Search Results for author:
Found 14 papers, 0 papers with code
FaceCat: Enhancing Face Recognition Security with a Unified Generative Model Framework
Motivated by the rich structural and detailed features of face generative models, we propose FaceCat which utilizes the face generative model as a pre-trained model to improve the performance of FAS and FAD.
Fragile Model Watermark for integrity protection: leveraging boundary volatility and sensitive sample-pairing
Neural networks have increasingly influenced people's lives.
Adaptive White-Box Watermarking with Self-Mutual Check Parameters in Deep Neural Networks
Fragile watermarking is a technique used to identify tampering in AI models.
AdvFAS: A robust face anti-spoofing framework against adversarial examples
Ensuring the reliability of face recognition systems against presentation attacks necessitates the deployment of face anti-spoofing techniques.
Decision-based iterative fragile watermarking for model integrity verification
Our method has some advantages: (1) the iterative update of samples is done in a decision-based black-box manner, relying solely on the predicted probability distribution of the target model, which reduces the risk of exposure to adversarial attacks, (2) the small-amplitude multiple iterations approach allows the fragile samples to perform well visually, with a PSNR of 55 dB in TinyImageNet compared to the original samples, (3) even with changes in the overall parameters of the model of magnitude 1e-4, the fragile samples can detect such changes, and (4) the method is independent of the specific model structure and dataset.
Adversarial Examples Detection with Enhanced Image Difference Features based on Local Histogram Equalization
However, numerous studies have proven that previous methods create detection or defense against certain attacks, which renders the method ineffective in the face of the latest unknown attack methods.
Adversarial Example Defense via Perturbation Grading Strategy
In addition, the proposed method does not modify any task model, which can be used as a preprocessing module, which significantly reduces the deployment cost in practical applications.
Neural network fragile watermarking with no model performance degradation
In the process of watermarking, we train a generative model with the specific loss function and secret key to generate triggers that are sensitive to the fine-tuning of the target classifier.
Universal adversarial perturbation for remote sensing images
Firstly, the former is used to generate the UAP, which can learn the distribution of perturbations better, and then the latter is used to find the sensitive regions concerned by the RSI classification model.
Reversible Attack based on Local Visual Adversarial Perturbation
Adding perturbations to images can mislead classification models to produce incorrect results.
PICA: A Pixel Correlation-based Attentional Black-box Adversarial Attack
The studies on black-box adversarial attacks have become increasingly prevalent due to the intractable acquisition of the structural knowledge of deep neural networks (DNNs).
Attention-Guided Black-box Adversarial Attacks with Large-Scale Multiobjective Evolutionary Optimization
In this paper, we propose an attention-guided black-box adversarial attack based on the large-scale multiobjective evolutionary optimization, termed as LMOA.
Reversible Adversarial Attack based on Reversible Image Transformation
In order to prevent illegal or unauthorized access of image data such as human faces and ensure legitimate users can use authorization-protected data, reversible adversarial attack technique is rise.
An Efficient Pre-processing Method to Eliminate Adversarial Effects
Deep Neural Networks (DNNs) are vulnerable to adversarial examples generated by imposing subtle perturbations to inputs that lead a model to predict incorrect outputs.
