Show/Hide Menu
Hide/Show Apps
Logout
Türkçe
Türkçe
Search
Search
Login
Login
OpenMETU
OpenMETU
About
About
Open Science Policy
Open Science Policy
Communities & Collections
Communities & Collections
Help
Help
Frequently Asked Questions
Frequently Asked Questions
Guides
Guides
Thesis submission
Thesis submission
MS without thesis term project submission
MS without thesis term project submission
Publication submission with DOI
Publication submission with DOI
Publication submission
Publication submission
Supporting Information
Supporting Information
General Information
General Information
Copyright, Embargo and License
Copyright, Embargo and License
Contact us
Contact us
The Effects of JPEG and JPEG2000 Compression on Attacks using Adversarial Examples
Date
2018-03-01
Author
Temizel, Alptekin
Taşkaya Temizel, Tuğba
Metadata
Show full item record
Item Usage Stats
79
views
0
downloads
Cite This
Adversarial examples are known to have a negative effect on the performance of classifiers which have otherwise good performance on undisturbed images. These examples are generated by adding non-random noise to the testing samples in order to make classifier misclassify the given data. Adversarial attacks use these intentionally generated examples and they pose a security risk to the machine learning based systems. To be immune to such attacks, it is desirable to have a pre-processing mechanism which removes these effects causing misclassification while keeping the content of the image. JPEG and JPEG2000 are well-known image compression techniques which suppress the high-frequency content taking the human visual system into account. JPEG has been also shown to be an effective method for reducing adversarial noise. In this paper, we propose applying JPEG2000 compression as an alternative and systematically compare the classification performance of adversarial images compressed using JPEG and JPEG2000 at different target PSNR values and maximum compression levels. Our experiments show that JPEG2000 is more effective in reducing adversarial noise as it allows higher compression rates with less distortion and it does not introduce blocking artifacts.
URI
https://arxiv.org/pdf/1803.10418
https://hdl.handle.net/11511/76401
Collections
Unverified, Article
Suggestions
OpenMETU
Core
JPEG2000 as a defense against attacks using adversarial examples
Gündüz, Ayşe Elvan; Temizel, Alptekin; Taşkaya Temizel, Tuğba (null; 2018-10-11)
Adversarial examples have a negative effect on the performance of classifiers which have otherwise good performance on undisturbed images. These examples are generated by adding non-random noise to the test samples in order to fool the classifier. Adversarial attacks use these intentionally generated examples and they pose a security risk to the machine learning based systems. It has recently been shown that JPEG compression is effective against such attacks and classification accuracy on adversarial images...
THE JOINT EFFECT OF WORD FREQUENCY AND OUTPUT INTERFERENCE IN RECOGNITION MEMORY: TEST OF A MODEL PREDICTION
Dedetaş, Hatice; Kılıç Özhan, Aslı; Department of Psychology (2022-5-10)
Output interference (OI) is defined as a decline in memory performance throughout the test. Different models have separate explanations for OI. For item noise models, OI results from encoding during the test. When items are presented at the test, they are compared to all items in the memory trace and if a match occurs, the matched study item is updated, and if a match does not occur, a new memory trace is added. These updates during the test phase lead to confusion through the end of the test. Another hotly...
The Effect Of Multiple Performance Criteria Usage On The Just In Time Production And Total Quality Management Implementation Levels: Findings From Turkey
Aydın, Zehra Berna; Tüzüntürk, Selim; Eryılmaz, Mehmet Eymen (Orta Doğu Teknik Üniversitesi (Ankara, Turkey), 2008-12)
This article examines the effect of the multiple performance criteria usage on Just in Time Production (JIT) and Total Quality Management (TQM) implementation levels. Earlier studies have highlighted that JIT and TQM implementation levels play a major role in the success of organizational performance. Therefore the aim of this study was to determine the significant Balanced Scorecard (BSC) perspectives that may affect JIT and TQM using Logit regression analysis. The analysis process was executed on a sample...
The Use of Nonlinear Analyses Tools for the Structural Design of Concrete Dams
Soysal, Berat Feyza; Arıcı, Yalın (2015-06-20)
Given the need to evaluate the older infrastructure for higher design hazards in order to ascertain the performance in multiple sigma events, the use of nonlinear tools for the prediction of the performance of concrete structures is becoming increasingly popular. Smeared crack models are the primary tools to simulate the performance of dams due to such properties as mesh independence and robust behavior, as well as being dependent on only a few parameters discernible by common laboratory tests. In contrast ...
A NOVEL SHADOW RESTORATION ALGORITHM BASED ON ATMOSPHERIC EFFECTS FOR AERIAL IMAGES
Aytekin, Caglar; Alatan, Abdullah Aydın (2010-09-29)
In aerial images, the performance of the segmentation and object recognition algorithms could suffer due to shadows in the scene. This effort describes a novel shadow restoration algorithm based on atmospheric effects and characteristics of sun light for aerial images. Firstly, shadow regions are detected exploiting the Rayleigh scattering phenomena and the well-known fact related to the low illumination intensity in the shadow regions. After detection, shadow restoration is achieved by first restoring part...
Citation Formats
IEEE
ACM
APA
CHICAGO
MLA
BibTeX
A. Temizel and T. Taşkaya Temizel, “The Effects of JPEG and JPEG2000 Compression on Attacks using Adversarial Examples,” 2018, Accessed: 00, 2021. [Online]. Available: https://arxiv.org/pdf/1803.10418.