Abstract

Present studies have discovered that state-of-the-art deep learning models can be attacked by small but well-designed perturbations. Existing attack algorithms for the image captioning task is time-consuming, and their generated adversarial examples cannot transfer well to other models. To generate adversarial examples faster and stronger, we propose to learn the perturbations by a generative model that is governed by three novel loss functions. Image feature distortion loss is designed to maximize the encoded image feature distance between original images and the corresponding adversarial examples at the image domain, and local-global mismatching loss is introduced to separate the mapping encoding representation of the adversarial images and the ground true captions from a local and global perspective in the common semantic space as far as possible cross image and caption domain. Language diversity loss is to make the image captions generated by the adversarial examples as different as possible from the correct image caption at the language domain. Extensive experiments show that our proposed generative model can efficiently generate adversarial examples that successfully generalize to attack image captioning models trained on unseen large-scale datasets or with different architectures, or even the image captioning commercial service.

Full Text
Paper version not known

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
Generating traceable adversarial text examples by watermarking in the semantic space
Mingjie Li ... Xinpeng Zhang
Journal of Electronic Imaging | VOL. 31
Mingjie Li, et. al.Mingjie Li ... Xinpeng Zhang
26 Nov 2022
Evaluating Defensive Distillation for Defending Text Processing Neural Networks Against Adversarial Examples
Marcus Soll ... Stefan Wermter
-
Marcus Soll, et. al.Marcus Soll ... Stefan Wermter
01 Jan 2019
Deep Models for Improving the Performance and Reliability of Person Recognition
Sobhan Soleymani
-
Sobhan SoleymaniSobhan Soleymani
01 Jan 2020
How Robust is Your Automatic Diagnosis Model?
Ke Wang ... Ting Chen
-
Ke Wang, et. al.Ke Wang ... Ting Chen
01 Nov 2019
View more papers

More From: ACM Transactions on Multimedia Computing, Communications, and Applications

Paper Title
Journal
Date
Author
Content-Aware Selective Encryption for H.265/HEVC using Deep Hashing Network and Steganography
Qingxin Sheng ... Chiu-Wing Sham
ACM Transactions on Multimedia Computing, Communications, and Applications | VOL. -
Qingxin Sheng, et. al.Qingxin Sheng ... Chiu-Wing Sham
08 Oct 2024
FaceDefend: Copyright Protection to Prevent Face Embezzle
Rui Zhai ... Yao Zhao
ACM Transactions on Multimedia Computing, Communications, and Applications | VOL. -
Rui Zhai, et. al.Rui Zhai ... Yao Zhao
08 Oct 2024
Multi-Scale Feature Attention Fusion for Image Splicing Forgery Detection
Enji Liang ... Xiaohua Jia
ACM Transactions on Multimedia Computing, Communications, and Applications | VOL. -
Enji Liang, et. al.Enji Liang ... Xiaohua Jia
07 Oct 2024
Ischemic Stroke Segmentation by Transformer and Convolutional Neural Network Using Few-Shot Learning
Fatima Alshehri ... Ghulam Muhammad
ACM Transactions on Multimedia Computing, Communications, and Applications | VOL. -
Fatima Alshehri, et. al.Fatima Alshehri ... Ghulam Muhammad
07 Oct 2024
View more papers

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.