loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Authors: Amon Soares de Souza 1 ; Andreas Meißner 2 and Michaela Geierhos 1

Affiliations: 1 University of the Bundeswehr Munich, Research Institute CODE, Werner-Heisenberg-Weg 39, 85577 Neubiberg, Germany ; 2 ZITiS, Big Data, Zamdorfer Str. 88, 81677 Munich, Germany

Keyword(s): Adversarial Optimization, Adversarial Attacks, Image Classification.

Abstract: Adversarial image processing attacks aim to strike a fine balance between pattern visibility and target model error. This balance ideally results in a sample that maintains high visual fidelity to the original image, but forces the model to output the target of the attack, and is therefore particularly susceptible to transformations by post-processing such as compression. JPEG compression, which is inherently non-differentiable and an integral part of almost every web application, therefore severely limits the set of possible use cases for attacks. Although differentiable JPEG approximations have been proposed, they (1) have not been extended to the stronger and less perceptible optimization-based attacks, and (2) have been insufficiently evaluated. Constrained adversarial optimization allows for a strong combination of success rate and high visual fidelity to the original sample. We present a novel robust attack based on constrained optimization and an adaptive compression search. W e show that our attack outperforms current robust methods for gradient projection attacks for the same amount of applied perturbation, suggesting a more effective trade-off between perturbation and attack success rate. The code is available here: https://github.com/amonsoes/frcw. (More)

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 3.21.168.253

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Soares de Souza, A., Meißner, A. and Geierhos, M. (2025). Towards JPEG-Compression Invariance for Adversarial Optimization. In Proceedings of the 20th International Joint Conference on Computer Vision, Imaging and Computer Graphics Theory and Applications - Volume 3: VISAPP; ISBN 978-989-758-728-3; ISSN 2184-4321, SciTePress, pages 166-177. DOI: 10.5220/0013300200003912

@conference{visapp25,
author={Amon {Soares de Souza} and Andreas Meißner and Michaela Geierhos},
title={Towards JPEG-Compression Invariance for Adversarial Optimization},
booktitle={Proceedings of the 20th International Joint Conference on Computer Vision, Imaging and Computer Graphics Theory and Applications - Volume 3: VISAPP},
year={2025},
pages={166-177},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0013300200003912},
isbn={978-989-758-728-3},
issn={2184-4321},
}

TY - CONF

JO - Proceedings of the 20th International Joint Conference on Computer Vision, Imaging and Computer Graphics Theory and Applications - Volume 3: VISAPP
TI - Towards JPEG-Compression Invariance for Adversarial Optimization
SN - 978-989-758-728-3
IS - 2184-4321
AU - Soares de Souza, A.
AU - Meißner, A.
AU - Geierhos, M.
PY - 2025
SP - 166
EP - 177
DO - 10.5220/0013300200003912
PB - SciTePress

- Science and Technology Publications, Lda.
RESOURCES

Proceedings

Papers

Authors

Ontology

CONTACTS

Science and Technology Publications, Lda
Avenida de S. Francisco Xavier, Lote 7 Cv. C,
2900-616 Setúbal, Portugal.

Phone: +351 265 520 185 (National fixed network call)
Fax: +351 265 520 186
Email: info@scitepress.org

EXTERNAL LINKS

PRIMORIS

INSTICC

SCITEVENTS

CROSSREF

PROCEEDINGS SUBMITTED FOR INDEXATION BY:

dblp

Ei Compendex

SCOPUS

Semantic Scholar

Google Scholar

Microsoft Academic