Cargando…
Surreptitious Adversarial Examples through Functioning QR Code
The continuous advances in the technology of Convolutional Neural Network (CNN) and Deep Learning have been applied to facilitate various tasks of human life. However, security risks of the users’ information and privacy have been increasing rapidly due to the models’ vulnerabilities. We have develo...
| Autores principales: | , , , |
|---|---|
| Formato: | Online Artículo Texto |
| Lenguaje: | English |
| Publicado: |
MDPI
2022
|
| Materias: | |
| Acceso en línea: | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9147429/ https://www.ncbi.nlm.nih.gov/pubmed/35621886 http://dx.doi.org/10.3390/jimaging8050122 |
| _version_ | 1784716805308153856 |
|---|---|
| author | Chindaudom, Aran Siritanawan, Prarinya Sumongkayothin, Karin Kotani, Kazunori |
| author_facet | Chindaudom, Aran Siritanawan, Prarinya Sumongkayothin, Karin Kotani, Kazunori |
| author_sort | Chindaudom, Aran |
| collection | PubMed |
| description | The continuous advances in the technology of Convolutional Neural Network (CNN) and Deep Learning have been applied to facilitate various tasks of human life. However, security risks of the users’ information and privacy have been increasing rapidly due to the models’ vulnerabilities. We have developed a novel method of adversarial attack that can conceal its intent from human intuition through the use of a modified QR code. The modified QR code can be consistently scanned with a reader while retaining adversarial efficacy against image classification models. The QR adversarial patch was created and embedded into an input image to generate adversarial examples, which were trained against CNN image classification models. Experiments were performed to investigate the trade-off in different patch shapes and find the patch’s optimal balance of scannability and adversarial efficacy. Furthermore, we have investigated whether particular classes of images are more resistant or vulnerable to the adversarial QR attack, and we also investigated the generality of the adversarial attack across different image classification models. |
| format | Online Article Text |
| id | pubmed-9147429 |
| institution | National Center for Biotechnology Information |
| language | English |
| publishDate | 2022 |
| publisher | MDPI |
| record_format | MEDLINE/PubMed |
| spelling | pubmed-91474292022-05-29 Surreptitious Adversarial Examples through Functioning QR Code Chindaudom, Aran Siritanawan, Prarinya Sumongkayothin, Karin Kotani, Kazunori J Imaging Article The continuous advances in the technology of Convolutional Neural Network (CNN) and Deep Learning have been applied to facilitate various tasks of human life. However, security risks of the users’ information and privacy have been increasing rapidly due to the models’ vulnerabilities. We have developed a novel method of adversarial attack that can conceal its intent from human intuition through the use of a modified QR code. The modified QR code can be consistently scanned with a reader while retaining adversarial efficacy against image classification models. The QR adversarial patch was created and embedded into an input image to generate adversarial examples, which were trained against CNN image classification models. Experiments were performed to investigate the trade-off in different patch shapes and find the patch’s optimal balance of scannability and adversarial efficacy. Furthermore, we have investigated whether particular classes of images are more resistant or vulnerable to the adversarial QR attack, and we also investigated the generality of the adversarial attack across different image classification models. MDPI 2022-04-22 /pmc/articles/PMC9147429/ /pubmed/35621886 http://dx.doi.org/10.3390/jimaging8050122 Text en © 2022 by the authors. https://creativecommons.org/licenses/by/4.0/Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/). |
| spellingShingle | Article Chindaudom, Aran Siritanawan, Prarinya Sumongkayothin, Karin Kotani, Kazunori Surreptitious Adversarial Examples through Functioning QR Code |
| title | Surreptitious Adversarial Examples through Functioning QR Code |
| title_full | Surreptitious Adversarial Examples through Functioning QR Code |
| title_fullStr | Surreptitious Adversarial Examples through Functioning QR Code |
| title_full_unstemmed | Surreptitious Adversarial Examples through Functioning QR Code |
| title_short | Surreptitious Adversarial Examples through Functioning QR Code |
| title_sort | surreptitious adversarial examples through functioning qr code |
| topic | Article |
| url | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9147429/ https://www.ncbi.nlm.nih.gov/pubmed/35621886 http://dx.doi.org/10.3390/jimaging8050122 |
| work_keys_str_mv | AT chindaudomaran surreptitiousadversarialexamplesthroughfunctioningqrcode AT siritanawanprarinya surreptitiousadversarialexamplesthroughfunctioningqrcode AT sumongkayothinkarin surreptitiousadversarialexamplesthroughfunctioningqrcode AT kotanikazunori surreptitiousadversarialexamplesthroughfunctioningqrcode |