TAE-RWP: Traceable Adversarial Examples With Recoverable Warping Perturbation

IF 5 2区计算机科学 Q1 COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE

International Journal of Intelligent Systems Pub Date : 2024-10-17 DOI:10.1155/2024/6054172

Fan Xing, Xiaoyi Zhou, Hongli Peng, Xuefeng Fan, Wenbao Han, Yuqing Zhang

{"title":"TAE-RWP: Traceable Adversarial Examples With Recoverable Warping Perturbation","authors":"Fan Xing, Xiaoyi Zhou, Hongli Peng, Xuefeng Fan, Wenbao Han, Yuqing Zhang","doi":"10.1155/2024/6054172","DOIUrl":null,"url":null,"abstract":"<div>\n <p>Reversible adversarial example (RAE) is an effective cutting-edge technology for protecting the intellectual property (IP) of datasets. However, existing RAE schemes primarily focus on the adversarial and restoration capabilities of adversarial examples (AE), with little attention paid to traceability, which is crucial for IP protection. This oversight leads to the inability to prevent authorized users from redistributing data, thereby posing significant IP security risks. To address this issue, we propose a novel approach named TAE-RWP, wherein adversarial perturbations in AEs are treated as tools for IP verification. To enable the traceability of AEs, we introduce varying degrees of warping to the adversarial perturbations within the AEs of authorized users, utilizing the warping degree as a traceable feature. To further strengthen traceability, we adopt a technique named “random warping” to maintain the resilience of adversarial perturbations against distortions, and employ a strategy named “noise mode” to improve the verification model’s capacity to recognize distortion features. Experimental results indicate that AEs generated by TAE-RWP exhibit remarkable adversarial strength and restoration abilities, while the verification model demonstrates excellence in recognizing distortion features.</p>\n </div>","PeriodicalId":14089,"journal":{"name":"International Journal of Intelligent Systems","volume":"2024 1","pages":""},"PeriodicalIF":5.0000,"publicationDate":"2024-10-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1155/2024/6054172","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Intelligent Systems","FirstCategoryId":"94","ListUrlMain":"https://onlinelibrary.wiley.com/doi/10.1155/2024/6054172","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE","Score":null,"Total":0}

引用次数: 0

Abstract

Reversible adversarial example (RAE) is an effective cutting-edge technology for protecting the intellectual property (IP) of datasets. However, existing RAE schemes primarily focus on the adversarial and restoration capabilities of adversarial examples (AE), with little attention paid to traceability, which is crucial for IP protection. This oversight leads to the inability to prevent authorized users from redistributing data, thereby posing significant IP security risks. To address this issue, we propose a novel approach named TAE-RWP, wherein adversarial perturbations in AEs are treated as tools for IP verification. To enable the traceability of AEs, we introduce varying degrees of warping to the adversarial perturbations within the AEs of authorized users, utilizing the warping degree as a traceable feature. To further strengthen traceability, we adopt a technique named “random warping” to maintain the resilience of adversarial perturbations against distortions, and employ a strategy named “noise mode” to improve the verification model’s capacity to recognize distortion features. Experimental results indicate that AEs generated by TAE-RWP exhibit remarkable adversarial strength and restoration abilities, while the verification model demonstrates excellence in recognizing distortion features.

Abstract Image

查看原文本刊更多论文

TAE-RWP：具有可恢复翘曲扰动的可追溯对抗示例

可逆对抗范例（RAE）是保护数据集知识产权（IP）的有效前沿技术。然而，现有的可逆对抗示例（RAE）方案主要关注对抗性和对抗性示例（AE）的还原能力，却很少关注对知识产权保护至关重要的可追溯性。这种疏忽导致无法阻止授权用户重新分发数据，从而带来了巨大的知识产权安全风险。为了解决这个问题，我们提出了一种名为 TAE-RWP 的新方法，将 AE 中的对抗性扰动视为知识产权验证的工具。为了实现 AE 的可追溯性，我们在授权用户的 AE 中引入了不同程度的翘曲对抗扰动，利用翘曲程度作为可追溯特征。为了进一步加强可追溯性，我们采用了一种名为 "随机翘曲 "的技术来保持对抗性扰动对扭曲的弹性，并采用了一种名为 "噪声模式 "的策略来提高验证模型识别扭曲特征的能力。实验结果表明，TAE-RWP 生成的 AE 具有出色的对抗强度和修复能力，而验证模型在识别失真特征方面表现出色。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

International Journal of Intelligent Systems 工程技术-计算机：人工智能

CiteScore

11.30

自引率

14.30%

发文量

304

审稿时长

9 months

期刊介绍： The International Journal of Intelligent Systems serves as a forum for individuals interested in tapping into the vast theories based on intelligent systems construction. With its peer-reviewed format, the journal explores several fascinating editorials written by today''s experts in the field. Because new developments are being introduced each day, there''s much to be learned — examination, analysis creation, information retrieval, man–computer interactions, and more. The International Journal of Intelligent Systems uses charts and illustrations to demonstrate these ground-breaking issues, and encourages readers to share their thoughts and experiences.