人工智能培训

搜索

人工智能教程:基于神经网络约束优化的人脸检测器对抗攻击(Adversarial Attacks on Face Detectors using Neural N

[复制链接]
按梦儿 发表于 2018-6-1 08:44:30 | 显示全部楼层 |阅读模式
按梦儿 2018-6-1 08:44:30 1398 0 显示全部楼层
人工智能教程:基于神经网络约束优化的人脸检测器对抗攻击(Adversarial Attacks on Face Detectors using Neural Net based Constrained  Optimization)对抗性攻击涉及添加小的,往往不可察觉的扰动输入,其目的是使机器学习模型对其错误分类。Adversarial attacks involve adding, small, often imperceptible, perturbationsto inputs with the goal of getting a machine learning model to misclassifyingthem.尽管在图像分类模型中已经提出了许多不同的对抗攻击策略,但是物体检测管线已经非常难以破解。While many different adversarial attack strategies have been proposed onimage classification models, object detection pipelines have been much harderto break.在本文中,我们提出了一种新的策略来制作adversarialexamples通过解决使用adversarialgenerator网络的约束优化问题。In this paper, we propose a novel strategy to craft adversarialexamples by solving a constrained optimization problem using an adversarialgenerator network.我们的方法是快速和可扩展的,只需要通过我们训练过的发生器网络来制作敌对样本即可。与许多攻击策略不同,我们展示了相同的训练发生器可以在不明确优化的情况下攻击新图像。Our approach is fast and scalable, requiring only a forwardpass through our trained generator network to craft an adversarial sample.Unlike in many attack strategies, we show that the same trained generator iscapable of attacking new images without explicitly optimizing on them.在裁剪的300-W人脸数据集中对我们对训练更快的R-CNN人脸检测器的攻击进行评估,我们设法将检测到的人脸数量减少到原始检测到的人脸的0.5美元。Weevaluate our attack on a trained Faster R-CNN face detector on the cropped300-W face dataset where we manage to reduce the number of detected faces to$0.5\%$ of all originally detected faces.在一个不同的实验中,也是在300-W上,我们证明了我们的攻击对基于JPEG压缩的攻击的鲁棒性。典型的JPEG压缩级别为$ 75 \%$,将攻击的有效性从检测到的面孔的$ 0.5 \%$降低到适度的$ 5.0 \ In a different experiment, also on300-W, we demonstrate the robustness of our attack to a JPEG compression baseddefense typical JPEG compression level of $75\%$ reduces the effectiveness ofour attack from only $0.5\%$ of detected faces to a modest $5.0\%$。%$.人工智能教程:基于神经网络约束优化的人脸检测器对抗攻击(Adversarial Attacks on Face Detectors using Neural Net based Constrained  Optimization) hwByj3jmSjmyz3gG.jpg
URL地址:https://arxiv.org/abs/1805.12302     ----pdf下载地址:http://arxiv.org/pdf/1805.12302    ----人工智能教程:基于神经网络约束优化的人脸检测器对抗攻击(Adversarial Attacks on Face Detectors using Neural Net based Constrained  Optimization)
回复

使用道具 举报

您需要登录后才可以回帖 登录 | 立即注册

本版积分规则 返回列表 发新帖

按梦儿当前离线
新手上路

查看:1398 | 回复:0

快速回复 返回顶部 返回列表