Back to articles
Articles
Volume: 33 | Article ID: art00011
Image
Attribution of Gradient Based Adversarial Attacks for Reverse Engineering of Deceptions
Michael Goebel
Jason Bunk
Srinjoy Chattopadhyay
Lakshmanan Nataraj
Shivkumar Chandrasekaran
B. S. Manjunath
  DOI :  10.2352/ISSN.2470-1173.2021.4.MWSF-300  Published OnlineJanuary 2021
Abstract

Machine Learning (ML) algorithms are susceptible to adversarial attacks and deception both during training and deployment. Automatic reverse engineering of the toolchains behind these adversarial machine learning attacks will aid in recovering the tools and processes used in these attacks. In this paper, we present two techniques that support automated identification and attribution of adversarial ML attack toolchains using Co-occurrence Pixel statistics and Laplacian Residuals. Our experiments show that the proposed techniques can identify parameters used to generate adversarial samples. To the best of our knowledge, this is the first approach to attribute gradient based adversarial attacks and estimate their parameters. Source code and data is available at: <ext-link ext-link-type="url" xlink:href="https://github.com/michael-goebel/ei_red">https://github.com/michael-goebel/ei_red</ext-link>.

Journal Title : Electronic Imaging
Publisher Name : Society for Imaging Science and Technology
Publisher Location : 7003 Kilworth Lane, Springfield, VA 22151 USA
Subject Areas :
Views 24
Downloads 0
 DOI 10.2352/ISSN.2470-1173.2021.4.MWSF-300
 articleview.views 24
 articleview.downloads 0
  Cite this article 

Michael Goebel, Jason Bunk, Srinjoy Chattopadhyay, Lakshmanan Nataraj, Shivkumar Chandrasekaran, B. S. Manjunath, "Attribution of Gradient Based Adversarial Attacks for Reverse Engineering of Deceptionsin Proc. IS&T Int’l. Symp. on Electronic Imaging: Media Watermarking, Security, and Forensics,  2021,  pp 300-1 - 300-7,  https://doi.org/10.2352/ISSN.2470-1173.2021.4.MWSF-300

 Copy citation
  Copyright statement 
Copyright © Society for Imaging Science and Technology 2021
72010604
Electronic Imaging
2470-1173
Society for Imaging Science and Technology
7003 Kilworth Lane, Springfield, VA 22151 USA
10.2352/ISSN.2470-1173.2021.4.MWSF-300
2470-1173(20210118)2021:4L.3001;1-
ei_24701173_v2021n4_input/s8.xml
/ist/ei/2021/00002021/00000004/art00011
Articles
Attribution of Gradient Based Adversarial Attacks for Reverse Engineering of Deceptions
GoebelMichael
BunkJason
ChattopadhyaySrinjoy
NatarajLakshmanan
ChandrasekaranShivkumar
ManjunathB. S.
18012021
2021
4
300-1
300-7
2021
Machine Learning (ML) algorithms are susceptible to adversarial attacks and deception both during training and deployment. Automatic reverse engineering of the toolchains behind these adversarial machine learning attacks will aid in recovering the tools and processes used in these attacks. In this paper, we present two techniques that support automated identification and attribution of adversarial ML attack toolchains using Co-occurrence Pixel statistics and Laplacian Residuals. Our experiments show that the proposed techniques can identify parameters used to generate adversarial samples. To the best of our knowledge, this is the first approach to attribute gradient based adversarial attacks and estimate their parameters. Source code and data is available at: <ext-link ext-link-type="url" xlink:href="https://github.com/michael-goebel/ei_red">https://github.com/michael-goebel/ei_red</ext-link>.
Reverse engineering of deceptionsGradient Based AttacksReverse engineering of deceptions