paper presents a review of the mechanisms designed for protecting digital visual contents (i.e., images and videos), the attacks against the cited mechanisms, and possible countermeasures.  ...  Data sanitization -- the process of obfuscating or removing sensitive content related to the data -- helps to mitigate the severe impact of potential security and privacy risks.  ...  The contents herein are solely the responsibility of the authors.  ... 
arXiv:2207.02051v1 fatcat:oevtpttxvvgo3p537t54wwhq5y

SoK: A Modularized Approach to Study the Security of Automatic Speech Recognition Systems [article]

Yuxuan Chen, Jiangshan Zhang, Xuejing Yuan, Shengzhi Zhang, Kai Chen, Xiaofeng Wang, Shanqing Guo
2021 arXiv   pre-print
Although recent studies have brought to light the weaknesses of popular ASR systems that enable out-of-band signal attack, adversarial attack, etc., and further proposed various remedies (signal smoothing  ...  , adversarial training, etc.), a systematic understanding of ASR security (both attacks and defenses) is still missing, especially on how realistic such threats are and how general existing protection  ...  As a consequence, the attacker could leverage it to attack the target black-box models, even though the knowledge of the black-box models remains unknown.  ... 
arXiv:2103.10651v2 fatcat:ryllxp63hvgoxm5d6ef7n7l55a

Classifying Infected and Uninfected Red Blood Cell Images for Malaria Detection using Convolutional Neural Networks

2021 American Journal Of Advanced Computing  
In this attack adversary tries to compromise the cloud storage security of the user.  ...  must be controlled by the adversary to launch this attack.  ... 
doi:10.15864/ajac.2107 fatcat:cnqj7hzy6nbvlobtmrujhoy4bu

Adversarial Attacks and Defenses in Deep Learning: from a Perspective of Cybersecurity

Shuai Zhou, Chi Liu, Dayong Ye, Tianqing Zhu, Wanlei Zhou, Philip S. Yu
2022 ACM Computing Surveys  
Many papers have been published on adversarial attacks and their countermeasures in the realm of deep learning.  ...  Most focus on evasion attacks, where the adversarial examples are found at test time, as opposed to poisoning attacks where poisoned data is inserted into the training data.  ...  [81] proposed a geometrical approach, SurFree, based on the decision in a black-box setting. They bypassed the usage of surrogate of the target model and estimation of the gradient. Ilyas et al.  ... 
doi:10.1145/3547330 fatcat:d3x3oitysvb73ado5kuaqakgtu

Robust Deepfake On Unrestricted Media: Generation And Detection [article]

Trung-Nghia Le and Huy H Nguyen and Junichi Yamagishi and Isao Echizen
2022 arXiv   pre-print
It also discusses possible ways to improve the robustness of deepfake detection for a wide variety of media (e.g., in-the-wild images and videos).  ...  This chapter explores the evolution of and challenges in deepfake generation and detection.  ...  To defend black-box face biometrics classifiers against adversarial attacks, Theagarajan et al.  ... 
arXiv:2202.06228v1 fatcat:a37q2lf7w5bcbekk5esmbx2goe
« Previous Showing results 1 — 15 out of 419 results