Security Consideration for Deep Learning-Based Image Forensics

Wei ZHAO  Pengpeng YANG  Rongrong NI  Yao ZHAO  Haorui WU  

IEICE TRANSACTIONS on Information and Systems   Vol.E101-D   No.12   pp.3263-3266
Publication Date: 2018/12/01
Online ISSN: 1745-1361
DOI: 10.1587/transinf.2018EDL8091
Type of Manuscript: LETTER
Category: Image Recognition, Computer Vision
image forensics,  security,  deep learning,  adversarial images,  

Full Text: PDF(1.4MB)>>
Buy this Article

Recently, image forensics community has paid attention to the research on the design of effective algorithms based on deep learning technique. And facts proved that combining the domain knowledge of image forensics and deep learning would achieve more robust and better performance than the traditional schemes. Instead of improving algorithm performance, in this paper, the safety of deep learning based methods in the field of image forensics is taken into account. To the best of our knowledge, this is the first work focusing on this topic. Specifically, we experimentally find that the method using deep learning would fail when adding the slight noise into the images (adversarial images). Furthermore, two kinds of strategies are proposed to enforce security of deep learning-based methods. Firstly, a penalty term to the loss function is added, which is the 2-norm of the gradient of the loss with respect to the input images, and then an novel training method is adopt to train the model by fusing the normal and adversarial images. Experimental results show that the proposed algorithm can achieve good performance even in the case of adversarial images and provide a security consideration for deep learning-based image forensics.