A novel generalized adversarial image method using descriptive features

Authors

  • Truong Phi Ho Vietnam Academy of Cryptography Techniques
  • Pham Duy Trung
  • Bui Thu Lam

DOI:

https://doi.org/10.54654/isj.v3i20.1002

Keywords:

Deep learning, Generative adversarial networks, adversarial examples

Tóm tắt

Abstract— Currently, machine learning not only solves simple problems such as object classification but also machine learning is widely applied in the field of computer vision such as identification systems, object detection, and modules in the authentication system, intelligent processing algorithms such as automatic driving, chatbot, etc. Deep learning models on GAN networks can automatically generate image data such as objects, animals, human faces, or the like by learning the word features of images in datasets such as MS-COCO, ImageNET, CUB, etc. Using this technique, attackers can fake images in some cases with malicious intent. In this paper, the authors propose to build a Generative Adversarial Network to create images that fool the target model YOLOv7, INCEPTIONv3. Experimental results on the CUB dataset show our proposed model's ability to generate adversarial examples is highly effective with an average image generation time equal to 0.16 seconds/an image. The successful rate of fooling the model reached over 85%, average recognition rate reached over 45% for the YOLOv7 model. When experimenting on the INCEPTIONv3 model, the successful rate of fooling the model reached over 95%, average recognition rate reached over 50%. The image fidelity evaluated by the PSNR index reached an average of greater than 29.

Downloads

Download data is not yet available.

References

TR. S. S. Kumar, M. Nystrom, J. Lambert, A. Marshall, M. Goertzel, A. Comissoneru, M. Swann, and S. Xia, “Adversarial machine learningindustry perspectives,” in 2020 IEEE Security and Privacy Workshops (SPW). IEEE, 2020, pp. 69–75.

Luận, L. C., & Thiên, T. H. (2023). Tăng cường độ chính xác trong việc nhận diện đối tượng trên các thiết bị cạnh thông minh. Journal of Science and Technology on Information Security, 2(19), 29-38. https://doi.org/10.54654/isj.v2i19.948.

C. Szegedy, V. Vanhoucke, S. Ioffe, J. Shlens, and Z. Wojna, “Rethinking the inception architecture for computer vision,” in Proceedings of the IEEE conference on computer vision and pattern recognition, 2016, pp. 2818–2826.

Y. LeCun, Y. Bengio, and G. Hinton, “Deep learning,” Nature, vol. 521, no. 7553, pp. 436–444, 2015.

M. Habibi, L. Weber, M. Neves, D. L. Wiegandt, and U. Leser, “Deep learning with word embeddings improves biomedical named entity recognition,” Bioinformatics, vol. 33, no. 14, pp. i37–i48, 2017.

S. Min, B. Lee, and S. Yoon, “Deep learning in bioinformatics,” Briefings in bioinformatics, vol. 18, no. 5, pp. 851–869, 2017.

C. Cortes, N. Lawarence, D. Lee, M. Sugiyama, and R. Garnett, “Advances in neural information processing systems 28,” in Proceedings of the 29th Annual Conference on Neural Information Processing Systems, 2015.

A. Grover and J. Leskovec, “node2vec: Scalable feature learning for networks,” in Proceedings of the 22nd ACM SIGKDD international conference on Knowledge discovery and data mining, 2016, pp. 855–864.

D. W. Otter, J. R. Medina, and J. K. Kalita, “A survey of the usages of deep learning for natural language processing,” IEEE transactions on neural networks and learning systems, vol. 32, no. 2, pp. 604–624, 2020.

S. Mahdavifar and A. A. Ghorbani, “Application of deep learning to cybersecurity: A survey,” Neurocomputing, vol. 347, pp. 149–176, 2019.

Pham, V. H., To, T. N., & Duy, P. T. (2023). A method of generating mutated Windows malware to evade ensemble learning. Journal of Science and Technology on Information Security, 1(18), 47-60. https://doi.org/10.54654/isj.v1i18.906.

G. Litjens, T. Kooi, B. E. Bejnordi, A. A. A. Setio, F. Ciompi, M. Ghafoorian, J. A. Van Der Laak, B. Van Ginneken, and C. I. Sanchez, “A survey on deep learning in medical image analysis,” Medical image analysis, vol. 42, pp. 60–88, 2017.

A. M. Ozbayoglu, M. U. Gudelek, and O. B. Sezer, “Deep learning for financial applications: A survey,” Applied Soft Computing, vol. 93, p. 106384, 2020.

S. Pouyanfar, S. Sadiq, Y. Yan, H. Tian, Y. Tao, M. P. Reyes, M.-L. Shyu, S.-C. Chen, and S. S. Iyengar, “A survey on deep learning: Algorithms, techniques, and applications,” ACM Computing Surveys (CSUR), vol. 51, no. 5, pp. 1–36, 2018.

Olaye, Iredia M.; Seixas, Azizi A. The Gap Between AI and Bedside: Participatory Workshop on the Barriers to the Integration, Translation, and Adoption of Digital Health Care and AI Startup Technology Into Clinical Practice. Journal of Medical Internet Research, 2023, 25: e32962.

I. J. Goodfellow, J. Shlens, and C. Szegedy, “Explaining and harnessing adversarial examples,” arXiv preprint arXiv:1412.6572, 2014.

F. Tramer, N. Carlini, W. Brendel, and A. Madry, “On adaptive attacks to adversarial example defenses,” Advances in neural information processing systems, vol. 33, pp. 1633–1645, 2020.

T. Bai, J. Zhao, J. Zhu, S. Han, J. Chen, B. Li, and A. Kot, “Aigan: Attack-inspired generation of adversarial examples,” in 2021 IEEE International Conference on Image Processing (ICIP). IEEE, 2021, pp. 2543–2547.

W. Zhang, “Generating adversarial examples in one shot with imageto-image translation gan,” IEEE Access, vol. 7, pp. 151 103–151 119, 2019.

T. Karras, T. Aila, S. Laine, and J. Lehtinen, “Progressive growing of gans for improved quality, stability, and variation,” arXiv preprint arXiv:1710.10196, 2017.

H. Zhang, T. Xu, H. Li, S. Zhang, X. Wang, X. Huang, and D. N. Metaxas, “Stackgan: Text to photo-realistic image synthesis with stacked generative adversarial networks,” in Proceedings of the IEEE international conference on computer vision, 2017, pp. 5907–5915.

H. Dong, S. Yu, C. Wu, and Y. Guo, “Semantic image synthesis via adversarial learning,” In Proceedings of the IEEE International Conference on Computer Vision, pp. 5706–5714, 2017.

S. Reed, Z. Akata, X. Yan, L. Logeswaran, B. Schiele, and H. Lee, “Generative adversarial text to image synthesis,” arXiv preprint arXiv:1605.05396, 2016.

S. E. Reed, Z. Akata, S. Mohan, S. Tenka, B. Schiele, and H. Lee, “Learning what and where to draw,” In Advances in Neural Information

K. Xu, J. Ba, R. Kiros, K. Cho, A. Courville, R. Salakhutdinov, R. Zemel, and Y. Bengio, “Neural image caption generation with visual attention,” in Proc. ICML, 2015, pp. 2048–2057.

R. Yu, F. Jin, Z. Qiao, Y. Yuan, and G. Wang, “Multi-scale image-text matching network for scene and spatio-temporal images,” Future Generation Computer Systems, vol. 142, pp. 292–300, 2023.

C. Wah, S. Branson, P. Welinder, P. Perona, and S. Belongie, “The caltech-ucsd birds-200-2011 dataset,” 2011.

C. Fjellstrom, “Long short-term memory neural network for financial time series,” in 2022 IEEE International Conference on Big Data (Big Data). IEEE, 2022, pp. 3496–3504.

D. Yi, J. Ahn, and S. Ji, “An effective optimization method for machine learning based on adam,” Applied Sciences, vol. 10, no. 3, p. 1073, 2020.

C.-Y. Wang, A. Bochkovskiy, and H.-Y. M. Liao, “Yolov7: Trainable bag-of-freebies sets new state-of-the-art for real-time object detectors,” in Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition, 2023, pp. 7464–7475.

Rahman, M. M., Biswas, A. A., Rajbongshi, A., and Majumder, A, “Recognition of local birds of Bangladesh using MobileNet and Inception-v3,” in International Journal of Advanced Computer Science and Applications, 2020, 11.8.

Sheng Zhong, Qing-yun Shi, and Min-Teh Cheng. 1994, “Adaptive hierarchical vector quantization for image coding,” Pattern recognition letters 15, 1994, 1171–1175.

Radford, Alec; Metz, Luke; Chintala, Soumith, “Unsupervised representation learning with deep convolutional generative adversarial networks,” arXiv preprint arXiv:1511.06434, 2015.

Weng and Lilian, “From gan to wgan,” arXiv preprint arXiv:1904.08994, 2019.

Downloads

Abstract views: 161 / PDF downloads: 42

Published

2023-12-29

How to Cite

Hồ, T. P., Trung, P. D., & Lam, B. T. . (2023). A novel generalized adversarial image method using descriptive features . Journal of Science and Technology on Information Security, 3(20), 63-76. https://doi.org/10.54654/isj.v3i20.1002

Issue

Section

Papers