Yucheng Shi and Siyu Wang, postgraduate students supervised by Prof. Yahong Han from the College of Intelligence and Computing at Tianjin University, made progress in the research of "Artificial Intelligence Security" and "Adversarial Vision". Their paper "Curls & Whey: Boosting Black-Box Adversarial Attacks" was accepted as an Oral Paper by the top academic conference CVPR 2019 (CCF-A) in the field of Computer Vision and Pattern Recognition (with only 5.6% oral acceptance rate).
Adversarial machine learning poses security concerns in the field of Artificial Intelligence and Computer Vision in recent years. It focuses on finding and remedying the vulnerabilities and security risks of machine learning models through adversarial attack and defense. Existing attack methods add noises monotonically along the gradient ascent direction, resulting in a lack of diversity and transferability of the generated adversarial examples. As shown in the figure above, the proposed method uses Curls iteration to improve the diversity of adversarial example and its iterative trajectory, and uses Whey to optimize and "squeeze" the redundant magnitude of noises. Curls & Whey attack shows promising transferability on both targeted and untargeted misclassification in black-box scenario.
In the 2018 Adversarial Vision Challenge during 2018 Conference and Workshop on Neural Information Processing Systems, Curls & Whey method proposed in this paper won the fourth place in both untargeted and targeted attack tracks, and was the only team from China that has entered the Top 5 in both attack tasks. More than 400 teams around the world have participated in the competition, including the CMU Petuum Inc., ETS Montreal, Munich Fortiss research institute, Tsinghua University, Georgia Tech, Tencent Keen security lab, LG CNS and Wuhan University etc.
Research on artificial intelligence security and adversarial attack on computer vision is attracting widespread attention. Prof. Yahong Han's research group has received funding from the National Natural Science Foundation in the field of “Artificial Intelligence Security” since 2018 and is applying for a major project program of “A New Generation of Artificial Intelligence”.
2019 CVPR (IEEE Conference on Computer Vision and Pattern Recognition) will be held in Long Beach, USA from June 16th to 20th, 2019. Yucheng Shi and Siyu Wang will attend the conference and introduce their paper. The code for the above research will also be released on GitHub soon.
By Yanhong Han from the College of Intelligence and Computing
Editors: Eva Yin & Doris Harrington
