TransMix: Crafting highly transferable adversarial examples to evade face recognition models

Faculty Computer Science Year: 2024
Type of Publication: ZU Hosted Pages:
Authors:
Yasmeen Mohamed Mohamed Khedr
Journal: Image and Vision Computing Elsevier (Science Direct) Volume:
Keywords : TransMix: Crafting highly transferable adversarial examples    
Abstract:
The main challenge in deceiving face recognition (FR) models lies in the target model under the black-box setting. Existing works seek to generate adversarial examples to improve the adversarial transferability for black-box attacks. However, the attack performance and quality of the crafted image still have room for improvement. In this work, we propose a novel method called TransMix to improve the transferability of adversarial face examples based on data augmentation. Our approach leverages the mixture of the original image with a mixed sample image that is randomly mixed using images from different identities or the same identities, incorporating information from diverse categories. Then, we perform random transformations times to create diverse input patterns, exploiting the gradient from various images and other identities in the same iteration. Extensive experiments conducted on the CelebA dataset demonstrate that TransMix achieves a significantly higher attack success rate against different FR models and Vision Transformers (ViTs), outperforming the best competitor by a large margin of 5.6% and 8.8% when attacking the ViTs using adversarial images generated on the ArcFace model. Our results also confirm that adversarial examples crafted by TransMix exhibit good adversarial transferability against defense models, achieving an attack success rate of 52.3% on the Bit-Red model.
    
     
 
       

Author Related Publications

  • Yasmeen Mohamed Mohamed Khedr, "Robust color image hashing using quaternion polar complex exponential transform for image authentication", Springer, 2018 More
  • Yasmeen Mohamed Mohamed Khedr, "Robust image hashing using exact Gaussian Hermite moments", IET The Institute of Engineering and Technology, 2018 More
  • Yasmeen Mohamed Mohamed Khedr, "Sampling-Based Teacher Guided Method to Boost Transferable Attack on SAR Image Classification", Frontiers in Artificial Intelligence and Applications, 2024 More
  • Yasmeen Mohamed Mohamed Khedr, "Semantic Adversarial Attacks on Face Recognition Through Significant Attributes", Springer, 2023 More
  • Yasmeen Mohamed Mohamed Khedr, "Experimental and numerical modelling of solid and hollow biomass pellets high-temperature rapid oxy-steam combustion: The effect of integrated CO2/H2O concentration", Elsevier, 2021 More

Department Related Publications

  • Osama Mohamed Abdelsalam Ahmed Elkomy, "MT-nCov-Net: A Multitask Deep-Learning Framework for Efficient Diagnosis of COVID-19 Using Tomography Scans", IEEE, 2021 More
  • Osama Mohamed Abdelsalam Ahmed Elkomy, "Two-Stage Deep Learning Framework for Discrimination between COVID-19 and Community-Acquired Pneumonia from Chest CT scans.", ELSEVIER, 2021 More
  • Osama Mohamed Abdelsalam Ahmed Elkomy, "Efficient model for emergency departments: Real case study", Computers, Materials and ContinuaComputers, Materials and Continua, 2022 More
  • Ehab Roshdy Mohamed, "SEMANTIC REPRESENTATION OF MUSIC DATABASE USING NEW ONTOLOGY-BASED SYSTEM", Journal of Theoretical and Applied Information Technology, 2020 More
  • Khalied Mohamed Hosny, "SEMANTIC REPRESENTATION OF MUSIC DATABASE USING NEW ONTOLOGY-BASED SYSTEM", Journal of Theoretical and Applied Information Technology, 2020 More
Tweet