CubeAgent: Efficient query-based video adversarial examples generation through deep reinforcement learning

IF 3.7 2区计算机科学 Q1 COMPUTER SCIENCE, SOFTWARE ENGINEERING

Journal of Systems and Software Pub Date : 2025-03-19 DOI:10.1016/j.jss.2025.112437

Heyuan Shi , Binqi Zeng , Yu Zhan , Rongkai Liu , Yulin Yang , Li Chen , Chao Hu , Ying Fu

{"title":"CubeAgent: Efficient query-based video adversarial examples generation through deep reinforcement learning","authors":"Heyuan Shi , Binqi Zeng , Yu Zhan , Rongkai Liu , Yulin Yang , Li Chen , Chao Hu , Ying Fu","doi":"10.1016/j.jss.2025.112437","DOIUrl":null,"url":null,"abstract":"<div><div>In commercial deep-learning-based video systems, testers utilize query-based methods to generate adversarial examples (AEs) and effectively uncover system vulnerabilities. The current research has primarily focused on selecting the key perturbation units, such as video patches, keyframes, and combinations of keyframes and regions, to add adversarial perturbation and generate AEs. Furthermore, deep reinforcement learning (DRL) frameworks have been utilized to model the results of sequence-based feedback to reduce query numbers. However, considering the pixels of spatial and temporal dimensions separately in the search process results in a large number of queries and intolerable failure rates for video AE generation. This paper proposes a new AEs perturbation unit called the “video cube”, which simultaneously extracts video pixels in neighbor frames and regions. We develop a new DRL framework called “CubeAgent”, which incorporates controllable policy actions for selecting the <em>number</em> and <em>index</em> of key video cubes segmented by time intervals. We conducted exhaustive experiments across diverse video DNN systems, utilizing the UCF101 and JESTER datasets, which conclusively demonstrated that CubeAgent can expedite the generation process by a factor of two, diminishing the average query count from 5,768 to 4,602, representing a 20% reduction, while simultaneously mitigating the average generation failure rate from 9% to 7%. The results show that CubeAgent improves the performance of adversarial example generation while achieving comparable.</div></div>","PeriodicalId":51099,"journal":{"name":"Journal of Systems and Software","volume":"226 ","pages":"Article 112437"},"PeriodicalIF":3.7000,"publicationDate":"2025-03-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Systems and Software","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0164121225001050","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, SOFTWARE ENGINEERING","Score":null,"Total":0}

引用次数: 0

Abstract

In commercial deep-learning-based video systems, testers utilize query-based methods to generate adversarial examples (AEs) and effectively uncover system vulnerabilities. The current research has primarily focused on selecting the key perturbation units, such as video patches, keyframes, and combinations of keyframes and regions, to add adversarial perturbation and generate AEs. Furthermore, deep reinforcement learning (DRL) frameworks have been utilized to model the results of sequence-based feedback to reduce query numbers. However, considering the pixels of spatial and temporal dimensions separately in the search process results in a large number of queries and intolerable failure rates for video AE generation. This paper proposes a new AEs perturbation unit called the “video cube”, which simultaneously extracts video pixels in neighbor frames and regions. We develop a new DRL framework called “CubeAgent”, which incorporates controllable policy actions for selecting the number and index of key video cubes segmented by time intervals. We conducted exhaustive experiments across diverse video DNN systems, utilizing the UCF101 and JESTER datasets, which conclusively demonstrated that CubeAgent can expedite the generation process by a factor of two, diminishing the average query count from 5,768 to 4,602, representing a 20% reduction, while simultaneously mitigating the average generation failure rate from 9% to 7%. The results show that CubeAgent improves the performance of adversarial example generation while achieving comparable.

查看原文本刊更多论文

求助全文

约1分钟内获得全文求助全文

来源期刊

Journal of Systems and Software 工程技术-计算机：理论方法

CiteScore

8.60

自引率

5.70%

发文量

193

审稿时长

16 weeks

期刊介绍： The Journal of Systems and Software publishes papers covering all aspects of software engineering and related hardware-software-systems issues. All articles should include a validation of the idea presented, e.g. through case studies, experiments, or systematic comparisons with other approaches already in practice. Topics of interest include, but are not limited to: •Methods and tools for, and empirical studies on, software requirements, design, architecture, verification and validation, maintenance and evolution •Agile, model-driven, service-oriented, open source and global software development •Approaches for mobile, multiprocessing, real-time, distributed, cloud-based, dependable and virtualized systems •Human factors and management concerns of software development •Data management and big data issues of software systems •Metrics and evaluation, data mining of software development resources •Business and economic aspects of software development processes The journal welcomes state-of-the-art surveys and reports of practical experience for all of these topics.