-
Zero-Query Transfer Attacks on Context-Aware Object Detectors
Authors:
Zikui Cai,
Shantanu Rane,
Alejandro E. Brito,
Chengyu Song,
Srikanth V. Krishnamurthy,
Amit K. Roy-Chowdhury,
M. Salman Asif
Abstract:
Adversarial attacks perturb images such that a deep neural network produces incorrect classification results. A promising approach to defend against adversarial attacks on natural multi-object scenes is to impose a context-consistency check, wherein, if the detected objects are not consistent with an appropriately defined context, then an attack is suspected. Stronger attacks are needed to fool su…
▽ More
Adversarial attacks perturb images such that a deep neural network produces incorrect classification results. A promising approach to defend against adversarial attacks on natural multi-object scenes is to impose a context-consistency check, wherein, if the detected objects are not consistent with an appropriately defined context, then an attack is suspected. Stronger attacks are needed to fool such context-aware detectors. We present the first approach for generating context-consistent adversarial attacks that can evade the context-consistency check of black-box object detectors operating on complex, natural scenes. Unlike many black-box attacks that perform repeated attempts and open themselves to detection, we assume a "zero-query" setting, where the attacker has no knowledge of the classification decisions of the victim system. First, we derive multiple attack plans that assign incorrect labels to victim objects in a context-consistent manner. Then we design and use a novel data structure that we call the perturbation success probability matrix, which enables us to filter the attack plans and choose the one most likely to succeed. This final attack plan is implemented using a perturbation-bounded adversarial attack algorithm. We compare our zero-query attack against a few-query scheme that repeatedly checks if the victim system is fooled. We also compare against state-of-the-art context-agnostic attacks. Against a context-aware defense, the fooling rate of our zero-query approach is significantly higher than context-agnostic approaches and higher than that achievable with up to three rounds of the few-query scheme.
△ Less
Submitted 29 March, 2022;
originally announced March 2022.
-
Validation of Simulation-Based Testing: Bypassing Domain Shift with Label-to-Image Synthesis
Authors:
Julia Rosenzweig,
Eduardo Brito,
Hans-Ulrich Kobialka,
Maram Akila,
Nico M. Schmidt,
Peter Schlicht,
Jan David Schneider,
Fabian Hüger,
Matthias Rottmann,
Sebastian Houben,
Tim Wirtz
Abstract:
Many machine learning applications can benefit from simulated data for systematic validation - in particular if real-life data is difficult to obtain or annotate. However, since simulations are prone to domain shift w.r.t. real-life data, it is crucial to verify the transferability of the obtained results. We propose a novel framework consisting of a generative label-to-image synthesis model toget…
▽ More
Many machine learning applications can benefit from simulated data for systematic validation - in particular if real-life data is difficult to obtain or annotate. However, since simulations are prone to domain shift w.r.t. real-life data, it is crucial to verify the transferability of the obtained results. We propose a novel framework consisting of a generative label-to-image synthesis model together with different transferability measures to inspect to what extent we can transfer testing results of semantic segmentation models from synthetic data to equivalent real-life data. With slight modifications, our approach is extendable to, e.g., general multi-class classification tasks. Grounded on the transferability analysis, our approach additionally allows for extensive testing by incorporating controlled simulations. We validate our approach empirically on a semantic segmentation task on driving scenes. Transferability is tested using correlation analysis of IoU and a learned discriminator. Although the latter can distinguish between real-life and synthetic tests, in the former we observe surprisingly strong correlations of 0.7 for both cars and pedestrians.
△ Less
Submitted 10 June, 2021;
originally announced June 2021.
-
Towards Supervised Extractive Text Summarization via RNN-based Sequence Classification
Authors:
Eduardo Brito,
Max Lübbering,
David Biesner,
Lars Patrick Hillebrand,
Christian Bauckhage
Abstract:
This article briefly explains our submitted approach to the DocEng'19 competition on extractive summarization. We implemented a recurrent neural network based model that learns to classify whether an article's sentence belongs to the corresponding extractive summary or not. We bypass the lack of large annotated news corpora for extractive summarization by generating extractive summaries from abstr…
▽ More
This article briefly explains our submitted approach to the DocEng'19 competition on extractive summarization. We implemented a recurrent neural network based model that learns to classify whether an article's sentence belongs to the corresponding extractive summary or not. We bypass the lack of large annotated news corpora for extractive summarization by generating extractive summaries from abstractive ones, which are available from the CNN corpus.
△ Less
Submitted 13 November, 2019;
originally announced November 2019.
-
Achieving Data Dissemination with Security using FIWARE and Intel Software Guard Extensions (SGX)
Authors:
Dalton Cézane Gomes Valadares,
Matteus Sthefano Leite da Silva,
Andrey Elísio Monteiro Brito,
Ewerton Monteiro Salvador
Abstract:
The Internet of Things (IoT) field has gained much attention from industry and academia, being the main subject for numerous research and development projects. Frequently, the dense amount of generated data from IoT applications is sent to a cloud service, that is responsible for processing and storage. Many of these applications demand security and privacy for their data because of their sensitiv…
▽ More
The Internet of Things (IoT) field has gained much attention from industry and academia, being the main subject for numerous research and development projects. Frequently, the dense amount of generated data from IoT applications is sent to a cloud service, that is responsible for processing and storage. Many of these applications demand security and privacy for their data because of their sensitive nature. This is specially true when such data must be processed in entities hosted in public clouds, where the environment in which applications run may not be trusted. Some concerns are then raised since it is not trivial to provide the needed protection for these sensitive data. We present a solution that considers the security components of FIWARE and the Intel SGX capabilities. FIWARE is a platform created to support the development of Smart Applications, including IoT systems, and SGX is the Intel solution for Trusted Execution Environment (TEE). We propose a new component for key management that, together with other FIWARE components, can be used to provide privacy, confidentiality, and integrity guarantees for IoT data. A case study illustrates how this proposed solution can be employed in a realistic scenario, which allows the dissemination of sensitive data through public clouds without risking privacy issues. The results of the experiments provide evidence that our approach does not harm scalability or availability of the system. In addition, it presents acceptable memory costs when considering the benefit of the privacy guarantees achieved.
△ Less
Submitted 5 June, 2018;
originally announced June 2018.
-
A latent shared-component generative model for real-time disease surveillance using Twitter data
Authors:
Roberto C. S. N. P. Souza,
Denise E. F de Brito,
Renato M. Assunção,
Wagner Meira Jr
Abstract:
Exploiting the large amount of available data for addressing relevant social problems has been one of the key challenges in data mining. Such efforts have been recently named "data science for social good" and attracted the attention of several researchers and institutions. We give a contribution in this objective in this paper considering a difficult public health problem, the timely monitoring o…
▽ More
Exploiting the large amount of available data for addressing relevant social problems has been one of the key challenges in data mining. Such efforts have been recently named "data science for social good" and attracted the attention of several researchers and institutions. We give a contribution in this objective in this paper considering a difficult public health problem, the timely monitoring of dengue epidemics in small geographical areas. We develop a generative simple yet effective model to connect the fluctuations of disease cases and disease-related Twitter posts. We considered a hidden Markov process driving both, the fluctuations in dengue reported cases and the tweets issued in each region. We add a stable but random source of tweets to represent the posts when no disease cases are recorded. The model is learned through a Markov chain Monte Carlo algorithm that produces the posterior distribution of the relevant parameters. Using data from a significant number of large Brazilian towns, we demonstrate empirically that our model is able to predict well the next weeks of the disease counts using the tweets and disease cases jointly.
△ Less
Submitted 20 October, 2015;
originally announced October 2015.