Reversible Adversarial Attack Based on Reversible Image Transformation

Zhaoxia Yin; Hua Wang; Li Chen; Jie Wang; Weiming Zhang

Reversible Adversarial Attack Based on Reversible Image Transformation

Zhaoxia Yin
, Hua Wang
, Li Chen
, Jie Wang
, Weiming Zhang

Anhui Provincial Key Laboratory of Multimodal Cognitive Computation, Anhui University
University of Science and Technology of China

科研成果: 期刊稿件 › 会议文章 › 同行评审

摘要

In order to prevent illegal or unauthorized access of image data such as human faces and ensure legitimate users can use authorization-protected data, reversible adversarial attack technique is rise. Reversible adversarial examples (RAE) get both attack capability and reversibility at the same time. However, the existing technique can not meet application requirements because of serious distortion and failure of image recovery when adversarial perturbations get strong. In this paper, we take advantage of Reversible Image Transformation technique to generate RAE and achieve reversible adversarial attack. Experimental results show that proposed RAE generation scheme can ensure imperceptible image distortion and the original image can be reconstructed error-free. What’s more, both the attack ability and the image quality are not limited by the perturbation amplitude.

源语言	英语
期刊	CEUR Workshop Proceedings
卷	3084
出版状态	已出版 - 2021
已对外发布	是
活动	2021 International Workshop on Safety and Security of Deep Learning, SSDL 2021 - Virtual, Online 期限: 19 8月 2021 → …

其它文件与链接

链接到 Scopus 的出版物

引用此

@article{1f6ac760579c4316bcceac87a48d0fcf,

title = "Reversible Adversarial Attack Based on Reversible Image Transformation",

abstract = "In order to prevent illegal or unauthorized access of image data such as human faces and ensure legitimate users can use authorization-protected data, reversible adversarial attack technique is rise. Reversible adversarial examples (RAE) get both attack capability and reversibility at the same time. However, the existing technique can not meet application requirements because of serious distortion and failure of image recovery when adversarial perturbations get strong. In this paper, we take advantage of Reversible Image Transformation technique to generate RAE and achieve reversible adversarial attack. Experimental results show that proposed RAE generation scheme can ensure imperceptible image distortion and the original image can be reconstructed error-free. What{\textquoteright}s more, both the attack ability and the image quality are not limited by the perturbation amplitude.",

keywords = "adversarial example, data protection, deep neural networks, reversible image transformation",

author = "Zhaoxia Yin and Hua Wang and Li Chen and Jie Wang and Weiming Zhang",

year = "2021",

language = "英语",

volume = "3084",

journal = "CEUR Workshop Proceedings",

issn = "1613-0073",

publisher = "CEUR-WS",

}

TY - JOUR

T1 - Reversible Adversarial Attack Based on Reversible Image Transformation

AU - Yin, Zhaoxia

AU - Wang, Hua

AU - Chen, Li

AU - Wang, Jie

AU - Zhang, Weiming

PY - 2021

Y1 - 2021

N2 - In order to prevent illegal or unauthorized access of image data such as human faces and ensure legitimate users can use authorization-protected data, reversible adversarial attack technique is rise. Reversible adversarial examples (RAE) get both attack capability and reversibility at the same time. However, the existing technique can not meet application requirements because of serious distortion and failure of image recovery when adversarial perturbations get strong. In this paper, we take advantage of Reversible Image Transformation technique to generate RAE and achieve reversible adversarial attack. Experimental results show that proposed RAE generation scheme can ensure imperceptible image distortion and the original image can be reconstructed error-free. What’s more, both the attack ability and the image quality are not limited by the perturbation amplitude.

AB - In order to prevent illegal or unauthorized access of image data such as human faces and ensure legitimate users can use authorization-protected data, reversible adversarial attack technique is rise. Reversible adversarial examples (RAE) get both attack capability and reversibility at the same time. However, the existing technique can not meet application requirements because of serious distortion and failure of image recovery when adversarial perturbations get strong. In this paper, we take advantage of Reversible Image Transformation technique to generate RAE and achieve reversible adversarial attack. Experimental results show that proposed RAE generation scheme can ensure imperceptible image distortion and the original image can be reconstructed error-free. What’s more, both the attack ability and the image quality are not limited by the perturbation amplitude.

KW - adversarial example

KW - data protection

KW - deep neural networks

KW - reversible image transformation

UR - https://www.scopus.com/pages/publications/85127089948

M3 - 会议文章

AN - SCOPUS:85127089948

SN - 1613-0073

VL - 3084

JO - CEUR Workshop Proceedings

JF - CEUR Workshop Proceedings

T2 - 2021 International Workshop on Safety and Security of Deep Learning, SSDL 2021

Y2 - 19 August 2021

ER -

Reversible Adversarial Attack Based on Reversible Image Transformation

摘要

其它文件与链接

指纹

引用此