papers in adversarial machine learning — adversarial attack

Adversarial patterns are specially crafted image perturbations that trick models into producing incorrect outputs. Applying JPEG compression to the inputs of a computer vision model can effectively "smear" out adversarial perturbations, making it more difficult to successfully launch an adversarial attack.

What if breaking into an office was as easy as wearing a special pair of glasses, or putting a sticker on your forehead? It can be, if you make the right adversarial patch. Learn how to use adversarial machine learning to hide from face recognition systems, or convince them that you are someone else.

Sometimes, you need to send encrypted information, but also keep the fact that you are sending it a secret. Hiding secrets in regular data like this is called steganography, and it's cooler than it sounds, unless you are super into stegosaurus, and then it is exactly as cool as it sounds. With a few tweaks, you can use adversarial watermarking to hide information in normal-looking images and text. See how to do it here.

Maybe.

Data poisoning is when someone adds small changes to a training dataset to cause any model trained on those data to misbehave. An effective heuristic approach involves generating adversarial examples instead. The authors show degradations in model accuracy that are worse than random chance performance.