1. NCCU Academic Hub
  2. Publications
  3. College of Informatics
  4. Proceedings
  5. Item

Publications-Proceedings

Article View/Open

Publication Export

Google ScholarTM

NCCU Library

Citation Infomation

Related Publications in TAIR

題名 Defense against N-pixel Attacks based on Image Reconstruction
作者 左瑞麟
Tso, Raylin
Liu, Zi-Yuan
Wang, Peter Shaojui
Hsiao, Shou-Ching
貢獻者 資科系
關鍵詞 Adversarial Examples; N-pixel Attacks; Image Reconstruction; Defense
日期 2020-10
上傳時間 9-Dec-2021 16:09:27 (UTC+8)
摘要 Since machine learning and deep learning are largely used for image recognition in real-world applications, how to avoid adversarial attacks become an important issue. It is common that attackers add adversarial perturbation to a normal image in order to fool the models. The N-pixel attack is one of the recently popular adversarial methods by simply changing a few pixels in the image. We observe that changing the few pixels leads to an obvious difference with its neighboring pixels. Therefore, this research aims to defend the N-pixel attacks based on image reconstruction. We develop a three-staged reconstructing algorithm to recover the fooling images. Experimental results show that the accuracy of CIFAR-10 test dataset can reach 92% after applying our proposed algorithm, indicating that the algorithm can maintain the original inference accuracy on normal dataset. Besides, the effectiveness of defending N-pixel attacks is also validated by reconstructing 500 attacked images using the proposed algorithm. The results show that we have a 90% to 92% chance of successful defense, where N=1,3,5,10,and 15.
關聯 SBC `20: Proceedings of the 8th International Workshop on Security in Blockchain and Cloud Computing, pp.3-7
資料類型 conference
DOI https://doi.org/10.1145/3384942.3406867
dc.contributor 資科系-
dc.creator (作者) 左瑞麟-
dc.creator (作者) Tso, Raylin-
dc.creator (作者) Liu, Zi-Yuan-
dc.creator (作者) Wang, Peter Shaojui-
dc.creator (作者) Hsiao, Shou-Ching-
dc.date (日期) 2020-10-
dc.date.accessioned 9-Dec-2021 16:09:27 (UTC+8)-
dc.date.available 9-Dec-2021 16:09:27 (UTC+8)-
dc.date.issued (上傳時間) 9-Dec-2021 16:09:27 (UTC+8)-
dc.identifier.uri (URI) http://nccur.lib.nccu.edu.tw/handle/140.119/138287-
dc.description.abstract (摘要) Since machine learning and deep learning are largely used for image recognition in real-world applications, how to avoid adversarial attacks become an important issue. It is common that attackers add adversarial perturbation to a normal image in order to fool the models. The N-pixel attack is one of the recently popular adversarial methods by simply changing a few pixels in the image. We observe that changing the few pixels leads to an obvious difference with its neighboring pixels. Therefore, this research aims to defend the N-pixel attacks based on image reconstruction. We develop a three-staged reconstructing algorithm to recover the fooling images. Experimental results show that the accuracy of CIFAR-10 test dataset can reach 92% after applying our proposed algorithm, indicating that the algorithm can maintain the original inference accuracy on normal dataset. Besides, the effectiveness of defending N-pixel attacks is also validated by reconstructing 500 attacked images using the proposed algorithm. The results show that we have a 90% to 92% chance of successful defense, where N=1,3,5,10,and 15.-
dc.format.extent 2567470 bytes-
dc.format.mimetype application/pdf-
dc.relation (關聯) SBC `20: Proceedings of the 8th International Workshop on Security in Blockchain and Cloud Computing, pp.3-7-
dc.subject (關鍵詞) Adversarial Examples; N-pixel Attacks; Image Reconstruction; Defense-
dc.title (題名) Defense against N-pixel Attacks based on Image Reconstruction-
dc.type (資料類型) conference-
dc.identifier.doi (DOI) 10.1145/3384942.3406867-
dc.doi.uri (DOI) https://doi.org/10.1145/3384942.3406867-