Bedeuro Kim, A. Abuadbba, Yansong Gao, Yifeng Zheng, Muhammad Ejaz Ahmed, S. Nepal, Hyoungshick Kim
{"title":"Decamouflage:一个检测CNN图像缩放攻击的框架","authors":"Bedeuro Kim, A. Abuadbba, Yansong Gao, Yifeng Zheng, Muhammad Ejaz Ahmed, S. Nepal, Hyoungshick Kim","doi":"10.1109/DSN48987.2021.00023","DOIUrl":null,"url":null,"abstract":"Image-scaling is a typical operation that processes the input image before feeding it into convolutional neural network models. However, it is vulnerable to the newly revealed image-scaling attack. This work presents an image-scaling attack detection framework, Decamouflage, consisting of three independent detection methods: scaling, filtering, and steganalysis, to detect the attack through examining distinct image characteristics. Decamouflage has a pre-determined detection threshold that is generic. More precisely, as we have validated, the threshold determined from one dataset is also applicable to other different datasets. Extensive experiments show that Decamouflage achieves detection accuracy of 99.9% and 98.5% in the white-box and the black-box settings, respectively. We also measured its running time overhead on a PC with an Intel i5 CPU and 8GB RAM. The experimental results show that image-scaling attacks can be detected in milliseconds. Moreover, Decamouflage is highly robust against adaptive image-scaling attacks (e.g., attack image size variances).","PeriodicalId":222512,"journal":{"name":"2021 51st Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)","volume":"9 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":"{\"title\":\"Decamouflage: A Framework to Detect Image-Scaling Attacks on CNN\",\"authors\":\"Bedeuro Kim, A. Abuadbba, Yansong Gao, Yifeng Zheng, Muhammad Ejaz Ahmed, S. Nepal, Hyoungshick Kim\",\"doi\":\"10.1109/DSN48987.2021.00023\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Image-scaling is a typical operation that processes the input image before feeding it into convolutional neural network models. However, it is vulnerable to the newly revealed image-scaling attack. This work presents an image-scaling attack detection framework, Decamouflage, consisting of three independent detection methods: scaling, filtering, and steganalysis, to detect the attack through examining distinct image characteristics. Decamouflage has a pre-determined detection threshold that is generic. More precisely, as we have validated, the threshold determined from one dataset is also applicable to other different datasets. Extensive experiments show that Decamouflage achieves detection accuracy of 99.9% and 98.5% in the white-box and the black-box settings, respectively. We also measured its running time overhead on a PC with an Intel i5 CPU and 8GB RAM. The experimental results show that image-scaling attacks can be detected in milliseconds. Moreover, Decamouflage is highly robust against adaptive image-scaling attacks (e.g., attack image size variances).\",\"PeriodicalId\":222512,\"journal\":{\"name\":\"2021 51st Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)\",\"volume\":\"9 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-06-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"7\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2021 51st Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/DSN48987.2021.00023\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 51st Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/DSN48987.2021.00023","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Decamouflage: A Framework to Detect Image-Scaling Attacks on CNN
Image-scaling is a typical operation that processes the input image before feeding it into convolutional neural network models. However, it is vulnerable to the newly revealed image-scaling attack. This work presents an image-scaling attack detection framework, Decamouflage, consisting of three independent detection methods: scaling, filtering, and steganalysis, to detect the attack through examining distinct image characteristics. Decamouflage has a pre-determined detection threshold that is generic. More precisely, as we have validated, the threshold determined from one dataset is also applicable to other different datasets. Extensive experiments show that Decamouflage achieves detection accuracy of 99.9% and 98.5% in the white-box and the black-box settings, respectively. We also measured its running time overhead on a PC with an Intel i5 CPU and 8GB RAM. The experimental results show that image-scaling attacks can be detected in milliseconds. Moreover, Decamouflage is highly robust against adaptive image-scaling attacks (e.g., attack image size variances).
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
