Communications of the ACM

Home/News/Hacked Dog Pics Can Play Tricks on Computer Vision.../Full Text

ACM TechNews

Hacked Dog Pics Can Play Tricks on Computer Vision AI

By IEEE Spectrum
December 27, 2017
Comments

View as: Print Mobile App Share:

Researchers at the Massachusetts Institute of Technology (MIT) have demonstrated a new way to fool computer vision algorithms that enable artificial intelligence systems to see.

The researchers exploited the Google Cloud Vision API that enables anyone to perform image labeling, face and landmark detection, optical character recognition, and tagging of explicit content. Traditional hacking approaches are inefficient and impractical when targeting large images with tens of thousands of pixels. To overcome this problem, the MIT team adapted a "natural evolution strategies" method that generates smaller populations of images around the larger image, with large random groups of pixels being perturbed instead of single pixels. Then, given the classifier's output on these randomly perturbed images, the system recovers what the contribution of each individual pixel is to the classification output, according to MIT researcher Andrew Ilyas.

The researchers used this method to create "adversarial images" that would trick a computer vision program into seeing an object that was not really there.

From IEEE Spectrum
View Full Article

No entries found

Hacked Dog Pics Can Play Tricks on Computer Vision AI

Computer-Engineered DNA to Study Cell Identities

Data Bias Management

Why are the Critical Value and Emergent Behavior of Large Language Models (LLMs) Fake?