Towards Transferable Adversarial Attacks with Centralized Perturbation

no code implementations • 11 Dec 2023 • Shangbo Wu, Yu-an Tan, Yajie Wang, Ruinan Ma, Wencong Ma, Yuanzhang Li

To this end, we propose a transferable adversarial attack with fine-grained perturbation optimization in the frequency domain, creating centralized perturbation.

Adversarial Attack

Unified High-binding Watermark for Unconditional Image Generation Models

no code implementations • 14 Oct 2023 • Ruinan Ma, Yu-an Tan, Shangbo Wu, Tian Chen, Yajie Wang, Yuanzhang Li

In the first stage, we use an encoder to invisibly write the watermark image into the output images of the original AIGC tool, and reversely extract the watermark image through the corresponding decoder.

Image Generation Unconditional Image Generation

Artificial Intelligence Security Competition (AISC)

no code implementations • 7 Dec 2022 • Yinpeng Dong, Peng Chen, Senyou Deng, Lianji L, Yi Sun, Hanyu Zhao, Jiaxing Li, Yunteng Tan, Xinyu Liu, Yangyi Dong, Enhui Xu, Jincai Xu, Shu Xu, Xuelin Fu, Changfeng Sun, Haoliang Han, Xuchong Zhang, Shen Chen, Zhimin Sun, Junyi Cao, Taiping Yao, Shouhong Ding, Yu Wu, Jian Lin, Tianpeng Wu, Ye Wang, Yu Fu, Lin Feng, Kangkang Gao, Zeyu Liu, Yuanzhe Pang, Chengqi Duan, Huipeng Zhou, Yajie Wang, Yuhang Zhao, Shangbo Wu, Haoran Lyu, Zhiyu Lin, YiFei Gao, Shuang Li, Haonan Wang, Jitao Sang, Chen Ma, Junhao Zheng, Yijia Li, Chao Shen, Chenhao Lin, Zhichao Cui, Guoshuai Liu, Huafeng Shi, Kun Hu, Mengxin Zhang

The security of artificial intelligence (AI) is an important research area towards safe, reliable, and trustworthy AI systems.

Autonomous Driving Face Recognition +1

Enhancing Clean Label Backdoor Attack with Two-phase Specific Triggers

no code implementations • 10 Jun 2022 • Nan Luo, Yuanzhang Li, Yajie Wang, Shangbo Wu, Yu-an Tan, Quanxin Zhang

Clean-label settings make the attack more stealthy due to the correct image-label pairs, but some problems still exist: first, traditional methods for poisoning training data are ineffective; second, traditional triggers are not stealthy which are still perceptible.

Backdoor Attack backdoor defense +1

Improving the Transferability of Adversarial Examples with Restructure Embedded Patches

1 code implementation • 27 Apr 2022 • Huipeng Zhou, Yu-an Tan, Yajie Wang, Haoran Lyu, Shangbo Wu, Yuanzhang Li

We attack the unique self-attention mechanism in ViTs by restructuring the embedded patches of the input.

Specificity

Demiguise Attack: Crafting Invisible Semantic Adversarial Perturbations with Perceptual Similarity

no code implementations • 3 Jul 2021 • Yajie Wang, Shangbo Wu, Wenyi Jiang, Shengang Hao, Yu-an Tan, Quanxin Zhang

Deep neural networks (DNNs) have been found to be vulnerable to adversarial examples.