• English
    • français
  • Help
  •  | 
  • Contact
  •  | 
  • About
  •  | 
  • Login
  • HAL portal
  •  | 
  • Pages Pro
  • EN
  •  / 
  • FR
View Item 
  •   LillOA Home
  • Liste des unités
  • Centre de Recherche en Informatique, Signal et Automatique de Lille (CRIStAL) - UMR 9189
  • View Item
  •   LillOA Home
  • Liste des unités
  • Centre de Recherche en Informatique, Signal et Automatique de Lille (CRIStAL) - UMR 9189
  • View Item
JavaScript is disabled for your browser. Some features of this site may not work without it.

What if Adversarial Samples were Digital Images?
  • BibTeX
  • CSV
  • Excel
  • RIS

Document type :
Communication dans un congrès avec actes
DOI :
10.1145/3369412.3395062
Title :
What if Adversarial Samples were Digital Images?
Author(s) :
Bonnet, Benoît [Auteur]
Creating and exploiting explicit links between multimedia fragments [LinkMedia]
Furon, Teddy [Auteur]
Creating and exploiting explicit links between multimedia fragments [LinkMedia]
Bas, Patrick [Auteur] refId
Centre de Recherche en Informatique, Signal et Automatique de Lille - UMR 9189 [CRIStAL]
Conference title :
IH&MMSEC 2020 - 8th ACM Workshop on Information Hiding and Multimedia Security
City :
Denver
Country :
France
Start date of the conference :
2020-06-22
Journal title :
IH&MMSec '20: Proceedings of the 2020 ACM Workshop on Information Hiding and Multimedia Security
Publisher :
ACM
English keyword(s) :
Image classification
adversarial samples
neural networks
HAL domain(s) :
Sciences de l'ingénieur [physics]/Traitement du signal et de l'image [eess.SP]
Informatique [cs]/Cryptographie et sécurité [cs.CR]
English abstract : [en]
Although adversarial sampling is a trendy topic in computer vision , very few works consider the integral constraint: The result of the attack is a digital image whose pixel values are integers. This is not an issue at ...
Show more >
Although adversarial sampling is a trendy topic in computer vision , very few works consider the integral constraint: The result of the attack is a digital image whose pixel values are integers. This is not an issue at first sight since applying a rounding after forging an adversarial sample trivially does the job. Yet, this paper shows theoretically and experimentally that this operation has a big impact. The adversarial perturbations are fragile signals whose quantization destroys its ability to delude an image classifier. This paper presents a new quantization mechanism which preserves the adversariality of the perturbation. Its application outcomes to a new look at the lessons learnt in adversarial sampling.Show less >
Language :
Anglais
Peer reviewed article :
Oui
Audience :
Internationale
Popular science :
Non
ANR Project :
Sécurité de l'Intelligence Artificielle pour des Applications Défense
Collections :
  • Centre de Recherche en Informatique, Signal et Automatique de Lille (CRIStAL) - UMR 9189
Source :
Harvested from HAL
Files
Thumbnail
  • https://hal.archives-ouvertes.fr/hal-02553006v2/document
  • Open access
  • Access the document
Thumbnail
  • https://hal.archives-ouvertes.fr/hal-02553006v2/document
  • Open access
  • Access the document
Thumbnail
  • https://hal.archives-ouvertes.fr/hal-02553006v2/document
  • Open access
  • Access the document
Université de Lille

Mentions légales
Université de Lille © 2017