Summary of Aicattack: Adversarial Image Captioning Attack with Attention-based Optimization, by Jiyao Li et al.
AICAttack: Adversarial Image Captioning Attack with Attention-Based Optimization
by Jiyao Li, Mingze Ni, Yifei Dong, Tianqing Zhu, Wei Liu
First submitted to arxiv on: 19 Feb 2024
Categories
- Main: Computer Vision and Pattern Recognition (cs.CV)
- Secondary: Cryptography and Security (cs.CR); Machine Learning (cs.LG)
GrooveSquid.com Paper Summaries
GrooveSquid.com’s goal is to make artificial intelligence research accessible by summarizing AI papers in simpler terms. Each summary below covers the same AI paper, written at different levels of difficulty. The medium difficulty and low difficulty versions are original summaries written by GrooveSquid.com, while the high difficulty version is the paper’s original abstract. Feel free to learn from the version that suits you best!
| Summary difficulty | Written by | Summary |
|---|---|---|
| High | Paper authors | High Difficulty Summary Read the original abstract here |
| Medium | GrooveSquid.com (original content) | Medium Difficulty Summary Recent advances in deep learning have led to remarkable achievements across various tasks in computer vision (CV) and natural language processing (NLP). Despite these advancements, the robustness of image captioning models against adversarial attacks has not been thoroughly investigated. This paper introduces AICAttack, a novel strategy designed to attack image captioning models through subtle perturbations on images. The algorithm operates within a black-box scenario, requiring no access to the target model’s architecture, parameters, or gradient information. AICAttack employs an attention-based candidate selection mechanism and customised differential evolution method to optimise pixel perturbations. Experimental results demonstrate AICAttack’s effectiveness against multiple victim models, outperforming current leading-edge techniques with consistently higher attack success rates. |
| Low | GrooveSquid.com (original content) | Low Difficulty Summary Imagine a world where computers can generate descriptions of pictures. This is called image captioning, and it’s an important area of research in computer science. However, we haven’t been very good at making sure these systems are safe from attacks that could make them produce wrong or misleading information. In this paper, researchers introduce a new way to attack image captioning models by slightly changing the images they’re describing. This method is called AICAttack, and it’s clever because it doesn’t need to know how the model works or what its secrets are. The results show that AICAttack is very good at making these systems produce incorrect descriptions. |
Keywords
* Artificial intelligence * Attention * Deep learning * Image captioning * Natural language processing * Nlp
