Adversarial Perturbations
The research on adversarial learning has three key components: (i) creating adversarial images, (ii) detecting whether an image is adversely altered or not, and (iii) mitigating the effect of the adversarial perturbation process. These adversaries create different kinds of effect on the input and detecting them requires the application of a combination of hand-crafted as well as learned features; for instance, some of the existing attacks can be detected using principal components while some hand-crafted attacks can be detected using well-defined image processing operations. We are focusing on these three key ideas related to adversarial learning (aka perturbations, detection, and mitigation), building from basics of adversarial learning to discussing new algorithms for detection and mitigation.
BTAS 2018 Tutorial Presentation: PDF
WIFS Tutorial Presentation: PDF
FG 2019 Presentation: PDF
Related Publications:
WIFS Tutorial Presentation: PDF
FG 2019 Presentation: PDF
Related Publications:
- G. Goswami, A. Agarwal, N. Ratha, R. Singh, and M. Vatsa, Detecting and Mitigating Adversarial Perturbations for Robust Face Recognition, In International Journal of Computer Vision (IJCV), Special Issue on Deep Learning for Face Analysis, Volume 127, Pages 719-742, 2019.
- S. Chhabra, P. Majumdar, R. Singh, and M. Vatsa, Data Fine-tuning, In Proceedings of Thirty-Third AAAI Conference on Artificial Intelligence, 2019.
- A. Agarwal, A. Sehwag, M. Vatsa, and R. Singh, Deceiving the Protector: Fooling Face Presentation Attack Detection Algorithms, In IAPR International Conference On Biometrics, 2019.
- A. Jain, R. Singh, and M. Vatsa, On Detecting Synthetic Alterations using GANs and Retouching,In Proceedings of IEEE International Conference on Biometrics: Theory, Applications and Systems, 2019.
- G. Goswami, N. Ratha, A. Agarwal, R. Singh, and M. Vatsa, Unravelling Robustness of Deep Learning based Face Recognition Against Adversarial Attacks, Thirty-Second AAAI Conference on Artificial Intelligence, 2018.
- S. Chhabra, R. Singh, M. Vatsa, G. Gupta, Anonymizing k Facial Attributes via Adversarial Perturbations, International Joint Conference on Artificial Intelligence , 2018. (arxiv)
- A. Goel, A. Singh, A. Agarwal, M. Vatsa, R. Singh, SmartBox: Benchmarking Adversarial Detection and Mitigation Algorithms for Face Recognition, In Proceedings of IEEE International Conference on Biometrics: Theory, Applications and Systems, 2018.
- A. Agarwal, M. Vatsa, R. Singh, N. Ratha, Are Image-Agnostic Universal Adversarial Perturbations for Face Recognition Difficult to Detect?, In Proceedings of IEEE International Conference on Biometrics: Theory, Applications and Systems, 2018.
