ROBUST ADVERSARIAL EXAMPLE AS CAPTCHA GENERATOR
Adversarial example is an attack to neural network which can break image recognition system. This attack causes the image recognition to misclassify images with wrong class label. On the other hand, adversarial example can be used to enhance and improve the security of image CAPTCHA. Image CAPTCHA c...
Saved in:
| Main Author: | |
|---|---|
| Format: | Final Project |
| Language: | Indonesia |
| Online Access: | https://digilib.itb.ac.id/gdl/view/48585 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Institut Teknologi Bandung |
| Language: | Indonesia |
| Summary: | Adversarial example is an attack to neural network which can break image recognition system. This attack causes the image recognition to misclassify images with wrong class label. On the other hand, adversarial example can be used to enhance and improve the security of image CAPTCHA. Image CAPTCHA can be attacked using machine learning image recognition, but with adversarial example added to images in the CAPTCHA, image recognition will not be able to correctly determine images, resulting in CAPTCHA with security over machine learning attacks. In this study, a system to generate synthetic images with adversarial example was made to introduce an image CAPTCHA scheme that are secure against artificial intelligence attacks, while having robustness. Robust means that our adversarial examples are persistent through transformative image preprocessing.
Our Robust CAPTCHA Generator were successful in synthesizing adversarial images that are robust. From experiment, all of our adversarial images are immutable, their adversarial attribute cannot be negated through image transformation. Our images also cannot be recognized by image recognition model (Xception), with 0% top-1 accuracy. While it is still effective as an image CAPTCHA scheme shown by the result of our experiment to human user. The test reached 97.5% success rate of CAPTCHA test on human testers, it means that our images are distinguishable by the human eyes.
|
|---|