CNR Institutional Research Information System

Although deep-learning-based solutions are pervading different application sectors, many doubts have arisen about their reliability and, above all, their security against threats that can mislead their decision mechanisms. In this work, we considered a particular kind of deep neural network, the Neural Ordinary Differential Equations (N-ODE) networks, which have shown intrinsic robustness against adversarial samples by properly tuning their tolerance parameter at test time. Their behaviour has never been investigated in image forensics tasks such as distinguishing between an original and an altered image. Following this direction, we demonstrate how tuning the tolerance parameter during the prediction phase can control and increase N-ODE's robustness versus adversarial attacks. We performed experiments on basic image transformations used to generate tampered data, providing encouraging results in terms of adversarial rejection and preservation of the correct classification of pristine images.

Tuning neural ODE networks to increase adversarial robustness in image forensics

Carrara F;Falchi F
2022

Abstract

Although deep-learning-based solutions are pervading different application sectors, many doubts have arisen about their reliability and, above all, their security against threats that can mislead their decision mechanisms. In this work, we considered a particular kind of deep neural network, the Neural Ordinary Differential Equations (N-ODE) networks, which have shown intrinsic robustness against adversarial samples by properly tuning their tolerance parameter at test time. Their behaviour has never been investigated in image forensics tasks such as distinguishing between an original and an altered image. Following this direction, we demonstrate how tuning the tolerance parameter during the prediction phase can control and increase N-ODE's robustness versus adversarial attacks. We performed experiments on basic image transformations used to generate tampered data, providing encouraging results in terms of adversarial rejection and preservation of the correct classification of pristine images.
2022
Istituto di Scienza e Tecnologie dell'Informazione "Alessandro Faedo" - ISTI
Inglese
2022 IEEE International Conference on Image Processing
ICIP 2022 - IEEE International Conference on Image Processing
1496
1500
978-1-6654-9621-6
https://ieeexplore.ieee.org/abstract/document/9897662
IEEE
New York
STATI UNITI D'AMERICA
Sì, ma tipo non specificato
16-19/10/2022
Bordeaux, France
Image forensics Deep Learning
Neural ODE networks
Adversarial samples
Deep Learning
2-s2.0-85146699937
WOS:001058109501117
3
partially_open
Caldelli, R; Carrara, F; Falchi, F
273
info:eu-repo/semantics/conferenceObject
04 Contributo in convegno::04.01 Contributo in Atti di convegno
   A European Excellence Centre for Media, Society and Democracy
   AI4Media
   H2020
   951911
04.01 Contributo in Atti di convegno
File in questo prodotto:
File Dimensione Formato  
prod_472365-doc_192244.pdf

solo utenti autorizzati

Descrizione: Tuning neural ODE networks to increase adversarial robustness in image forensics
Tipologia: Versione Editoriale (PDF)
Dimensione 1.39 MB
Formato Adobe PDF
  Visualizza/Apri   Richiedi una copia
1.39 MB Adobe PDF   Visualizza/Apri   Richiedi una copia
prod_472365-doc_192245.pdf

accesso aperto

Descrizione: Preprint - Tuning neural ODE networks to increase adversarial robustness in image forensics
Tipologia: Versione Editoriale (PDF)
Dimensione 727.78 kB
Formato Adobe PDF
Visualizza/Apri
727.78 kB Adobe PDF Visualizza/Apri

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/20.500.14243/420432
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 2
  • ???jsp.display-item.citation.isi??? 2
social impact