COOKIES: By using this website you agree that we can place Google Analytics Cookies on your device for performance monitoring. |
University of Cambridge > Talks.cam > Computer Laboratory Security Seminar > Human-producible Adversarial Examples
Human-producible Adversarial ExamplesAdd to your list(s) Download to your calendar using vCal
If you have a question about this talk, please contact Hridoy Sankar Dutta. Visual adversarial examples have so far been restricted to pixel-level image manipulations in the digital world or have required sophisticated equipment such as 2D or 3D printers to be produced in the physical real world. We present the first ever method of generating human-producible adversarial examples for the real world that requires nothing more complicated than a marker pen. We call them adversarial tags. First, building on top of differential rendering, we demonstrate that it is possible to build potent adversarial examples with just lines. We find that by drawing just 4 lines we can disrupt a YOLO -based model in 54.8% of cases; increasing this to 9 lines disrupts 81.8% of the cases tested. Next, we devise an improved method for line placement to be invariant to human drawing error. We evaluate our system thoroughly in both digital and analogue worlds and demonstrate that our tags can be applied by untrained humans. We demonstrate the effectiveness of our method for producing real-world adversarial examples by conducting a user study where participants were asked to draw over printed images using digital equivalents as guides. We further evaluate the effectiveness of both targeted and untargeted attacks, and discuss various trade-offs and method limitations, as well as the practical and ethical implications of our work. RECORDING : Please note, this event will be recorded and will be available after the event for an indeterminate period under a CC BY -NC-ND license. Audience members should bear this in mind before joining the webinar or asking questions. This talk is part of the Computer Laboratory Security Seminar series. This talk is included in these lists:
Note that ex-directory lists are not shown. |
Other listsCRISPR Genome Editing Courses Race, Empire and Education Qatar Carbonates and Carbon Storage Research Centre: Status update after three years of fundamental researchOther talksThe Climate Crisis and Atolls in the South Pacific Infinite-dimensional holography: bulk reconstruction, relative entropy, and operator algebra Modelling Airborne Viral Transmission in Enclosed Settings and Comparing Mitigations Central representation of protein availability regulates metabolism and behaviour G I TAYLOR LECTURE - The influence of GI Taylor: granular collapses, viscous gravity currents, explosive eruptions and chemical gardens Gateway |