DC Field | Value | Language |
---|---|---|
dc.contributor.author | Zhang, Chaoning | ko |
dc.contributor.author | Benz, Philipp | ko |
dc.contributor.author | Karjauv, Adil | ko |
dc.contributor.author | Kweon, In So | ko |
dc.date.accessioned | 2021-10-27T05:30:16Z | - |
dc.date.available | 2021-10-27T05:30:16Z | - |
dc.date.created | 2021-10-27 | - |
dc.date.created | 2021-10-27 | - |
dc.date.issued | 2021-02 | - |
dc.identifier.citation | 35th AAAI Conference on Artificial Intelligence / 33rd Conference on Innovative Applications of Artificial Intelligence / 11th Symposium on Educational Advances in Artificial Intelligence, pp.3296 - 3304 | - |
dc.identifier.issn | 2159-5399 | - |
dc.identifier.uri | http://hdl.handle.net/10203/288342 | - |
dc.description.abstract | The booming interest in adversarial attacks stems from a misalignment between human vision and a deep neural network ( DNN), i.e. a human imperceptible perturbation fools the DNN. Moreover, a single perturbation, often called universal adversarial perturbation (UAP), can be generated to fool the DNN for most images. A similar misalignment phenomenon has also been observed in the deep steganography task, where a decoder network can retrieve a secret image back from a slightly perturbed cover image. We attempt explaining the success of both in a unified manner from the Fourier perspective. We perform task-specific and joint analysis and reveal that (a) frequency is a key factor that influences their performance based on the proposed entropy metric for quantifying the frequency distribution; (b) their success can be attributed to a DNN being highly sensitive to high-frequency content. We also perform feature layer analysis for providing deep insight on model generalization and robustness. Additionally, we propose two new variants of universal perturbations: (1) high-pass UAP (HP-UAP) being less visible to the human eye; (2) Universal Secret Adversarial Perturbation (USAP) that simultaneously achieves attack and hiding. | - |
dc.language | English | - |
dc.publisher | ASSOC ADVANCEMENT ARTIFICIAL INTELLIGENCE | - |
dc.title | Universal Adversarial Perturbations Through the Lens of Deep Steganography: Towards a Fourier Perspective | - |
dc.type | Conference | - |
dc.identifier.wosid | 000680423503045 | - |
dc.identifier.scopusid | 2-s2.0-85129983459 | - |
dc.type.rims | CONF | - |
dc.citation.beginningpage | 3296 | - |
dc.citation.endingpage | 3304 | - |
dc.citation.publicationname | 35th AAAI Conference on Artificial Intelligence / 33rd Conference on Innovative Applications of Artificial Intelligence / 11th Symposium on Educational Advances in Artificial Intelligence | - |
dc.identifier.conferencecountry | US | - |
dc.identifier.conferencelocation | ELECTR NETWORK | - |
dc.contributor.localauthor | Kweon, In So | - |
dc.contributor.nonIdAuthor | Zhang, Chaoning | - |
dc.contributor.nonIdAuthor | Benz, Philipp | - |
dc.contributor.nonIdAuthor | Karjauv, Adil | - |
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.