The paper describes an efficient lossy and lossless three dimensional (3D) image compression of hyperspectral images. The method adopts the 3D spatial-spectral hybrid transform and the proposed transform-based coder. ...The paper describes an efficient lossy and lossless three dimensional (3D) image compression of hyperspectral images. The method adopts the 3D spatial-spectral hybrid transform and the proposed transform-based coder. The hybrid transforms are that Karhunen-Loève Transform (KLT) which decorrelates spectral data of a hyperspectral image, and the integer Discrete Wavelet Transform (DWT) which is applied to the spatial data and produces decorrelated wavelet coefficients. Our simpler transform-based coder is inspired by Shapiro’s EZW algorithm, but encodes residual values and only implements dominant pass incorporating six symbols. The proposed method will be examined on AVIRIS images and evaluated using compression ratio for both lossless and lossy compression, and signal to noise ratio (SNR) for lossy compression. Experimental results show that the proposed image compression not only is more efficient but also has better compression ratio.展开更多
In generating adversarial examples,the conventional black-box attack methods rely on sufficient feedback from the to-be-attacked models by repeatedly querying until the attack is successful,which usually results in th...In generating adversarial examples,the conventional black-box attack methods rely on sufficient feedback from the to-be-attacked models by repeatedly querying until the attack is successful,which usually results in thousands of trials during an attack.This may be unacceptable in real applications since Machine Learning as a Service Platform(MLaaS)usually only returns the final result(i.e.,hard-label)to the client and a system equipped with certain defense mechanisms could easily detect malicious queries.By contrast,a feasible way is a hard-label attack that simulates an attacked action being permitted to conduct a limited number of queries.To implement this idea,in this paper,we bypass the dependency on the to-be-attacked model and benefit from the characteristics of the distributions of adversarial examples to reformulate the attack problem in a distribution transform manner and propose a distribution transform-based attack(DTA).DTA builds a statistical mapping from the benign example to its adversarial counterparts by tackling the conditional likelihood under the hard-label black-box settings.In this way,it is no longer necessary to query the target model frequently.A well-trained DTA model can directly and efficiently generate a batch of adversarial examples for a certain input,which can be used to attack un-seen models based on the assumed transferability.Furthermore,we surprisingly find that the well-trained DTA model is not sensitive to the semantic spaces of the training dataset,meaning that the model yields acceptable attack performance on other datasets.Extensive experiments validate the effectiveness of the proposed idea and the superiority of DTA over the state-of-the-art.展开更多
文摘The paper describes an efficient lossy and lossless three dimensional (3D) image compression of hyperspectral images. The method adopts the 3D spatial-spectral hybrid transform and the proposed transform-based coder. The hybrid transforms are that Karhunen-Loève Transform (KLT) which decorrelates spectral data of a hyperspectral image, and the integer Discrete Wavelet Transform (DWT) which is applied to the spatial data and produces decorrelated wavelet coefficients. Our simpler transform-based coder is inspired by Shapiro’s EZW algorithm, but encodes residual values and only implements dominant pass incorporating six symbols. The proposed method will be examined on AVIRIS images and evaluated using compression ratio for both lossless and lossy compression, and signal to noise ratio (SNR) for lossy compression. Experimental results show that the proposed image compression not only is more efficient but also has better compression ratio.
基金supported in part by the National Natural Science Foundation of China under Grant 62162067,62101480 and 62362068Research and Application of Object Detection based on Artificial Intelligence,in part by the Yunnan Province expert workstations under Grant 202305AF150078the Scientific Research Fund Project of Yunnan Provincial Education Department under 2023Y0249.
文摘In generating adversarial examples,the conventional black-box attack methods rely on sufficient feedback from the to-be-attacked models by repeatedly querying until the attack is successful,which usually results in thousands of trials during an attack.This may be unacceptable in real applications since Machine Learning as a Service Platform(MLaaS)usually only returns the final result(i.e.,hard-label)to the client and a system equipped with certain defense mechanisms could easily detect malicious queries.By contrast,a feasible way is a hard-label attack that simulates an attacked action being permitted to conduct a limited number of queries.To implement this idea,in this paper,we bypass the dependency on the to-be-attacked model and benefit from the characteristics of the distributions of adversarial examples to reformulate the attack problem in a distribution transform manner and propose a distribution transform-based attack(DTA).DTA builds a statistical mapping from the benign example to its adversarial counterparts by tackling the conditional likelihood under the hard-label black-box settings.In this way,it is no longer necessary to query the target model frequently.A well-trained DTA model can directly and efficiently generate a batch of adversarial examples for a certain input,which can be used to attack un-seen models based on the assumed transferability.Furthermore,we surprisingly find that the well-trained DTA model is not sensitive to the semantic spaces of the training dataset,meaning that the model yields acceptable attack performance on other datasets.Extensive experiments validate the effectiveness of the proposed idea and the superiority of DTA over the state-of-the-art.
