This paper proposes an image generation attack that targets image scaling algorithms. The attack aims to 1) modify an image A to appear as image B when A is resized, and 2) introduce minimal distortions such that the attacked image still resembles A. The attack is model-agnostic, as it can target any model using a particular scaling framework and function. The paper develops an optimization approach to craft perturbed images that appear as a target when resized, and demonstrates successful attacks against commercial cloud vision APIs. Potential applications include data poisoning, evasion attacks, and fraud. Detection methods like color histograms may help identify such attacked images.
The Image Panorama is a technique of stitching more images to create a more broader view which our normal eye does in a wider angle rather than that of the view which is restricted by the camera
Chen, X., & He, K. (2021). Exploring Simple Siamese Representation Learning. In Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition (pp. 15750-15758).
Image Completion using Planar Structure Guidance (SIGGRAPH 2014)Jia-Bin Huang
We propose a method for automatically guiding patch-based image completion using mid-level structural cues. Our method first estimates planar projection parameters, softly segments the known region into planes, and discovers translational regularity within these planes. This information is then converted into soft constraints for the low-level completion algorithm by defining prior probabilities for patch offsets and transformations. Our method handles multiple planes, and in the absence of any detected planes falls back to a baseline fronto-parallel image completion algorithm. We validate our technique through extensive comparisons with state-of-the-art algorithms on a variety of scenes.
Project page: https://sites.google.com/site/jbhuang0604/publications/struct_completion
The Image Panorama is a technique of stitching more images to create a more broader view which our normal eye does in a wider angle rather than that of the view which is restricted by the camera
Chen, X., & He, K. (2021). Exploring Simple Siamese Representation Learning. In Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition (pp. 15750-15758).
Image Completion using Planar Structure Guidance (SIGGRAPH 2014)Jia-Bin Huang
We propose a method for automatically guiding patch-based image completion using mid-level structural cues. Our method first estimates planar projection parameters, softly segments the known region into planes, and discovers translational regularity within these planes. This information is then converted into soft constraints for the low-level completion algorithm by defining prior probabilities for patch offsets and transformations. Our method handles multiple planes, and in the absence of any detected planes falls back to a baseline fronto-parallel image completion algorithm. We validate our technique through extensive comparisons with state-of-the-art algorithms on a variety of scenes.
Project page: https://sites.google.com/site/jbhuang0604/publications/struct_completion
Digital image processing Tool presentationdikshabehl5392
The development of this image processing software will help editing process to be done effectively. It requires less space on hard disk; emphasizing only on the crucial image processing functions and the executable program will take less space.
Faire de la reconnaissance d'images avec le Deep Learning - Cristina & Pierre...Jedha Bootcamp
Reconnaissance de visages sur vos photos Facebook, détection de maladies via imagerie médicale, les applications de la reconnaissance d'images grâce à l'intelligence artificielle offrent de vastes possibilités. Lors de cet événement, Cristina & Pierre - Machine Learning Engineers chez Photobox - vous feront une démonstration des outils de reconnaissance d'images via ces algorithmes de Deep Learning.
An overview of gradient descent optimization algorithms Hakky St
勾配降下法についての論文をスライドにしたものです。
This is the slide for study meeting of gradient descent.
I use this paper and this is very good information about gradient descent.
https://arxiv.org/abs/1609.04747
This paper will discuss the implementation of the following methods :
-Local color correction
-Simplest color balance
-Screened Poisson Equation for Image Contrast Enhancement
This presentation describes briefly about the image enhancement in spatial domain, basic gray level transformation, histogram processing, enhancement using arithmetic/ logical operation, basics of spatial filtering and local enhancements.
Super resolution in deep learning era - Jaejun YooJaeJun Yoo
Abstract (Eng/Kor):
Image restoration (IR) is one of the fundamental problems, which includes denoising, deblurring, super-resolution, etc. Among those, in today's talk, I will more focus on the super-resolution task. There are two main streams in the super-resolution studies; a traditional model-based optimization and a discriminative learning method. I will present the pros and cons of both methods and their recent developments in the research field. Finally, I will provide a mathematical view that explains both methods in a single holistic framework, while achieving the best of both worlds. The last slide summarizes the remaining problems that are yet to be solved in the field.
영상 복원(Image restoration, IR)은 low-level vision에서 매우 중요하게 다루는 근본적인 문제 중 하나로서 denoising, deblurring, super-resolution 등의 다양한 영상 처리 문제를 포괄합니다. 오늘 발표에서는 영상 복원 분야 중에서도 super-resolution 문제에 대해 집중적으로 다루겠습니다. 전통적인 model-based optimization 방식과 deep learning을 적용하여 문제를 푸는 방식에 대해, 각각의 장단점과 최신 연구 발전 흐름을 소개하겠습니다. 마지막으로는 이 둘을 하나로 잇는 통일된 관점을 제시하고 관련 연구들 살펴본 후, super-resolution 분야에서 아직 남아있는 문제점들을 정리하겠습니다.
Digital image is a Cartesian coordinate system of discrete rows and columns.
Often the improvement is to make the image better looking, by
increasing the intensity or contrast.
NIT Silchar ML Hackathon 2019 Session on Computer Vision with Deep Learning.
Targeted Audience: Pre-requisite: Basic knowledge on Machine Learning and Deep Learning
Digital image processing Tool presentationdikshabehl5392
The development of this image processing software will help editing process to be done effectively. It requires less space on hard disk; emphasizing only on the crucial image processing functions and the executable program will take less space.
Faire de la reconnaissance d'images avec le Deep Learning - Cristina & Pierre...Jedha Bootcamp
Reconnaissance de visages sur vos photos Facebook, détection de maladies via imagerie médicale, les applications de la reconnaissance d'images grâce à l'intelligence artificielle offrent de vastes possibilités. Lors de cet événement, Cristina & Pierre - Machine Learning Engineers chez Photobox - vous feront une démonstration des outils de reconnaissance d'images via ces algorithmes de Deep Learning.
An overview of gradient descent optimization algorithms Hakky St
勾配降下法についての論文をスライドにしたものです。
This is the slide for study meeting of gradient descent.
I use this paper and this is very good information about gradient descent.
https://arxiv.org/abs/1609.04747
This paper will discuss the implementation of the following methods :
-Local color correction
-Simplest color balance
-Screened Poisson Equation for Image Contrast Enhancement
This presentation describes briefly about the image enhancement in spatial domain, basic gray level transformation, histogram processing, enhancement using arithmetic/ logical operation, basics of spatial filtering and local enhancements.
Super resolution in deep learning era - Jaejun YooJaeJun Yoo
Abstract (Eng/Kor):
Image restoration (IR) is one of the fundamental problems, which includes denoising, deblurring, super-resolution, etc. Among those, in today's talk, I will more focus on the super-resolution task. There are two main streams in the super-resolution studies; a traditional model-based optimization and a discriminative learning method. I will present the pros and cons of both methods and their recent developments in the research field. Finally, I will provide a mathematical view that explains both methods in a single holistic framework, while achieving the best of both worlds. The last slide summarizes the remaining problems that are yet to be solved in the field.
영상 복원(Image restoration, IR)은 low-level vision에서 매우 중요하게 다루는 근본적인 문제 중 하나로서 denoising, deblurring, super-resolution 등의 다양한 영상 처리 문제를 포괄합니다. 오늘 발표에서는 영상 복원 분야 중에서도 super-resolution 문제에 대해 집중적으로 다루겠습니다. 전통적인 model-based optimization 방식과 deep learning을 적용하여 문제를 푸는 방식에 대해, 각각의 장단점과 최신 연구 발전 흐름을 소개하겠습니다. 마지막으로는 이 둘을 하나로 잇는 통일된 관점을 제시하고 관련 연구들 살펴본 후, super-resolution 분야에서 아직 남아있는 문제점들을 정리하겠습니다.
Digital image is a Cartesian coordinate system of discrete rows and columns.
Often the improvement is to make the image better looking, by
increasing the intensity or contrast.
NIT Silchar ML Hackathon 2019 Session on Computer Vision with Deep Learning.
Targeted Audience: Pre-requisite: Basic knowledge on Machine Learning and Deep Learning
YU CS Summer 2021 Project | TensorFlow Street Image Classification and Object...JacobSilbiger1
YU CS Summer 2021 Project | TensorFlow Street Image Classification and Object Detection Model
By: Nissim Cantor, Avi Radinsky, Jacob Silbiger
Github: https://github.com/ndcantor/tensorflow-street-classifier
Demo: https://www.youtube.com/watch?v=ItXdPJ3okMo
Image De-Noising Using Deep Neural Networkaciijournal
Deep neural network as a part of deep learning algorithm is a state-of-the-art approach to find higher level
representations of input data which has been introduced to many practical and challenging learning
problems successfully. The primary goal of deep learning is to use large data to help solving a given task
on machine learning. We propose an methodology for image de-noising project defined by this model and
conduct training a large image database to get the experimental output. The result shows the robustness
and efficient our our algorithm.
Image De-Noising Using Deep Neural Networkaciijournal
Deep neural network as a part of deep learning algorithm is a state-of-the-art approach to find higher level representations of input data which has been introduced to many practical and challenging learning problems successfully. The primary goal of deep learning is to use large data to help solving a given task on machine learning. We propose an methodology for image de-noising project defined by this model and conduct training a large image database to get the experimental output. The result shows the robustness and efficient our our algorithm.
IMAGE DE-NOISING USING DEEP NEURAL NETWORKaciijournal
Deep neural network as a part of deep learning algorithm is a state-of-the-art approach to find higher level representations of input data which has been introduced to many practical and challenging learning problems successfully. The primary goal of deep learning is to use large data to help solving a given task
on machine learning. We propose an methodology for image de-noising project defined by this model and conduct training a large image database to get the experimental output. The result shows the robustness and efficient our our algorithm.
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
The Metaverse and AI: how can decision-makers harness the Metaverse for their...Jen Stirrup
The Metaverse is popularized in science fiction, and now it is becoming closer to being a part of our daily lives through the use of social media and shopping companies. How can businesses survive in a world where Artificial Intelligence is becoming the present as well as the future of technology, and how does the Metaverse fit into business strategy when futurist ideas are developing into reality at accelerated rates? How do we do this when our data isn't up to scratch? How can we move towards success with our data so we are set up for the Metaverse when it arrives?
How can you help your company evolve, adapt, and succeed using Artificial Intelligence and the Metaverse to stay ahead of the competition? What are the potential issues, complications, and benefits that these technologies could bring to us and our organizations? In this session, Jen Stirrup will explain how to start thinking about these technologies as an organisation.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
2. TL DR
• This paper suggests image generation algorithm to form as convex optimization
to attack image scaling function. The objective of attack is
1. Make image 𝐴 to 𝐵 when the 𝐴 is resized.
2. The distortion should be small enough that attack image should be almost looks
like 𝐴
• By this, we can assure that this attack is model-free. You can attack any model
that is using certain frame work and certain scaling function. And scaling
function is used in any code line
• They suggests effective querying process to reveal Cloud Vision API provider’s
scaling size
3. Prerequisite
What is scaling?
• Scaling function is resizing function that make input
image to match specific shape.
• Deep learning model is basically matrix calculation.
So we should make our input static (solid shape)
4. Prerequisite
Inconsistency in DL model input shape and camera size
Basic Camera resolution chart Deep learning model input shape
Image scaling function is essential to every deep learning model.
5. Prerequisite
Interpolation and sampling
Bilinear interpolation
Interpolation: A type of estimation, a method of
constructing new data points within the range of a
discrete set of known data points. [Inter + pole]
Linear InterpolationGiven set Spline Interpolation
6. Prerequisite
Interpolation and sampling
Sampling: sampling is the reduction of a
continuous-time signal to a discrete-time signal
Bit depth : Quantization of input signal
Sampling rate : Quantization of time segment
7. Prerequisite
The Nyquist theorem specifies that a sinusoidal function in time or
distance can be regenerated with no loss of information as long as it is
sampled at a frequency greater than or equal to twice per cycle.
Alias and Nyquist Theorem
Nyquist Theorem
8. Prerequisite
Nyquist Theorem
Let’s suppose that pixel values are the discrete signal.
When we scale down the input image, we have not sufficient information of original image
value. To prevent aliasing artifacts, we must use filter to erase the aliasing artifacts.
Without optical low-pass filter With optical low-pass filterWithout optical low-pass filter
9. Prerequisite conclusion
1. Pixels are discrete signal.
2. We need filter with coefficient to scale down the image.
3. Scaling the image can be considered at data under-sampling
4. Due to physical limitations, scaling is used almost every deep
learning model.
10. Main subject
1. Background
• A lot of DL Framework provide
their own image resize
method.
• Order of interpolation is
Horizonal to vertical.(element
wise to channel-wise)
11. Main subject
1. Background
• Even though you are not using
resize function, somewhere in
the framework might inferring
the resize function.
12. Main subject
2. Objective
• The objective of this goal is map
the perturbations on Source
image that after scaling function
𝑆𝑐𝑎𝑙𝑒𝐹𝑢𝑛𝑐(𝑥) , the attack image
turns into target image.
𝑆𝑐𝑎𝑙𝑒𝐹𝑢𝑛𝑐(𝑥)
Source Image
Attack Image Target Image
𝑆𝑐𝑎𝑙𝑒𝐹𝑢𝑛𝑐(𝑥)
Source Image
Attack Image Target image
13. Main subject
3. Taxonomy
• Source image (𝑆 𝑚∗𝑛): the image that an
attacker wants the attack image to look like
• Attack image (𝐴 𝑚∗𝑛): the crafted image
eventually created and fed to the scaling
function
• Output image (𝐷 𝑚′∗𝑛′): the output image of
the scaling function
• Target image (𝑇 𝑚′∗𝑛′): the image that the
attacker wants the outImg to look like
• Scale function (ScaleFunc): The scaling function
of image.
𝑆 𝑚∗𝑛 + ∆1 = 𝐴 𝑚∗𝑛
∆1 = 𝐴 𝑚∗𝑛- 𝑆 𝑚∗𝑛
∆2 = 𝐷 𝑚′∗𝑛′ - 𝑇 𝑚′∗𝑛′
14. Main subject
4. Attack method
• Strong attack form: we KNOW the source image
that wants to make it to attack image
• Weak attack: we DON’T know the source image
that wants to make it to attack image.
Unknown +
Example output image
=
15. Main subject
4.1 Strong attack form
• Strong attack form: we KNOW the source image
that wants to make it to attack image
• Weak attack: we DON’T know the source image
that wants to make it to attack image.
Objective function: min(| 𝐴 𝑚∗𝑛− 𝑆 𝑚∗𝑛 |2
)
Constraints: ||𝑇 𝑚′∗𝑛′ - 𝐷 𝑚′∗𝑛′||∞ ≤ 𝜀 ∗ 𝐼𝑁 𝑚𝑎𝑥
16. Main subject
4.1 Coefficient analysis
• As we said before, we need filter matrix to
resize not to alias the image.
• And because of overlapping in filter
matrix(like CNN) we need to calculate
separately to make perturbation
18. Main subject
4.3 Strong attack form
• Constraints is a upper boundary of pixel
value(Constant function). So this constraints is
Linear.
• By that, we can calculate this as a convex form
Objective function: min(| 𝐴 𝑚∗𝑛− 𝑆 𝑚∗𝑛 |2
)
Constraints: ||𝑇 𝑚′∗𝑛′ - 𝐷 𝑚′∗𝑛′||∞ ≤ 𝜀 ∗ 𝐼𝑁 𝑚𝑎𝑥
WLOG
19. Main subject
4.4 Strong attack form algorithm analysis
• Decomposition into sub matrix problem.
20. Main subject
4.5 Cloud inference attack(black box)
• We have to know the exact size of
cloud DL model input size.
• inferring model image serach space is
𝑂 𝑁4
= (𝑃𝑎𝑘𝑐𝑎𝑔𝑒 ∗
𝑆𝑐𝑎𝑙𝑖𝑛𝑔 𝑚𝑒𝑡ℎ𝑜𝑑 ∗ ℎ𝑒𝑖𝑔ℎ𝑡 ∗ 𝑤𝑖𝑑𝑡ℎ)
setting range[201,300] in H, W
Infer different class by k times at the same
time (k=4)
21. Main subject
5.1 Result
• Attack target: Azure, Baidu, Aliyun, Tencent
• Testing Dataset: 935 (Crafted)
Class except Sheep or sheep-like animal
Set as 800*600 image
𝜀 = 0.01
Target = Sheep
• Baidu , Aliyun ,Tencent got 100% success ratio
where as Azuzre is more complex
• CDF(cumulative distribution function) shows
that Tag and description is successfully attacked
by this algorithm.
23. Main subject
5.2 Possible attack scenario
• Data poisoning on database.
• Detection evasion and Cloaking on CNN
based deep learning models.
• Fraud by Leveraging Inconsistencies
between Displays. (ex mobile)
24. Main subject
5.3 Detection of attack
• Color-histogram-based Detection
• Color-scattering-based Detection
25. Conclusion
6. Pros
• This attack is model-free attack. It means
that we can use this attack in any situation
(not only limited in Deep learning)
• This attack is more light-weight than
adversarial attack by deep learning.
• Attack success ratio & confidence is high.
6. Cons
• If the model do not use the resize method(such
as yolo based object detection). It cannot be
successful.
• Only can be applied on smaller attack image
• The perturbations are easily recognizable by
human. The key of this kind of attack is should
be out of human-eye. You can easily recognize
that this image is somewhat wrong.
Editor's Notes
So image scaling is basically a interpolation between the adjacent pixel matrix.
Gaussian process 도 있지만 we will skip that.
So what is sampling? We know sampling in statistical way. It is almost same semantic meaning in Signal processing area. We cannot know continuous values so we split the each time line (called sampling rate) and represent the signal amplitude(진폭) Let’s think
If we are digging this part too far, we will be buried at mathematical equations so let me just brifly go over this.
If we decompose the signal into really small time, we can see this kind of sin graph. But if our sampling rate
So what is sampling? We know sampling in statistical way. It is almost same semantic meaning in Signal processing area. We cannot know continuous values so we split the each time line (called sampling rate) and represent the signal amplitude(진폭)
So what is sampling? We know sampling in statistical way. It is almost same semantic meaning in Signal processing area. We cannot know continuous values so we split the each time line (called sampling rate) and represent the signal amplitude(진폭)