Adaptive Image Adversarial Reprogramming Based on Noise Invisibility Factors

LIU Yifan, OU Bo, XIONG Jianqin

doi:10.11896/jsjkx.220300024

Jisuanji kexue (Apr 2023)

Adaptive Image Adversarial Reprogramming Based on Noise Invisibility Factors

LIU Yifan, OU Bo, XIONG Jianqin

Affiliations

LIU Yifan, OU Bo, XIONG Jianqin: College of Computer Science and Electronic Engineering,Hunan University,Changsha 410082,China

DOI: https://doi.org/10.11896/jsjkx.220300024
Journal volume & issue: Vol. 50, no. 4
pp. 110 – 116

Abstract

Read online

Adversarial reprogramming is an attacking method against the deep neural networks.By adding a certain perturbation to the input image,the network could be made to execute the attacker’s specified task,i.e.,destroying the legitimate permission of the training network model.It is positive to deeply understand and investigate this kind of attacks for further designing the corresponding anti-reprogramming algorithms.This paper discusses the relationship between the location of perturbations and the performance of adversarial reprogramming.Specifically,the noise visibility function is used to evaluate the adversarial distortion for each local content,and obtain the masking matrix.Then,the adversarial perturbations are added adaptively to optimize the attacking task.Experimental results show that,for the state-of-the-art deep network models,the proposed algorithm can enhance the performance of adversarial reprogramming attack and improve the imperceptibility of modified image.

adversarial attack|adversarial reprogramming|adaptive perturbation|noise visibility function

Published in Jisuanji kexue

ISSN: 1002-137X (Print)
Publisher: Editorial office of Computer Science
Country of publisher: China
LCC subjects: Science: Mathematics: Instruments and machines: Electronic computers. Computer science: Computer software; Technology: Technology (General)
Website: http://www.jsjkx.com/CN/1002-137X/home.shtml

About the journal

Abstract

Keywords