Abstract
In order to prevent illegal or unauthorized access of image data such as human faces and ensure legitimate users can use authorization-protected data, reversible adversarial attack technique is rise. Reversible adversarial examples (RAE) get both attack capability and reversibility at the same time. However, the existing technique can not meet application requirements because of serious distortion and failure of image recovery when adversarial perturbations get strong. In this paper, we take advantage of Reversible Image Transformation technique to generate RAE and achieve reversible adversarial attack. Experimental results show that proposed RAE generation scheme can ensure imperceptible image distortion and the original image can be reconstructed error-free. What’s more, both the attack ability and the image quality are not limited by the perturbation amplitude.
| Original language | English |
|---|---|
| Journal | CEUR Workshop Proceedings |
| Volume | 3084 |
| State | Published - 2021 |
| Externally published | Yes |
| Event | 2021 International Workshop on Safety and Security of Deep Learning, SSDL 2021 - Virtual, Online Duration: 19 Aug 2021 → … |
Keywords
- adversarial example
- data protection
- deep neural networks
- reversible image transformation