敵対的ノイズとJPEG圧縮由来の歪みの相関を用いた敵対的事例検出の研究

Presentation	2022-05-17 A study of adversarial example detection using the correlation between adversarial noise and JPEG compression-derived distortion Kenta Tsunomori, Yuma Yamasaki, Minoru Kuribayashi, Nobuo Funabiki, Isao Echizen,
PDF Download Page	PDF download Page Link
Abstract(in Japanese)	(See Japanese page)
Abstract(in English)	Adversarial examples cause misclassification of image classifiers. Higashi et al. proposed a method to detect adversarial examples by applying noise reduction filters of different strengths to input images and observing changes in the output of the image classifier. This method used 14 different filters, which was computationally expensive. In this paper, we propose a method that demonstrates high detection accuracy with a small number of filters. Based on Higashi et al.'s report, JPEG compression is considered to be a suitable filter for denoising adversarial noises. In the proposed method, a distortion signal created from the difference of images before and after JPEG compression is used as a denoising filter.
Keyword(in Japanese)	(See Japanese page)
Keyword(in English)	Adversarial examples / Convolutional neural network / JPEG compression / Scaling / JPEG compression-derived distortion
Paper #	IT2022-6,EMM2022-6
Date of Issue	2022-05-10 (IT, EMM)

Conference Information
Committee	IT / EMM
Conference Date	2022/5/17(2days)
Place (in Japanese)	(See Japanese page)
Place (in English)	Gifu University
Topics (in Japanese)	(See Japanese page)
Topics (in English)	Information Security, Information Theory, Information Hiding, etc.
Chair	Tadashi Wadayama(Nagoya Inst. of Tech.) / Ryoichi Nishimura(NICT)
Vice Chair	Tetsuya Kojima(Tokyo Kosen) / Masaaki Fujiyoshi(Tokyo Metropolitan Univ.) / Masatsugu Ichino(Univ. of Electro-Comm.)
Secretary	Tetsuya Kojima(Saitamai Univ.) / Masaaki Fujiyoshi(Yamaguchi Univ.) / Masatsugu Ichino(Utsunomiya Univ.)
Assistant	Masanori Hirotomo(Saga Univ.) / Shoko Imaizumi(Chiba Univ.) / Youichi Takashima(Kaishi Professional Univ.)

Paper Information
Registration To	Technical Committee on Information Theory / Technical Committee on Enriched MultiMedia
Language	JPN
Title (in Japanese)	(See Japanese page)
Sub Title (in Japanese)	(See Japanese page)
Title (in English)	A study of adversarial example detection using the correlation between adversarial noise and JPEG compression-derived distortion
Sub Title (in English)
Keyword(1)	Adversarial examples
Keyword(2)	Convolutional neural network
Keyword(3)	JPEG compression
Keyword(4)	Scaling
Keyword(5)	JPEG compression-derived distortion
1st Author's Name	Kenta Tsunomori
1st Author's Affiliation	Okayama University(Okayama Univ.)
2nd Author's Name	Yuma Yamasaki
2nd Author's Affiliation	Okayama University(Okayama Univ.)
3rd Author's Name	Minoru Kuribayashi
3rd Author's Affiliation	Okayama University(Okayama Univ.)
4th Author's Name	Nobuo Funabiki
4th Author's Affiliation	Okayama University(Okayama Univ.)
5th Author's Name	Isao Echizen
5th Author's Affiliation	National Institute of Informatics(NII)
Date	2022-05-17
Paper #	IT2022-6,EMM2022-6
Volume (vol)	vol.122
Number (no)	IT-25,EMM-26
Page	pp.pp.29-34(IT), pp.29-34(EMM),
#Pages	6
Date of Issue	2022-05-10 (IT, EMM)