担当区分：筆頭著者,　責任著者   記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）

Adversarial attacks pose a significant threat to the reliability and security of deep learning models, particularly in image processing applications. Defending against these sophisticated manipulations requires innovative strategies, with Generative Adversarial Networks (GANs) emerging as a promising solution. This paper presents an experimental exploration of the power of conditional Generative Adversarial Networks (cGANs) in image reconstruction-based strategies for defending against adversarial attacks. Our study involves a comparative analysis of four distinct image reconstruction models: the traditional GAN-based Defense-GAN, the cGAN-based method exemplified by pix2pix, a hybrid approach combining pix2pix with perceptual loss, and a generator model centered around residual blocks. The results of our experiments demonstrate that cGAN models exhibit significantly enhanced efficacy in defending against adversarial attacks compared to other image reconstruction methods. This superiority is attributed to the inherent characteristics of cGANs, which we delve into in detail. The findings provide crucial insights for developing more robust defense strategies against adversarial attacks in diverse image processing and machine learning applications.

DOI： 10.1007/978-3-031-57870-0_14

DOI： 10.1007/978-3-031-57870-0_14

担当区分：筆頭著者,　責任著者   記述言語：英語   掲載種別：研究論文（学術雑誌）

Recently, an increasing number of laws have governed the useability of users’ privacy. For example, Article 17 of the General Data Protection Regulation (GDPR), the right to be forgotten, requires machine learning applications to remove a portion of data from a dataset and retrain it if the user makes such a request. Furthermore, from the security perspective, training data for machine learning models, i.e., data that may contain user privacy, should be effectively protected, including appropriate erasure. Therefore, researchers propose various privacy-preserving methods to deal with such issues as machine unlearning. This paper provides an in-depth review of the security and privacy concerns in machine learning models. First, we present how machine learning can use users’ private data in daily life and the role that the GDPR plays in this problem. Then, we introduce the concept of machine unlearning by describing the security threats in machine learning models and how to protect users’ privacy from being violated using machine learning platforms. As the core content of the paper, we introduce and analyze current machine unlearning approaches and several representative results and discuss them in the context of the data lineage. Furthermore, we also discuss the future research challenges in this field.

DOI： 10.1007/s42979-023-01767-4

Kyutacar

Scopus

その他リンク： https://www.scopus.com/inward/record.uri?partnerID=HzOxMe3b&scp=85153474758&origin=inward

担当区分：筆頭著者,　責任著者   記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）

Convolutional neural networks are widely used for image recognition tasks, but they are vulnerable to adversarial attacks that can cause the model to misclassify an image. Such attacks pose a significant security risk in safety-critical applications like facial recognition and autonomous driving. Researchers have made progress in defending against adversarial attacks through two approaches: enhancing the neural networks themselves to be more robust and removing the perturbation added to the image through pre-processing. This paper is based upon a recent defense model that belongs to the latter approach, which utilizes image-to-image translation to regenerate images perturbed by adversarial attacks. We optimized the training process of their model and tested the model performance against more recent and strong attacks. The results show that the model is able to regenerate images attacked by the state-of-the-art attack, the AutoAttack, and restores the classification accuracy to a level over 83% to that of the original images.

DOI： 10.1007/978-3-031-41181-6_32

Kyutacar

Scopus

その他リンク： https://www.scopus.com/inward/record.uri?partnerID=HzOxMe3b&scp=85174448356&origin=inward

担当区分：筆頭著者,　責任著者   記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）

Over the past decade, the development of both adversarial attack methods and defense strategies has accelerated rapidly. Classification accuracy has been predominantly used as the sole metric for assessing model performance. However, when the reported accuracy rates of two models are identical or very similar, it becomes challenging to determine which model is superior. To address this issue and offer more insights into model performance, this study introduces a novel classification performance metric: the confidence gap. This metric is defined as the difference in confidence level between the true label and either the top 1 prediction or the second-best prediction, depending on the accuracy of the image classification. The confidence level, as indicated by its sign, reflects the correctness of the classification and provides more detailed information on the robustness of the classification result. Recognizing that evaluation results may be inconsistent when employing different criteria, we recommend that future research in this field should report the confidence gap alongside accuracy rates.

DOI： 10.1007/978-3-031-41181-6_41

Kyutacar

Scopus

その他リンク： https://www.scopus.com/inward/record.uri?partnerID=HzOxMe3b&scp=85174449307&origin=inward

担当区分：筆頭著者,　責任著者   記述言語：英語   掲載種別：研究論文（学術雑誌）

Deep learning has become one of the most popular research topics today. Researchers have developed cutting-edge learning algorithms and frameworks around deep learning, applying them to a wide range of fields to solve real-world problems. However, we are more concerned about the security risks associated with deep learning models, such as adversarial attacks, which this article will discuss. Attackers can use the deep learning model to create the conditions for an attack, maliciously manipulating the input images to deceive the classification model and produce false positives. This paper proposes a method of pre-denoising all input images to prevent adversarial attacks by adding a purification layer before the classification model. The method in this paper is proposed based on the basic architecture of Conditional Generative Adversarial Networks. It adds the image perception loss to the original algorithm Pix2pix to achieve more efficient image recovery. Our method can recover noise-attacked images to a level close to the actual image to ensure the correctness of the classification results. Experimental results show that our approach can quickly recover noisy images, and the recovery accuracy is 20.22% higher than the previous state-of-the-art.

DOI： 10.1109/ACCESS.2021.3137637

Kyutacar

Scopus

その他リンク： https://www.scopus.com/inward/record.uri?partnerID=HzOxMe3b&scp=85122080076&origin=inward

記述言語：英語

This exploratory investigation aims to discuss current network environment of digital supply chain system and security issues, especially from the Internet world, of digital supply chain management system with applying some advanced information technologies, such as Internet of Things and blockchain, for improving various system performance and properties. This paper introduces the general histories and backgrounds, in terms of information science, of the supply chain and relevant technologies which have been applied or are potential to be applied on supply chain with purpose of lowering cost, facilitating its security and convenience. It provides a comprehensive review of current relative research work and industrial cases from several famous companies. It also illustrates the IoT enablement and security issues of current digital supply chain system, and existing blockchain’s role in this kind of digital system. Finally, this paper concludes several potential or existing security issues and challenges which supply chain management is facing.

DOI： 10.1007/978-3-030-39746-3_57

Scopus