Self-Recoverable Adversarial Examples: A New Effective Protection Mechanism in Social Networks

Abstract

Nowadays, users upload numerous photos to social network platforms to share their daily lives. These photos contain numerous personal information, which can be easily captured by intelligent algorithms. To improve privacy security, we aim to form a protection mechanism by exploiting adversarial examples, which can mislead and disrupt intelligent algorithms. However, the existing adversarial attack lacks the study on recoverability and reversibility, which makes them unable to serve as an effective protection mechanism. To address this issue, we propose a recoverable generative adversarial network to generate self-recoverable adversarial examples. By modeling the adversarial attack and recovery as a united task, our method can minimize the error of the recovered examples while maximizing the attack ability, resulting in better recoverability of adversarial examples. To further boost the recoverability of these examples, we exploit a dimension reducer to optimize the distribution of adversarial perturbation. The experimental results prove that the adversarial examples generated by the proposed method present superior recoverability, attack ability, and robustness on different datasets and network architectures, which ensure its effectiveness as a protection mechanism in social networks.