ﻻ يوجد ملخص باللغة العربية
Adversarial attacks have proved to be the major impediment in the progress on research towards reliable machine learning solutions. Carefully crafted perturbations, imperceptible to human vision, can be added to images to force misclassification by an otherwise high performing neural network. To have a better understanding of the key contributors of such structured attacks, we searched for and studied spatially co-located patterns in the distribution of pixels in the input space. In this paper, we propose a framework for segregating and isolating regions within an input image which are particularly critical towards either classification (during inference), or adversarial vulnerability or both. We assert that during inference, the trained model looks at a specific region in the image, which we call Region of Importance (RoI); and the attacker looks at a region to alter/modify, which we call Region of Attack (RoA). The success of this approach could also be used to design a post-hoc adversarial defence method, as illustrated by our observations. This uses the notion of blocking out (we call neutralizing) that region of the image which is highly vulnerable to adversarial attacks but is not important for the task of classification. We establish the theoretical setup for formalising the process of segregation, isolation and neutralization and substantiate it through empirical analysis on standard benchmarking datasets. The findings strongly indicate that mapping features into the input space preserves the significant patterns typically observed in the feature-space while adding major interpretability and therefore simplifies potential defensive mechanisms.
When securing complex infrastructures or large environments, constant surveillance of every area is not affordable. To cope with this issue, a common countermeasure is the usage of cheap but wide-ranged sensors, able to detect suspicious events that
Adversarial attacks pose a substantial threat to computer vision system security, but the social media industry constantly faces another form of adversarial attack in which the hackers attempt to upload inappropriate images and fool the automated scr
Correlated ${cal G}$ distributions can be used to describe the clutter seen in images obtained with coherent illumination, as is the case of B-scan ultrasound, laser, sonar and synthetic aperture radar (SAR) imagery. These distributions are derived u
We study how the dynamics of a drying front propagating through a porous medium are affected by small-scale correlations in material properties. For this, we first present drying experiments in micro-fluidic micro-models of porous media. Here, the fl
We present results of numerical and experimental investigation of the electric breakage of a cellular material in pulsed electric fields (PEF). The numerical model simulates the conductive properties of a cellular material by a two-dimensional array