Paper Abstract and Keywords |
Presentation |
2020-03-05 16:45
[Poster Presentation]
Detecting Adversarial Examples Based on Sensitivities to Lossy Compression Algorithms Akinori Higashi, Minoru Kuribayashi, Nobuo Funabiki (Okayama Univ.), Huy Hong Nguyen, Isao Echizen (NII) EMM2019-123 |
Abstract |
(in Japanese) |
(See Japanese page) |
(in English) |
The adversarial examples are created by adding small perturbations to an input image for misleading an CNN-based image classifier into a wrong class, and it is difficult for humans to visually recognize the perturbation. In CSS 2019, we focused on the property that the discrimination class fluctuates by removing the tiny noise added to the adversarial examples using the lossy compression. And we proposed a method to detect the adversarial examples by counting the number of changes in the output of CNN classifier when compression quality is gradually reduced. In this study, we examined how the detecting accuracy of adversarial examples is affected by increasing the interval of changing compression quality in order to reduce the computational complexity. As a result, it was found that it is possible to detect the adversarial examples with high accuracy from the observation of a few patterns. As the scaling down operation removes the entropy in an input image, the effects of the scaling down and then scaling up are similar to that of lossy compression. Hence, we gradually change the scaling down parameter and count the number of changes in the output of CNN classifier. It is confirmed from experiments that the detection accuracy is also comparable to the case of JPEG compression. |
Keyword |
(in Japanese) |
(See Japanese page) |
(in English) |
Adversarial Example / Lossy Compression / CNN / Image Classifier / / / / |
Reference Info. |
IEICE Tech. Rep., vol. 119, no. 463, EMM2019-123, pp. 113-116, March 2020. |
Paper # |
EMM2019-123 |
Date of Issue |
2020-02-27 (EMM) |
ISSN |
Online edition: ISSN 2432-6380 |
Copyright and reproduction |
All rights are reserved and no part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopy, recording, or any information storage and retrieval system, without permission in writing from the publisher. Notwithstanding, instructors are permitted to photocopy isolated articles for noncommercial classroom use without fee. (License No.: 10GA0019/12GB0052/13GB0056/17GB0034/18GB0034) |
Download PDF |
EMM2019-123 |
Conference Information |
Committee |
EMM |
Conference Date |
2020-03-05 - 2020-03-06 |
Place (in Japanese) |
(See Japanese page) |
Place (in English) |
|
Topics (in Japanese) |
(See Japanese page) |
Topics (in English) |
Image and Sound Quality, Metrics for Perception and Recognition, Human Auditory and Visual System, etc. |
Paper Information |
Registration To |
EMM |
Conference Code |
2020-03-EMM |
Language |
Japanese |
Title (in Japanese) |
(See Japanese page) |
Sub Title (in Japanese) |
(See Japanese page) |
Title (in English) |
Detecting Adversarial Examples Based on Sensitivities to Lossy Compression Algorithms |
Sub Title (in English) |
|
Keyword(1) |
Adversarial Example |
Keyword(2) |
Lossy Compression |
Keyword(3) |
CNN |
Keyword(4) |
Image Classifier |
Keyword(5) |
|
Keyword(6) |
|
Keyword(7) |
|
Keyword(8) |
|
1st Author's Name |
Akinori Higashi |
1st Author's Affiliation |
Okayama University (Okayama Univ.) |
2nd Author's Name |
Minoru Kuribayashi |
2nd Author's Affiliation |
Okayama University (Okayama Univ.) |
3rd Author's Name |
Nobuo Funabiki |
3rd Author's Affiliation |
Okayama University (Okayama Univ.) |
4th Author's Name |
Huy Hong Nguyen |
4th Author's Affiliation |
National Institute of Informatics (NII) |
5th Author's Name |
Isao Echizen |
5th Author's Affiliation |
National Institute of Informatics (NII) |
6th Author's Name |
|
6th Author's Affiliation |
() |
7th Author's Name |
|
7th Author's Affiliation |
() |
8th Author's Name |
|
8th Author's Affiliation |
() |
9th Author's Name |
|
9th Author's Affiliation |
() |
10th Author's Name |
|
10th Author's Affiliation |
() |
11th Author's Name |
|
11th Author's Affiliation |
() |
12th Author's Name |
|
12th Author's Affiliation |
() |
13th Author's Name |
|
13th Author's Affiliation |
() |
14th Author's Name |
|
14th Author's Affiliation |
() |
15th Author's Name |
|
15th Author's Affiliation |
() |
16th Author's Name |
|
16th Author's Affiliation |
() |
17th Author's Name |
|
17th Author's Affiliation |
() |
18th Author's Name |
|
18th Author's Affiliation |
() |
19th Author's Name |
|
19th Author's Affiliation |
() |
20th Author's Name |
|
20th Author's Affiliation |
() |
Speaker |
Author-1 |
Date Time |
2020-03-05 16:45:00 |
Presentation Time |
60 minutes |
Registration for |
EMM |
Paper # |
EMM2019-123 |
Volume (vol) |
vol.119 |
Number (no) |
no.463 |
Page |
pp.113-116 |
#Pages |
4 |
Date of Issue |
2020-02-27 (EMM) |
|