Self-recoverable Adversarial Examples: A New Effective Protection Mechanism in Social Networks
This addresses privacy security for social network users by enabling recoverable adversarial examples as a protection mechanism against malicious AI algorithms.
The paper tackles the problem of adversarial examples lacking recoverability for privacy protection in social networks by proposing a recoverable generative adversarial network that models attack and recovery as a unified task. The method achieves superior recoverability, attack ability, and robustness across different datasets and network architectures.
Malicious intelligent algorithms greatly threaten the security of social users' privacy by detecting and analyzing the uploaded photos to social network platforms. The destruction to DNNs brought by the adversarial attack sparks the potential that adversarial examples serve as a new protection mechanism for privacy security in social networks. However, the existing adversarial example does not have recoverability for serving as an effective protection mechanism. To address this issue, we propose a recoverable generative adversarial network to generate self-recoverable adversarial examples. By modeling the adversarial attack and recovery as a united task, our method can minimize the error of the recovered examples while maximizing the attack ability, resulting in better recoverability of adversarial examples. To further boost the recoverability of these examples, we exploit a dimension reducer to optimize the distribution of adversarial perturbation. The experimental results prove that the adversarial examples generated by the proposed method present superior recoverability, attack ability, and robustness on different datasets and network architectures, which ensure its effectiveness as a protection mechanism in social networks.