Zobrazit v EDS

A white-box false positive adversarial attack method on contrastive loss based offline handwritten signature verification models

Uloženo v:
Podrobná bibliografie
Název: A white-box false positive adversarial attack method on contrastive loss based offline handwritten signature verification models
Autoři: Guo, Zhongliang, Li, Weiye, Qian, Yifei, Arandelovic, Ognjen, Fang, Lei
Přispěvatelé: Dasgupta, Sanjoy, Mandt, Stephan, Li, Yingzhen, University of St Andrews.School of Computer Science, University of St Andrews.School of Mathematics and Statistics
Informace o vydavateli: MLResearchPress
Rok vydání: 2025
Sbírka: University of St Andrews: Digital Research Repository
Témata: QA75 Electronic computers. Computer science, NS, MCC, QA75
Popis: Funding: The first author Zhongliang Guo acknowledges the financial support through the China Scholarship Council – University of St Andrews Scholarship (Grant No.202208060113). ; In this paper, we tackle the challenge of white-box false positive adversarial attacks on contrastive loss based offline handwritten signature verification models. We propose a novel attack method that treats the attack as a style transfer between closely related but distinct writing styles. To guide the generation of deceptive images, we introduce two new loss functions that enhance the attack success rate by perturbing the Euclidean distance between the embedding vectors of the original and synthesized samples, while ensuring minimal perturbations by reducing the difference between the generated image and the original image. Our method demonstrates state-of-the-art performance in white-box attacks on contrastive loss based offline handwritten signature verification models, as evidenced by our experiments. The key contributions of this paper include a novel false positive attack method, two new loss functions, effective style transfer in handwriting styles, and superior performance in white-box false positive attacks compared to other white-box attack methods.
Druh dokumentu: conference object
Popis souboru: application/pdf
Jazyk: English
Relation: Proceedings of The 27th International Conference on Artificial Intelligence and Statistics; Proceedings of Machine Learning Research; 307849528; 85194186771; conference; https://hdl.handle.net/10023/31898; https://proceedings.mlr.press/v238/guo24a.html; https://openreview.net/forum?id=9wPU8ouFi9
Dostupnost: https://hdl.handle.net/10023/31898
https://proceedings.mlr.press/v238/guo24a.html
https://openreview.net/forum?id=9wPU8ouFi9
Rights: © 2024 The Author(s). Licensed under Creative Commons Attribution Share-Alike 4.0 International (https://creativecommons.org/licenses/by-sa/4.0/).
Přístupové číslo: edsbas.42F799B7
Databáze: BASE
Popis
Abstrakt:Funding: The first author Zhongliang Guo acknowledges the financial support through the China Scholarship Council – University of St Andrews Scholarship (Grant No.202208060113). ; In this paper, we tackle the challenge of white-box false positive adversarial attacks on contrastive loss based offline handwritten signature verification models. We propose a novel attack method that treats the attack as a style transfer between closely related but distinct writing styles. To guide the generation of deceptive images, we introduce two new loss functions that enhance the attack success rate by perturbing the Euclidean distance between the embedding vectors of the original and synthesized samples, while ensuring minimal perturbations by reducing the difference between the generated image and the original image. Our method demonstrates state-of-the-art performance in white-box attacks on contrastive loss based offline handwritten signature verification models, as evidenced by our experiments. The key contributions of this paper include a novel false positive attack method, two new loss functions, effective style transfer in handwriting styles, and superior performance in white-box false positive attacks compared to other white-box attack methods.