Show/Hide Menu
Hide/Show Apps
Logout
Türkçe
Türkçe
Search
Search
Login
Login
OpenMETU
OpenMETU
About
About
Open Science Policy
Open Science Policy
Open Access Guideline
Open Access Guideline
Postgraduate Thesis Guideline
Postgraduate Thesis Guideline
Communities & Collections
Communities & Collections
Help
Help
Frequently Asked Questions
Frequently Asked Questions
Guides
Guides
Thesis submission
Thesis submission
MS without thesis term project submission
MS without thesis term project submission
Publication submission with DOI
Publication submission with DOI
Publication submission
Publication submission
Supporting Information
Supporting Information
General Information
General Information
Copyright, Embargo and License
Copyright, Embargo and License
Contact us
Contact us
Perceptual quality preserving adversarial attacks
Download
index.pdf
Date
2019
Author
Aksoy, Bilgin
Metadata
Show full item record
This work is licensed under a
Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License
.
Item Usage Stats
213
views
95
downloads
Cite This
Deep learning is used in various succesful computer vision applications such as image classification. Deep neural networks (DNN) especially convolutional neural networks have reached above human level accuracy rates for image classification tasks. While DNNs have solved the image classification task and enabled its use in many practical applications, recent research has unveiled some properties which could degrade their performance. Adversarial images are samples that are intentionally modified by adding non-random noise to deceive deep learning systems. Even the-state-of-the-art networks fail classifying these adversarial images to the corresponding class. They are widely used in applications such as CAPTHAs to help distinguish legitimate human users from bots. However, the noise introduced during the adversarial image generation process degrades the perceptual quality and introduces artificial colors; making it also difficult for humans to classify images and recognize objects. This thesis proposes a method that enables generation of adversarial images while preserving their perceptual quality. The proposed method is attack type agnostic and could be used in association with the existing attacks in the literature. Experiments show that the generated adversarial images have lower Euclidean distances to their originals while maintaining the same adversarial attack performance. Distances are reduced by 0.0315% to 29.6% with an average reduction of 17.8% over the different attack and network types.
Subject Keywords
Deep learning.
,
Deep learning
,
image classification
,
adversarial images
,
perceptual enhancement
URI
http://etd.lib.metu.edu.tr/upload/12624179/index.pdf
https://hdl.handle.net/11511/44918
Collections
Graduate School of Informatics, Thesis
Suggestions
OpenMETU
Core
Automated learning rate search using batch-level cross-validation
Kabakcı, Duygu; Akbaş, Emre; Department of Computer Engineering (2019)
Deep convolutional neural networks are being widely used in computer vision tasks, such as object recognition and detection, image segmentation and face recognition, with a variety of architectures. Deep learning researchers and practitioners have accumulated a significant amount of experience on training a wide variety of architectures on various datasets. However, given a specific network model and a dataset, obtaining the best model (i.e. the model giving the smallest test set error) while keeping the tr...
Improving Perceptual Quality of Spatially Transformed Adversarial Examples
Aydın, Ayberk; Temizel, Alptekin; Department of Modeling and Simulation (2022-8)
Deep neural networks are known to be vulnerable to additive adversarial perturbations. The amount of these additive perturbations are generally quantified using Lp metrics over the difference between adversarial and benign examples. However, even when the measured perturbations are small, they tend to be noticeable by human observers since Lp distance metrics are not representative of human perception. Spatially transformed examples work by distorting pixel locations instead of applying an additive perturba...
Supervised mesh segmentation for 3D objects with graph Convolutional neural networks
Perek, Emir Kaan; Sahillioğlu, Yusuf; Department of Computer Engineering (2019)
Mesh segmentation is a fundamental application that is primarily used for understanding and analyzing 3D shapes in a broad range of areas in Computer Science. With the increasing trend of deep learning, there have been many learning-based solutions to the mesh segmentation problem based on the classification of the individual mesh polygons. In this thesis, we cast mesh segmentation as a supervised graph labeling problem by using Graph Convolutional Neural Networks (GCNN). We treat a mesh object as a graph t...
A pixel-by-pixel learned lossless image compression method with parallel decoding
Gümüş, Sinem; Kamışlı, Fatih; Department of Electrical and Electronics Engineering (2022-7)
The success of deep learning in computer vision applications has led to the use of learning based algorithms also in image compression. Learning based lossless image compression algorithms can be divided into three categories, namely, pixel-by-pixel (or masked convolution based) algorithms, prior based algorithms and latent representation based algorithms. In the pixel-by-pixel algorithms, each pixel’s probability distribution is obtained by processing the previously coded left and upper neighbouring pixels...
Image compression method based on learned lifting-based dwt and learned zerotree-like entropy model
Şahin, Uğur Berk; Kamışlı, Fatih; Department of Electrical and Electronics Engineering (2022-8)
The success of deep learning in computer vision has sparked great interest in investigating deep learning-based algorithms also in many image processing applications, including image compression. The most popular end-to-end learned image compression approaches are based on auto-encoder architectures, where the image is mapped via convolutional neural networks (CNNs) into a transform (latent) representation that is quantized and processed again with CNNs to obtain the reconstructed image. The quantized laten...
Citation Formats
IEEE
ACM
APA
CHICAGO
MLA
BibTeX
B. Aksoy, “Perceptual quality preserving adversarial attacks,” Thesis (M.S.) -- Graduate School of Informatics. Modeling and Simulation., Middle East Technical University, 2019.
