We gratefully acknowledge support from
the Simons Foundation and member institutions.
Full-text links:

Download:

Current browse context:

cs.CV
< prev | next >
new | recent | 2106

Change to browse by:

cs
cs.CR
cs.LG

References & Citations

DBLP - CS Bibliography

listing | bibtex

Bookmark

(what is this?)
CiteULike logo BibSonomy logo Mendeley logo del.icio.us logo Digg logo Reddit logo

Computer Science > Computer Vision and Pattern Recognition

Title: Disrupting Model Training with Adversarial Shortcuts

Authors: Ivan Evtimov, Ian Covert, Aditya Kusupati, Tadayoshi Kohno
(Submitted on 12 Jun 2021 (v1), last revised 30 Jun 2021 (this version, v2))
Abstract: When data is publicly released for human consumption, it is unclear how to prevent its unauthorized usage for machine learning purposes. Successful model training may be preventable with carefully designed dataset modifications, and we present a proof-of-concept approach for the image classification setting. We propose methods based on the notion of adversarial shortcuts, which encourage models to rely on non-robust signals rather than semantic features, and our experiments demonstrate that these measures successfully prevent deep learning models from achieving high accuracy on real, unmodified data examples.
Subjects: Computer Vision and Pattern Recognition (cs.CV); Cryptography and Security (cs.CR); Machine Learning (cs.LG)
Cite as: arXiv:2106.06654 [cs.CV]
  (or arXiv:2106.06654v2 [cs.CV] for this version)

Submission history

From: Ivan Evtimov [view email]
[v1] Sat, 12 Jun 2021 01:04:41 GMT (2709kb,D)
[v2] Wed, 30 Jun 2021 21:48:44 GMT (2710kb,D)
Which authors of this paper are endorsers? | Disable MathJax (What is MathJax?)

Link back to: arXiv, form interface, contact.