Image classifiers that based on Deep Neural Networks(DNNs)have been proved to be easily fooled by well-designed perturbations.Previous defense methods have the limitations of requiring expensive computation or reducin...Image classifiers that based on Deep Neural Networks(DNNs)have been proved to be easily fooled by well-designed perturbations.Previous defense methods have the limitations of requiring expensive computation or reducing the accuracy of the image classifiers.In this paper,we propose a novel defense method which based on perceptual hash.Our main goal is to destroy the process of perturbations generation by comparing the similarities of images thus achieve the purpose of defense.To verify our idea,we defended against two main attack methods(a white-box attack and a black-box attack)in different DNN-based image classifiers and show that,after using our defense method,the attack-success-rate for all DNN-based image classifiers decreases significantly.More specifically,for the white-box attack,the attack-success-rate is reduced by an average of 36.3%.For the black-box attack,the average attack-success-rate of targeted attack and non-targeted attack has been reduced by 72.8%and 76.7%respectively.The proposed method is a simple and effective defense method and provides a new way to defend against adversarial samples.展开更多
In view of the fact that the current adaptive steganography algorithms are difficult to resist scaling attacks and that a method resisting scaling attack is only for the nearest neighbor interpolation method,this pape...In view of the fact that the current adaptive steganography algorithms are difficult to resist scaling attacks and that a method resisting scaling attack is only for the nearest neighbor interpolation method,this paper proposes an image steganography algorithm based on quantization index modulation resisting both scaling attacks and statistical detection.For the spatial image,this paper uses the watermarking algorithm based on quantization index modulation to extract the embedded domain.Then construct the embedding distortion function of the new embedded domain based on S-UNIWARD steganography,and use the minimum distortion coding to realize the embedding of the secret messages.Finally,according to the embedding modification amplitude of secret messages in the new embedded domain,the quantization index modulation algorithm is applied to realize the final embedding of secret messages in the original embedded domain.The experimental results show that the algorithm proposed is robust to the three common interpolation attacks including the nearest neighbor interpolation,the bilinear interpolation and the bicubic interpolation.And the average correct extraction rate of embedded messages increases from 50%to over 93% after 0.5 times-fold scaling attack using the bicubic interpolation method,compared with the classical steganography algorithm S-UNIWARD.Also the algorithm proposed has higher detection resistance than the original watermarking algorithm based on quantization index modulation.展开更多
The task of next POI recommendations has been studied extensively in recent years.However,developing a unified recommendation framework to incorporate multiple factors associated with both POIs and users remains chall...The task of next POI recommendations has been studied extensively in recent years.However,developing a unified recommendation framework to incorporate multiple factors associated with both POIs and users remains challenging,because of the heterogeneity nature of these information.Further,effective mechanisms to smoothly handle cold-start cases are also a difficult topic.Inspired by the recent success of neural networks in many areas,in this paper,we propose a simple yet effective neural network framework,named NEXT,for next POI recommendations.NEXT is a unified framework to learn the hidden intent regarding user's next move,by incorporating different factors in a unified manner.Specifically,in NEXT,we incorporate meta-data information,e.g.,user friendship and textual descriptions of POIs,and two kinds of temporal contexts(i.e.,time interval and visit time).To leverage sequential relations and geographical influence,we propose to adopt DeepWalk,a network representation learning technique,to encode such knowledge.We evaluate the effectiveness of NEXT against other state-of-the-art alternatives and neural networks based solutions.Experimental results on three publicly available datasets demonstrate that NEXT significantly outperforms baselines in real-time next POI recommendations.Further experiments show inherent ability of NEXT in handling cold-start.展开更多
基金The work is supported by the National Key Research Development Program of China(2016QY01W0200)the National Natural Science Foundation of China NSFC(U1636101,U1736211,U1636219).
文摘Image classifiers that based on Deep Neural Networks(DNNs)have been proved to be easily fooled by well-designed perturbations.Previous defense methods have the limitations of requiring expensive computation or reducing the accuracy of the image classifiers.In this paper,we propose a novel defense method which based on perceptual hash.Our main goal is to destroy the process of perturbations generation by comparing the similarities of images thus achieve the purpose of defense.To verify our idea,we defended against two main attack methods(a white-box attack and a black-box attack)in different DNN-based image classifiers and show that,after using our defense method,the attack-success-rate for all DNN-based image classifiers decreases significantly.More specifically,for the white-box attack,the attack-success-rate is reduced by an average of 36.3%.For the black-box attack,the average attack-success-rate of targeted attack and non-targeted attack has been reduced by 72.8%and 76.7%respectively.The proposed method is a simple and effective defense method and provides a new way to defend against adversarial samples.
基金This work was supported by the National Natural Science Foundation of China(No.61379151,61401512,61572052,U1636219)the National Key Research and Development Program of China(No.2016YFB0801303,2016QY01W0105)the Key Technologies Research and Development Program of Henan Provinces(No.162102210032).
文摘In view of the fact that the current adaptive steganography algorithms are difficult to resist scaling attacks and that a method resisting scaling attack is only for the nearest neighbor interpolation method,this paper proposes an image steganography algorithm based on quantization index modulation resisting both scaling attacks and statistical detection.For the spatial image,this paper uses the watermarking algorithm based on quantization index modulation to extract the embedded domain.Then construct the embedding distortion function of the new embedded domain based on S-UNIWARD steganography,and use the minimum distortion coding to realize the embedding of the secret messages.Finally,according to the embedding modification amplitude of secret messages in the new embedded domain,the quantization index modulation algorithm is applied to realize the final embedding of secret messages in the original embedded domain.The experimental results show that the algorithm proposed is robust to the three common interpolation attacks including the nearest neighbor interpolation,the bilinear interpolation and the bicubic interpolation.And the average correct extraction rate of embedded messages increases from 50%to over 93% after 0.5 times-fold scaling attack using the bicubic interpolation method,compared with the classical steganography algorithm S-UNIWARD.Also the algorithm proposed has higher detection resistance than the original watermarking algorithm based on quantization index modulation.
基金the National Natural Science Foundation of China(Grant Nos.61872278,61502344,1636219,U1636101)Natural Science Foundation of Hubei Province(2017CFB502)+1 种基金Academic Team Building Plan for Young Scholars from Wuhan University(Whu2016012)Singapore Ministry of Education Academic Research Fund Tier 2(MOE2014-T2-2-066)。
文摘The task of next POI recommendations has been studied extensively in recent years.However,developing a unified recommendation framework to incorporate multiple factors associated with both POIs and users remains challenging,because of the heterogeneity nature of these information.Further,effective mechanisms to smoothly handle cold-start cases are also a difficult topic.Inspired by the recent success of neural networks in many areas,in this paper,we propose a simple yet effective neural network framework,named NEXT,for next POI recommendations.NEXT is a unified framework to learn the hidden intent regarding user's next move,by incorporating different factors in a unified manner.Specifically,in NEXT,we incorporate meta-data information,e.g.,user friendship and textual descriptions of POIs,and two kinds of temporal contexts(i.e.,time interval and visit time).To leverage sequential relations and geographical influence,we propose to adopt DeepWalk,a network representation learning technique,to encode such knowledge.We evaluate the effectiveness of NEXT against other state-of-the-art alternatives and neural networks based solutions.Experimental results on three publicly available datasets demonstrate that NEXT significantly outperforms baselines in real-time next POI recommendations.Further experiments show inherent ability of NEXT in handling cold-start.
