Defense Against Adversarial Images using Web-Scale Nearest-Neighbor - PowerPoint PPT Presentation

Jan 10, 2024 •357 likes •457 views

Defense Against Adversarial Images using Web-Scale Nearest-Neighbor Search Abhimanyu Dubey, Laurens van der Maaten, I. Zeki Yalniz, Yixuan Li and Dhruv Mahajan Adversarial Images adversarial swan pelican perturbation

Defense Against Adversarial Images using Web-Scale Nearest-Neighbor Search Abhimanyu Dubey, Laurens van der Maaten, I. Zeki Yalniz, Yixuan Li and Dhruv Mahajan
Adversarial Images adversarial “swan” “pelican” perturbation
Nearest—Neighbors Defense • Adversarial perturbations move the input away from the image “manifold”. • KNN Defense : Project the image back on to the manifold. adversarial image clean image nearest neighbors Approximation of manifold by tens of billions of images
Nearest—Neighbors Defense adversarial input “swan” “pelican” KNN web-scale database
Effect of Scale PGD Attack Log-linear relationship.
Comparison with other defenses Attack Type: PGD Model: ResNet-50
KNN Based Attack Separate database available to attacker. Overlap : %-age of images shared between attacker’s and defense database Data obfuscation is a viable defense strategy.
Thank You! Defense Against Adversarial Images using Web-Scale Nearest-Neighbor Search Arxiv: https://arxiv.org/pdf/1903.01612.pdf Poster Session 3.1, Poster #87, 10:00 AM Thursday.

Recommend

Towards Attack-Agnostic Defense for 2D and 3D Recognition Hao Su Workshop on Adversarial Machine

Towards Attack-Agnostic Defense for 2D and 3D Recognition Hao Su Workshop on Adversarial Machine Learning in Real-World Computer Vision Systems Long Beach, CA, USA 1 Outline Background and Motivation Project-based Defense Mechanism

761 views • 72 slides

Adversarial Search Rob Platt Northeastern University Some images and slides are used from: AIMA

Adversarial Search Rob Platt Northeastern University Some images and slides are used from: AIMA CS188 UC Berkeley What is adversarial search? Adversarial search: planning used to play a game such as chess or checkers algorithms are

989 views • 85 slides

Adversarial Search Robert Platt Northeastern University Some images and slides are used from:

Adversarial Search Robert Platt Northeastern University Some images and slides are used from: 1. CS188 UC Berkeley 2. RN, AIMA What is adversarial search? Adversarial search: planning used to play a game such as chess or checkers

1.19k views • 83 slides

On the Defense Against Adversarial Examples Beyond the Visible Spectrum Anthony Ortiz 1 , Olac

On the Defense Against Adversarial Examples Beyond the Visible Spectrum Anthony Ortiz 1 , Olac Fuentes 1 , Dalton Rosario 2 , Christopher Kiekintveld 1 1 Department of Computer Science, UTEP 2 US Army Research Laboratory Adversarial Examples on

460 views • 19 slides

Generative Adversarial Networks Wanyue Li

Generating Fundus Fluorescence Angiography Images from Structure Fundus Images Using Generative Adversarial Networks Wanyue Li (wanyueli93@126.com) University of Science and Technology of China (USTC)

144 views • 10 slides

Distillation as a Defense to Adversarial Perturbations against Deep Neural Networks Nicolas

Distillation as a Defense to Adversarial Perturbations against Deep Neural Networks Nicolas Papernot , Patrick McDaniel, Xi Wu, Somesh Jha, and Ananthram Swami May 24th, 2016 @ 37th IEEE Symposium on Security and Privacy @NicolasPapernot 1 M

1.38k views • 39 slides

Text-Adaptive Generative Adversarial Networks: Manipulating Images with Natural Language

Text-Adaptive Generative Adversarial Networks: Manipulating Images with Natural Language Seonghyeon Nam, Yunji Kim, Seon Joo Kim Dept. of Computer Science, Yonsei University Seoul, South Korea Manipulating Images with Natural Language Icons

193 views • 16 slides

Adversarial Domain Adaptation and Adversarial Robustness Judy Hoffman + = Big Deep success

Adversarial Domain Adaptation and Adversarial Robustness Judy Hoffman + = Big Deep success data learning Benchmark Performance 100 95 Accuracy 90 85 Millions of Images 80 Deep models 75 Challenge to recognize 1000

1.2k views • 60 slides

Mag Net A Two-Pronged Defense against Adversarial Examples Dongyu Meng Hao Chen ShanghaiTech

Mag Net A Two-Pronged Defense against Adversarial Examples Dongyu Meng Hao Chen ShanghaiTech University, China University of California, Davis, USA Neural networks in real-life applications user authentication autonomous

599 views • 30 slides

Defense Against the Dark Arts: An overview of adversarial example security research and future

Defense Against the Dark Arts: An overview of adversarial example security research and future research directions Ian Goodfellow, Sta ff Research Scientist, Google Brain 1st IEEE Deep Learning and Security Workshop, May 24, 2018 This document

726 views • 36 slides

Adversarial Training Attacks on Deep Networks and Generative Adversarial Networks Erkut Erdem

images from Geris Game (Pixar, 1997) Adversarial Training Attacks on Deep Networks and Generative Adversarial Networks Erkut Erdem Aykut Erdem Levent Karacan Computer Vision Lab, Hacettepe University Outline Part 1: Attacks on

1.11k views • 72 slides

Stealthy Porn: Understanding Real-World Adversarial Images for Illicit Online Promotion Yuan, Di

Stealthy Porn: Understanding Real-World Adversarial Images for Illicit Online Promotion Yuan, Di Tang , Xiaojing Liao, XiaoFeng Wang, Xuan Feng, Kan Yi Chen, Menghan Sun, Haoran Lu, Kehuan Zhang A C ASE IN THE W ILD Sexual stream t.cn

492 views • 30 slides

Certified Adversarial Robustness via Randomized Smoothing Jeremy Cohen Elan Rosenfeld

Certified Adversarial Robustness via Randomized Smoothing Jeremy Cohen Elan Rosenfeld Zico Kolter Carnegie Mellon University Introduction We study a certified adversarial defense in " norm which scales to ImageNet

1.5k views • 12 slides

CVPR 2020 Universal Adversarial Attacks Image agnostic and transferable across networks

1 1,4 2,3 2 3 4 1 CVPR 2020 Universal Adversarial Attacks Image agnostic and transferable across networks Adversarial No defense: Baseline DNN perturbation Input image Classification Feature extraction dense Perturbed image

592 views • 6 slides

Physical Adversarial Examples Alex Kurakin Ian Goodfellow Output STOP Machine Learning

Physical Adversarial Examples Alex Kurakin Ian Goodfellow Output STOP Machine Learning Training Examples Hidden units / BICYCLE features CAR PEDESTRIA N Parameters Input ImageNet (Russakovsky et al 2015) Adversarial Examples: Images

369 views • 19 slides

CoDef: Collaborative Defense against Large-Scale Link-Flooding Attacks Soo Bum Lee * , Min Suk

CoDef: Collaborative Defense against Large-Scale Link-Flooding Attacks Soo Bum Lee * , Min Suk Kang , Virgil D. Gligor CyLab, Carnegie Mellon University * Qualcomm Dec. 12, 2013 Large Scale Link-Flooding Attacks Massive DDoS attacks against

487 views • 27 slides

Multi-Channel MR Images PhD Defense Matthias Becker Geneva, September 20, 2016 PhD Director

Efficient Extraction of Musculoskeletal Structures from Multi-Channel MR Images PhD Defense Matthias Becker Geneva, September 20, 2016 PhD Director Prof. Nadia Magnenat Thalmann MIRALab-CUI, University of Geneva Jury members PhD Director

819 views • 58 slides

CloudLeak: Large-Scale Deep Learning Models Stealing Through Adversarial Examples Honggang Yu 1 ,

CloudLeak: Large-Scale Deep Learning Models Stealing Through Adversarial Examples Honggang Yu 1 , Kaichen Yang 1 , Teng Zhang 2 , Yun-Yun Tsai 3 , Tsung-Yi Ho 3 , Yier Jin 1 1 University of Florida, 2 University of Central Florida, 3 National

468 views • 23 slides

Open tools and methods for large scale segmentation of Very High Resolution satellite images

Introduction Data representation and conversion Generic framework for large scale segmentation Pre and post processing Conclusion Open tools and methods for large scale segmentation of Very High Resolution satellite images Julien Michel

592 views • 29 slides

Learn earn CN CNNs Ns fr from om Lar arge ge-scale cale We Web b Im Images ages wi

Learn earn CN CNNs Ns fr from om Lar arge ge-scale cale We Web b Im Images ages wi without hout Hu Human an An Anno notations tations Weilin Huang Malong Technologies Ho How t w to Trai ain a H a High-Perf erfor orma

548 views • 31 slides

Deep Adversarial Learning for NLP 9:00 10:30 Introduction and Adversarial Training, GANs

Deep Adversarial Learning for NLP 9:00 10:30 Introduction and Adversarial Training, GANs William Wang 10:30 11:00 Break - 11:00 12:15 Adversarial Examples Sameer Singh 12:15 12:30 Conclusions and Question Answering William

1.75k views • 105 slides

Adversarial Examples and Adversarial Training Ian Goodfellow, Sta ff Research Scientist, Google

Adversarial Examples and Adversarial Training Ian Goodfellow, Sta ff Research Scientist, Google Brain CS 231n, Stanford University, 2017-05-30 Overview What are adversarial examples? Why do they happen? How can they be used to

866 views • 43 slides

What's next for adversarial ML? (and why ad-blockers should care) Florian Tramr EPFL July 9 th

What's next for adversarial ML? (and why ad-blockers should care) Florian Tramr EPFL July 9 th 2018 Joint work with Gili Rusak, Giancarlo Pellegrino and Dan Boneh The Deep Learning Revolution First they came for images The Deep Learning

703 views • 26 slides

Prasanth Chatarasi PhD Thesis Defense Habanero Extreme Scale Software Research Group School of

ADVANCING COMPILER OPTIMIZATIONS FOR GENERAL-PURPOSE & DOMAIN-SPECIFIC PARALLEL ARCHITECTURES Prasanth Chatarasi PhD Thesis Defense Habanero Extreme Scale Software Research Group School of Computer Science Georgia Institute of Technology

2.32k views • 57 slides