You are here:   
  1. Home
  2. Chapters
  3. http://scigraph.springernature.com/pub.10.1007/978-3-030-01249-6_14

Characterizing Adversarial Examples Based on Spatial Consistency Information for Semantic Segmentation View Full Text

Ontology type: schema:Chapter      Open Access: True


Chapter Info

DATE

2018-10-06

AUTHORS

Chaowei Xiao , Ruizhi Deng , Bo Li , Fisher Yu , Mingyan Liu , Dawn Song

ABSTRACT

Deep Neural Networks (DNNs) have been widely applied in various recognition tasks. However, recently DNNs have been shown to be vulnerable against adversarial examples, which can mislead DNNs to make arbitrary incorrect predictions. While adversarial examples are well studied in classification tasks, other learning problems may have different properties. For instance, semantic segmentation requires additional components such as dilated convolutions and multiscale processing. In this paper, we aim to characterize adversarial examples based on spatial context information in semantic segmentation. We observe that spatial consistency information can be potentially leveraged to detect adversarial examples robustly even when a strong adaptive attacker has access to the model and detection strategies. We also show that adversarial examples based on attacks considered within the paper barely transfer among models, even though transferability is common in classification. Our observations shed new light on developing adversarial attacks and defenses to better understand the vulnerabilities of DNNs. More... »

PAGES

220-237

Book

TITLE

Computer Vision – ECCV 2018

ISBN

978-3-030-01248-9
978-3-030-01249-6

Subjects

  • FOR: Information And Computing Sciences
  • FOR: Artificial Intelligence And Image Processing

    • Author Affiliations

  • University of Michigan, Ann Arbor, USA
  • Simon Fraser University, Burnaby, Canada
  • UC Berkeley, Berkeley, USA

    • Identifiers

    URI

    http://scigraph.springernature.com/pub.10.1007/978-3-030-01249-6_14

    DOI

    http://dx.doi.org/10.1007/978-3-030-01249-6_14

    DIMENSIONS

    https://app.dimensions.ai/details/publication/pub.1107454674

    Indexing Status Check whether this publication has been indexed by Scopus and Web Of Science using the SN Indexing Status Tool
    Incoming Citations Browse incoming citations for this publication using opencitations.net

    JSON-LD is the canonical representation for SciGraph data.

    TIP: You can open this SciGraph record using an external JSON-LD service: JSON-LD Playground Google SDTT 

    [
  {
    "@context": "https://springernature.github.io/scigraph/jsonld/sgcontext.json", 
    "about": [
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/08", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Information and Computing Sciences", 
        "type": "DefinedTerm"
      }, 
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/0801", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Artificial Intelligence and Image Processing", 
        "type": "DefinedTerm"
      }
    ], 
    "author": [
      {
        "affiliation": {
          "alternateName": "University of Michigan, Ann Arbor, USA", 
          "id": "http://www.grid.ac/institutes/grid.214458.e", 
          "name": [
            "University of Michigan, Ann Arbor, USA"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Xiao", 
        "givenName": "Chaowei", 
        "id": "sg:person.015156355516.52", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.015156355516.52"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "Simon Fraser University, Burnaby, Canada", 
          "id": "http://www.grid.ac/institutes/grid.61971.38", 
          "name": [
            "Simon Fraser University, Burnaby, Canada"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Deng", 
        "givenName": "Ruizhi", 
        "id": "sg:person.016247430134.38", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.016247430134.38"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "UC Berkeley, Berkeley, USA", 
          "id": "http://www.grid.ac/institutes/grid.47840.3f", 
          "name": [
            "UIUC, Champaign, USA", 
            "UC Berkeley, Berkeley, USA"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Li", 
        "givenName": "Bo", 
        "id": "sg:person.011355161257.61", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.011355161257.61"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "UC Berkeley, Berkeley, USA", 
          "id": "http://www.grid.ac/institutes/grid.47840.3f", 
          "name": [
            "UC Berkeley, Berkeley, USA"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Yu", 
        "givenName": "Fisher", 
        "id": "sg:person.012020671543.60", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.012020671543.60"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "University of Michigan, Ann Arbor, USA", 
          "id": "http://www.grid.ac/institutes/grid.214458.e", 
          "name": [
            "University of Michigan, Ann Arbor, USA"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Liu", 
        "givenName": "Mingyan", 
        "id": "sg:person.010560654372.62", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.010560654372.62"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "UC Berkeley, Berkeley, USA", 
          "id": "http://www.grid.ac/institutes/grid.47840.3f", 
          "name": [
            "UC Berkeley, Berkeley, USA"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Song", 
        "givenName": "Dawn", 
        "id": "sg:person.01143152610.86", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.01143152610.86"
        ], 
        "type": "Person"
      }
    ], 
    "datePublished": "2018-10-06", 
    "datePublishedReg": "2018-10-06", 
    "description": "Deep Neural Networks (DNNs) have been widely applied in various recognition tasks. However, recently DNNs have been shown to be vulnerable against adversarial examples, which can mislead DNNs to make arbitrary incorrect predictions. While adversarial examples are well studied in classification tasks, other learning problems may have different properties. For instance, semantic segmentation requires additional components such as dilated convolutions and multiscale processing. In this paper, we aim to characterize adversarial examples based on spatial context information in semantic segmentation. We observe that spatial consistency information can be potentially leveraged to detect adversarial examples robustly even when a strong adaptive attacker has access to the model and detection strategies. We also show that adversarial examples based on attacks considered within the paper barely transfer among models, even though transferability is common in classification. Our observations shed new light on developing adversarial attacks and defenses to better understand the vulnerabilities of DNNs.", 
    "editor": [
      {
        "familyName": "Ferrari", 
        "givenName": "Vittorio", 
        "type": "Person"
      }, 
      {
        "familyName": "Hebert", 
        "givenName": "Martial", 
        "type": "Person"
      }, 
      {
        "familyName": "Sminchisescu", 
        "givenName": "Cristian", 
        "type": "Person"
      }, 
      {
        "familyName": "Weiss", 
        "givenName": "Yair", 
        "type": "Person"
      }
    ], 
    "genre": "chapter", 
    "id": "sg:pub.10.1007/978-3-030-01249-6_14", 
    "inLanguage": "en", 
    "isAccessibleForFree": true, 
    "isPartOf": {
      "isbn": [
        "978-3-030-01248-9", 
        "978-3-030-01249-6"
      ], 
      "name": "Computer Vision \u2013 ECCV 2018", 
      "type": "Book"
    }, 
    "keywords": [
      "deep neural networks", 
      "adversarial examples", 
      "semantic segmentation", 
      "vulnerability of DNNs", 
      "consistency information", 
      "spatial context information", 
      "context information", 
      "adversarial attacks", 
      "adaptive attackers", 
      "classification task", 
      "neural network", 
      "multiscale processing", 
      "learning problem", 
      "recognition task", 
      "segmentation", 
      "detection strategy", 
      "task", 
      "attacks", 
      "incorrect predictions", 
      "information", 
      "attacker", 
      "network", 
      "example", 
      "convolution", 
      "classification", 
      "processing", 
      "instances", 
      "access", 
      "model", 
      "vulnerability", 
      "additional components", 
      "different properties", 
      "prediction", 
      "transferability", 
      "strategies", 
      "components", 
      "defense", 
      "properties", 
      "observations", 
      "new light", 
      "light", 
      "paper", 
      "problem"
    ], 
    "name": "Characterizing Adversarial Examples Based on Spatial Consistency Information for Semantic Segmentation", 
    "pagination": "220-237", 
    "productId": [
      {
        "name": "dimensions_id", 
        "type": "PropertyValue", 
        "value": [
          "pub.1107454674"
        ]
      }, 
      {
        "name": "doi", 
        "type": "PropertyValue", 
        "value": [
          "10.1007/978-3-030-01249-6_14"
        ]
      }
    ], 
    "publisher": {
      "name": "Springer Nature", 
      "type": "Organisation"
    }, 
    "sameAs": [
      "https://doi.org/10.1007/978-3-030-01249-6_14", 
      "https://app.dimensions.ai/details/publication/pub.1107454674"
    ], 
    "sdDataset": "chapters", 
    "sdDatePublished": "2022-05-20T07:48", 
    "sdLicense": "https://scigraph.springernature.com/explorer/license/", 
    "sdPublisher": {
      "name": "Springer Nature - SN SciGraph project", 
      "type": "Organization"
    }, 
    "sdSource": "s3://com-springernature-scigraph/baseset/20220519/entities/gbq_results/chapter/chapter_458.jsonl", 
    "type": "Chapter", 
    "url": "https://doi.org/10.1007/978-3-030-01249-6_14"
  }
]
     

    Download the RDF metadata as:  json-ld nt turtle xml License info

    HOW TO GET THIS DATA PROGRAMMATICALLY:

    JSON-LD is a popular format for linked data which is fully compatible with JSON. 

    curl -H 'Accept: application/ld+json' 'https://scigraph.springernature.com/pub.10.1007/978-3-030-01249-6_14'

    N-Triples is a line-based linked data format ideal for batch operations. 

    curl -H 'Accept: application/n-triples' 'https://scigraph.springernature.com/pub.10.1007/978-3-030-01249-6_14'

    Turtle is a human-readable linked data format. 

    curl -H 'Accept: text/turtle' 'https://scigraph.springernature.com/pub.10.1007/978-3-030-01249-6_14'

    RDF/XML is a standard XML format for linked data. 

    curl -H 'Accept: application/rdf+xml' 'https://scigraph.springernature.com/pub.10.1007/978-3-030-01249-6_14'


     

    This table displays all metadata directly associated to this object as RDF triples.

    160 TRIPLES      23 PREDICATES      68 URIs      61 LITERALS      7 BLANK NODES

    Subject Predicate Object
    1 sg:pub.10.1007/978-3-030-01249-6_14 schema:about anzsrc-for:08
    2 anzsrc-for:0801
    3 schema:author Ne0ce04e9768746f6ba68564c681fd3b6
    4 schema:datePublished 2018-10-06
    5 schema:datePublishedReg 2018-10-06
    6 schema:description Deep Neural Networks (DNNs) have been widely applied in various recognition tasks. However, recently DNNs have been shown to be vulnerable against adversarial examples, which can mislead DNNs to make arbitrary incorrect predictions. While adversarial examples are well studied in classification tasks, other learning problems may have different properties. For instance, semantic segmentation requires additional components such as dilated convolutions and multiscale processing. In this paper, we aim to characterize adversarial examples based on spatial context information in semantic segmentation. We observe that spatial consistency information can be potentially leveraged to detect adversarial examples robustly even when a strong adaptive attacker has access to the model and detection strategies. We also show that adversarial examples based on attacks considered within the paper barely transfer among models, even though transferability is common in classification. Our observations shed new light on developing adversarial attacks and defenses to better understand the vulnerabilities of DNNs.
    7 schema:editor Nd6ca5ca134e343cbbb369ef115211bdf
    8 schema:genre chapter
    9 schema:inLanguage en
    10 schema:isAccessibleForFree true
    11 schema:isPartOf N24ba952ee8484675bb2bcca60dcfcec9
    12 schema:keywords access
    13 adaptive attackers
    14 additional components
    15 adversarial attacks
    16 adversarial examples
    17 attacker
    18 attacks
    19 classification
    20 classification task
    21 components
    22 consistency information
    23 context information
    24 convolution
    25 deep neural networks
    26 defense
    27 detection strategy
    28 different properties
    29 example
    30 incorrect predictions
    31 information
    32 instances
    33 learning problem
    34 light
    35 model
    36 multiscale processing
    37 network
    38 neural network
    39 new light
    40 observations
    41 paper
    42 prediction
    43 problem
    44 processing
    45 properties
    46 recognition task
    47 segmentation
    48 semantic segmentation
    49 spatial context information
    50 strategies
    51 task
    52 transferability
    53 vulnerability
    54 vulnerability of DNNs
    55 schema:name Characterizing Adversarial Examples Based on Spatial Consistency Information for Semantic Segmentation
    56 schema:pagination 220-237
    57 schema:productId N8bae83c35a1a4e52a3387466e2ee6b64
    58 Nfee4d418a970455d8759bac026959be0
    59 schema:publisher Nf805b5925ee94ee48cffd3472089f11c
    60 schema:sameAs https://app.dimensions.ai/details/publication/pub.1107454674
    61 https://doi.org/10.1007/978-3-030-01249-6_14
    62 schema:sdDatePublished 2022-05-20T07:48
    63 schema:sdLicense https://scigraph.springernature.com/explorer/license/
    64 schema:sdPublisher Nc8d1ae928833470c912e9f90deb109e1
    65 schema:url https://doi.org/10.1007/978-3-030-01249-6_14
    66 sgo:license sg:explorer/license/
    67 sgo:sdDataset chapters
    68 rdf:type schema:Chapter
    69 N13359ca06e534d4eb14572616816ef1a schema:familyName Hebert
    70 schema:givenName Martial
    71 rdf:type schema:Person
    72 N24ba952ee8484675bb2bcca60dcfcec9 schema:isbn 978-3-030-01248-9
    73 978-3-030-01249-6
    74 schema:name Computer Vision – ECCV 2018
    75 rdf:type schema:Book
    76 N2cf8570add4f40dd9589e965c71e0481 rdf:first sg:person.011355161257.61
    77 rdf:rest Na6af6a65903c453ba493773346e5f5b1
    78 N505c9a44d0334ab08a296c8423eb85ef schema:familyName Ferrari
    79 schema:givenName Vittorio
    80 rdf:type schema:Person
    81 N6a0189e627cc47d7bf5f2a65a351ab3b rdf:first sg:person.016247430134.38
    82 rdf:rest N2cf8570add4f40dd9589e965c71e0481
    83 N6aa9760305c44b518a628cd83f5316d9 rdf:first Nad3b472853864a1da2b422181ee02881
    84 rdf:rest rdf:nil
    85 N7e65361889d4404fabcfbba5d4e1de3d schema:familyName Sminchisescu
    86 schema:givenName Cristian
    87 rdf:type schema:Person
    88 N8bae83c35a1a4e52a3387466e2ee6b64 schema:name doi
    89 schema:value 10.1007/978-3-030-01249-6_14
    90 rdf:type schema:PropertyValue
    91 Na6af6a65903c453ba493773346e5f5b1 rdf:first sg:person.012020671543.60
    92 rdf:rest Nce6a9e064a3349739393fc535964171a
    93 Nad3b472853864a1da2b422181ee02881 schema:familyName Weiss
    94 schema:givenName Yair
    95 rdf:type schema:Person
    96 Nb9c93de1b51f491eb52724844830fdcd rdf:first N7e65361889d4404fabcfbba5d4e1de3d
    97 rdf:rest N6aa9760305c44b518a628cd83f5316d9
    98 Nc8d1ae928833470c912e9f90deb109e1 schema:name Springer Nature - SN SciGraph project
    99 rdf:type schema:Organization
    100 Nc970573db04e4b47aaabe470c85918f1 rdf:first N13359ca06e534d4eb14572616816ef1a
    101 rdf:rest Nb9c93de1b51f491eb52724844830fdcd
    102 Nce6a9e064a3349739393fc535964171a rdf:first sg:person.010560654372.62
    103 rdf:rest Nea8b3d3f748143dca2e601244c9f4c73
    104 Nd6ca5ca134e343cbbb369ef115211bdf rdf:first N505c9a44d0334ab08a296c8423eb85ef
    105 rdf:rest Nc970573db04e4b47aaabe470c85918f1
    106 Ne0ce04e9768746f6ba68564c681fd3b6 rdf:first sg:person.015156355516.52
    107 rdf:rest N6a0189e627cc47d7bf5f2a65a351ab3b
    108 Nea8b3d3f748143dca2e601244c9f4c73 rdf:first sg:person.01143152610.86
    109 rdf:rest rdf:nil
    110 Nf805b5925ee94ee48cffd3472089f11c schema:name Springer Nature
    111 rdf:type schema:Organisation
    112 Nfee4d418a970455d8759bac026959be0 schema:name dimensions_id
    113 schema:value pub.1107454674
    114 rdf:type schema:PropertyValue
    115 anzsrc-for:08 schema:inDefinedTermSet anzsrc-for:
    116 schema:name Information and Computing Sciences
    117 rdf:type schema:DefinedTerm
    118 anzsrc-for:0801 schema:inDefinedTermSet anzsrc-for:
    119 schema:name Artificial Intelligence and Image Processing
    120 rdf:type schema:DefinedTerm
    121 sg:person.010560654372.62 schema:affiliation grid-institutes:grid.214458.e
    122 schema:familyName Liu
    123 schema:givenName Mingyan
    124 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.010560654372.62
    125 rdf:type schema:Person
    126 sg:person.011355161257.61 schema:affiliation grid-institutes:grid.47840.3f
    127 schema:familyName Li
    128 schema:givenName Bo
    129 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.011355161257.61
    130 rdf:type schema:Person
    131 sg:person.01143152610.86 schema:affiliation grid-institutes:grid.47840.3f
    132 schema:familyName Song
    133 schema:givenName Dawn
    134 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.01143152610.86
    135 rdf:type schema:Person
    136 sg:person.012020671543.60 schema:affiliation grid-institutes:grid.47840.3f
    137 schema:familyName Yu
    138 schema:givenName Fisher
    139 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.012020671543.60
    140 rdf:type schema:Person
    141 sg:person.015156355516.52 schema:affiliation grid-institutes:grid.214458.e
    142 schema:familyName Xiao
    143 schema:givenName Chaowei
    144 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.015156355516.52
    145 rdf:type schema:Person
    146 sg:person.016247430134.38 schema:affiliation grid-institutes:grid.61971.38
    147 schema:familyName Deng
    148 schema:givenName Ruizhi
    149 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.016247430134.38
    150 rdf:type schema:Person
    151 grid-institutes:grid.214458.e schema:alternateName University of Michigan, Ann Arbor, USA
    152 schema:name University of Michigan, Ann Arbor, USA
    153 rdf:type schema:Organization
    154 grid-institutes:grid.47840.3f schema:alternateName UC Berkeley, Berkeley, USA
    155 schema:name UC Berkeley, Berkeley, USA
    156 UIUC, Champaign, USA
    157 rdf:type schema:Organization
    158 grid-institutes:grid.61971.38 schema:alternateName Simon Fraser University, Burnaby, Canada
    159 schema:name Simon Fraser University, Burnaby, Canada
    160 rdf:type schema:Organization
     




    Preview window. Press ESC to close (or click here)

    ...