Reversible attack based on local visible adversarial perturbation

Chen, Li and Zhu, Shaowei and Andrew, Abel and Yin, Zhaoxia (2024) Reversible attack based on local visible adversarial perturbation. Multimedia Tools and Applications, 83 (4). pp. 11215-11227. ISSN 1380-7501 (https://doi.org/10.1007/s11042-023-15383-0)

Preview

Text. Filename: Chen_etal_MTA_2023_Reversible_attack_based_on_local_visible_adversarial_perturbation.pdf Accepted Author Manuscript License: Strathprints license 1.0 Download (1MB)| Preview

Abstract

Adding perturbation to images can mislead classification models to produce incorrect results. Based on this, research has exploited adversarial perturbation to protect private images from retrieval by malicious intelligent models. However, adding adversarial perturbation to images destroys the original data, making images useless in digital forensics and other fields. To prevent illegal or unauthorized access to sensitive image data such as human faces without impeding legitimate users, the use of reversible adversarial attack techniques is becoming more widely investigated, where the original image can be recovered from its reversible adversarial examples. However, existing reversible adversarial attack methods are designed for traditional imperceptible adversarial perturbation and ignore the local visible adversarial perturbation. In this paper, we propose a new method for generating reversible adversarial examples based on local visible adversarial perturbation. The information needed for image recovery is embedded into the area beyond the adversarial patch by the reversible data hiding technique. To reduce image distortion, lossless compression and the B-R-G (blue-red-green) embedding principle are adopted. Experiments on CIFAR-10 and ImageNet datasets show that the proposed method can restore the original images error-free while ensuring good attack performance.

ORCID iDs

Andrew, Abel ORCID: https://orcid.org/0000-0002-3631-8753

• Share and Export
  

  RDF+XMLBibTeXRIOXX2 XMLRDF+N-TriplesJSONDublin CoreAtomSimple MetadataReferMETSHTML CitationASCII CitationOpenURL ContextObjectEndNoteOpenURL ContextObject in SpanMODSMPEG-21 DIDLEP3 XMLData Cite XMLRIS (EndNote Online, Zotero, Ref manager, etc)RDF+N3Multiline CSV
• Item metadata

  Item type:	Article
  ID code:	86777
  Dates:	Date Event January 2024 Published 27 June 2023 Published Online 11 April 2023 Accepted
  Subjects:	Science > Mathematics > Electronic computers. Computer science > Other topics, A-Z
  Department:	Faculty of Science > Computer and Information Sciences
  Depositing user:	Pure Administrator
  Date deposited:	27 Sep 2023 11:44
  Last modified:	19 Nov 2024 22:30
  URI:	https://strathprints.strath.ac.uk/id/eprint/86777