In recent work,adversarial stickers are widely used to attack face recognition(FR)systems in the physical world.However,it is difficult to evaluate the performance of physical attacks because of the lack of volunteers...In recent work,adversarial stickers are widely used to attack face recognition(FR)systems in the physical world.However,it is difficult to evaluate the performance of physical attacks because of the lack of volunteers in the experiment.In this paper,a simple attack method called incomplete physical adversarial attack(IPAA)is proposed to simulate physical attacks.Different from the process of physical attacks,when an IPAA is conducted,a photo of the adversarial sticker is embedded into a facial image as the input to attack FR systems,which can obtain results similar to those of physical attacks without inviting any volunteers.The results show that IPAA has a higher similarity with physical attacks than digital attacks,indicating that IPAA is able to evaluate the performance of physical attacks.IPAA is effective in quantitatively measuring the impact of the sticker location on the results of attacks.展开更多
Steganalysis attack is to statistically estimate the embedded watermark in the watermarked multimedia,and the estimated watermark may be destroyed by the attacker.The existing methods of false negative probability,how...Steganalysis attack is to statistically estimate the embedded watermark in the watermarked multimedia,and the estimated watermark may be destroyed by the attacker.The existing methods of false negative probability,however,do not consider the influence of steganalysis attack.This paper proposed the game theory based false negative probability to estimate the impacts of steganalysis attack,as well as unintentional attack.Specifically,game theory was used to model the collision between the embedment and steganalysis attack,and derive the optimal building embedding/attacking strategy.Such optimal playing strategies devote to calculating the attacker destructed watermark,used for calculation of the game theory based false negative probability.The experimental results show that watermark detection reliability measured using our proposed method,in comparison,can better reflect the real scenario in which the embedded watermark undergoes unintentional attack and the attacker using steganalysis attack.This paper provides a foundation for investigating countermeasures of digital watermarking community against steganalysis attack.展开更多
Network attack detection and mitigation require packet collection,pre-processing,feature analysis,classification,and post-processing.Models for these tasks sometimes become complex or inefficient when applied to real-...Network attack detection and mitigation require packet collection,pre-processing,feature analysis,classification,and post-processing.Models for these tasks sometimes become complex or inefficient when applied to real-time data samples.To mitigate hybrid assaults,this study designs an efficient forensic layer employing deep learning pattern analysis and multidomain feature extraction.In this paper,we provide a novel multidomain feature extraction method using Fourier,Z,Laplace,Discrete Cosine Transform(DCT),1D Haar Wavelet,Gabor,and Convolutional Operations.Evolutionary method dragon fly optimisation reduces feature dimensionality and improves feature selection accuracy.The selected features are fed into VGGNet and GoogLeNet models using binary cascaded neural networks to analyse network traffic patterns,detect anomalies,and warn network administrators.The suggested model tackles the inadequacies of existing approaches to hybrid threats,which are growing more common and challenge conventional security measures.Our model integrates multidomain feature extraction,deep learning pattern analysis,and the forensic layer to improve intrusion detection and prevention systems.In diverse attack scenarios,our technique has 3.5% higher accuracy,4.3% higher precision,8.5% higher recall,and 2.9% lower delay than previous models.展开更多
文摘In recent work,adversarial stickers are widely used to attack face recognition(FR)systems in the physical world.However,it is difficult to evaluate the performance of physical attacks because of the lack of volunteers in the experiment.In this paper,a simple attack method called incomplete physical adversarial attack(IPAA)is proposed to simulate physical attacks.Different from the process of physical attacks,when an IPAA is conducted,a photo of the adversarial sticker is embedded into a facial image as the input to attack FR systems,which can obtain results similar to those of physical attacks without inviting any volunteers.The results show that IPAA has a higher similarity with physical attacks than digital attacks,indicating that IPAA is able to evaluate the performance of physical attacks.IPAA is effective in quantitatively measuring the impact of the sticker location on the results of attacks.
基金supported by the National Natural Science Foundation of China(No. 71020107027) in part by the Doctoral Startup Fundation of Xinjiang University of Finace and Economics
文摘Steganalysis attack is to statistically estimate the embedded watermark in the watermarked multimedia,and the estimated watermark may be destroyed by the attacker.The existing methods of false negative probability,however,do not consider the influence of steganalysis attack.This paper proposed the game theory based false negative probability to estimate the impacts of steganalysis attack,as well as unintentional attack.Specifically,game theory was used to model the collision between the embedment and steganalysis attack,and derive the optimal building embedding/attacking strategy.Such optimal playing strategies devote to calculating the attacker destructed watermark,used for calculation of the game theory based false negative probability.The experimental results show that watermark detection reliability measured using our proposed method,in comparison,can better reflect the real scenario in which the embedded watermark undergoes unintentional attack and the attacker using steganalysis attack.This paper provides a foundation for investigating countermeasures of digital watermarking community against steganalysis attack.
文摘Network attack detection and mitigation require packet collection,pre-processing,feature analysis,classification,and post-processing.Models for these tasks sometimes become complex or inefficient when applied to real-time data samples.To mitigate hybrid assaults,this study designs an efficient forensic layer employing deep learning pattern analysis and multidomain feature extraction.In this paper,we provide a novel multidomain feature extraction method using Fourier,Z,Laplace,Discrete Cosine Transform(DCT),1D Haar Wavelet,Gabor,and Convolutional Operations.Evolutionary method dragon fly optimisation reduces feature dimensionality and improves feature selection accuracy.The selected features are fed into VGGNet and GoogLeNet models using binary cascaded neural networks to analyse network traffic patterns,detect anomalies,and warn network administrators.The suggested model tackles the inadequacies of existing approaches to hybrid threats,which are growing more common and challenge conventional security measures.Our model integrates multidomain feature extraction,deep learning pattern analysis,and the forensic layer to improve intrusion detection and prevention systems.In diverse attack scenarios,our technique has 3.5% higher accuracy,4.3% higher precision,8.5% higher recall,and 2.9% lower delay than previous models.
