How To Fool Image Recognition? It is alarmingly simple to fool an image recognition system by an adversarial attack.
So How To Fool Image Recognition?
Let us have an example. Let say that you are running security at a cows farm. All your cameras have an advance image recognition.
That if ever a single cow escape alarm will sound. However, there is an instance that the sound alarm and no single cow has escaped.
Now you review the system only to find that it is not a cow but an outsider goat. And it’s very odd.
So What happened?
Your image recognition algorithm is a fool by adversarial attacks. With knowledge of the algorithm’s design, the goat was able to design note cards that fool the A.I. think it was a cow escaping.
We think that something has gone wrong with the A.I. when it does something like stated above.
The system is scattered with security holes. And of course, programmers are only human. Humans who are not perfect, make mistake.
Note :
How To Fool Image Recognition Result Problems
Some image data sets in the world are both easy to use. Also, useful enough for training image recognition algorithms.
Furthermore, images are free and can use in adversarial attacks. Also, adversarial attacks design for a specific A.I. can be used on others.
This means even you keep your code’s secret. The chances that hackers can penetrate on your system is big.
Seeing What Isn’t There
Today neural nets are quite good of:
- Recognizing faces
- Spoken words
- Objects (i.e animals, signs, etc.)
However, it can make mistakes.
Such as, by using a subtly alter image the neural network will include whatnot in there.
A Hard Trick To Pull Off
You can build an adversarial example to fool your neural network. Also, it can fool the other neural too that the same task as yours.
Note: The Adversarial example is an instance small. It is an intentional feature perturbation that causes false predictions.
Malicious Software
Malicious software is a program that causes harm to the internal system computer. It can penetrate through viruses, worms, trojans, spyware, etc.
The image recognition can fool by malicious software. Some public datasheets are links to malicious software.
A single malware data sets are enough to corrupt a 3 percent of the datasheets.
Furthermore, out of this, a hacker will able to design adversarial attacks that A.I. strained out.
Also, it’s a bit worrying that hackers can easily penetrate the system. It means that algorithms may not entirely clear. Moreover, it is still dependent on its training data than its finished products.
Conclusion
Having the knowledge that image recognition can easily fooled by using an adversarial attack. It might make us feel unsafe.
Also, thinking that our security might hack any moment or disrupted by any hackers.
However, we can think outside the box. If we already know the loopholes, or the possible way of hackers we can plan for an counterattack.
Shield against hackers by discovering effectiveness strategies to fool our image recognition models.
