1 Universal Adversarial Perturbations Efficiency on a small image dataset

2025-04-28 0 0 3.42MB 5 页 10玖币
侵权投诉
1
Universal Adversarial Perturbations: Efficiency
on a small image dataset
Waris Radji*
Index Terms—Computer vision, Image classification, Deep neural networks, Adversarial attack.
F
ABSTRACT
Although neural networks perform very well on the image classi-
fication task, they are still vulnerable to adversarial perturbations
that can fool a neural network without visibly changing an input
image. A paper has shown the existence of Universal Adversarial
Perturbations which when added to any image will fool the
neural network with a very high probability. In this paper we
will try to reproduce the experience of the Universal Adversarial
Perturbations paper, but on a smaller neural network architecture
and training set, in order to be able to study the efficiency of the
computed perturbation.
1 INTRODUCTION
As part of my engineering school’s introductory research
program, I aim to reproduce a scientific experiment. I
chose to reproduce the universal adversarial perturbations
paper experiments introduced by Seyed-Mohsen Moosavi-
Dezfooli et al accepted at IEEE Conference on Computer
Vision and Pattern Recognition (CVPR) in 2017[1].
In image classification, an adversarial perturbation is a
vector that when added to an image cause the network out-
put to change drastically with making quasi-imperceptible
changes to the input image. Universal adversarial pertur-
bations (UAPs) correspond to a single vector that will fool
the neural network on any image with very high probability
(see Fig.1). These perturbations have many applications in
the real world, for example in CAPTCHA tests when a user
has to associate an image with a label or in steganography
to hide information in images[2]. They can also be used
for hostile purposes, knowing that they are very difficult
to detect with the naked eye.
The reference paper [1] has already demonstrated the
existence and efficiency of UAPs, on large neural net-
work architecture (CaffeNet, VGG-F, VGG-16, VGG-19,
GoogLeNet, and ResNet-152) and with the very large im-
age dataset of ImageNet Large Scale Visual Recognition
Challenge 2012 (ILSVRC2012). In this paper we will try to
reproduce some of their results, with VGG-11 [5] neural
network architecture which is smaller than those studied
in the paper and on the Visual Object Classes Challenge
2012 (VOC2012) [4] dataset which is 1,000 times smaller than
ILSVRC2012:
*Student in the introductory research program of Bordeaux Institute of
Technology - ENSEIRB-MATMECA School of Engineering.
J
o
y
s
t
ick
W
h
i
p
t
ail
l
iza
r
d
Balloon
Lycaenid
Tibetan masti
T
h
r
es
h
e
r
G
ril
l
e
F
lag
p
o
l
e
Fac
e p
o
w
d
er
Labrador
C
hih
ua
h
u
a
C
hi
hu
ah
u
a
J
ay
Labrador
La
b
ra
do
r
Tibetan masti
Brabancon grion
Border terrier
Fig. 1: This figure is taken from the reference article. When
added to a natural image, a universal perturbation image
causes the image to be misclassified by the deep neural
network with high probability. Left images: Original natural
images. The labels are shown on top of each arrow. Cen-
tral image: Universal perturbation. Right images: Perturbed
images.
We will train a neural network;
We will compute the UAP with parameters quasi-
similar to the paper one;
We will observe dominant labels founded by the
algorithm;
We will compare the computed UAP to other pertur-
bations.
All the code that allowed me to achieve my experiments
can be found on Github.
arXiv:2210.04591v1 [cs.CV] 10 Oct 2022
摘要:

1UniversalAdversarialPerturbations:EfciencyonasmallimagedatasetWarisRadji*IndexTerms—Computervision,Imageclassication,Deepneuralnetworks,Adversarialattack.FABSTRACTAlthoughneuralnetworksperformverywellontheimageclassi-cationtask,theyarestillvulnerabletoadversarialperturbationsthatcanfoolaneuralne...

展开>> 收起<<
1 Universal Adversarial Perturbations Efficiency on a small image dataset.pdf

共5页,预览1页

还剩页未读, 继续阅读

声明:本站为文档C2C交易模式,即用户上传的文档直接被用户下载,本站只是中间服务平台,本站所有文档下载所得的收益归上传人(含作者)所有。玖贝云文库仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。若文档所含内容侵犯了您的版权或隐私,请立即通知玖贝云文库,我们立即给予删除!

相关推荐

更多
立即下载
分类:图书资源 价格:10玖币 属性:5 页 大小:3.42MB 格式:PDF 时间:2025-04-28

开通VIP享超值会员特权

  • 多端同步记录
  • 高速下载文档
  • 免费文档工具
  • 分享文档赚钱
  • 每日登录抽奖
  • 优质衍生服务

作者详情

相关内容

更多

热门标签

人际关系 动力学连接体 力的合成 配电装置 高考理综 全宋诗作者索引 公务员考试
/ 5
评分 收藏
分享
立即下载
客服
关注