Adaptive Log-Exp Perturbations for Secure AI Image Compression

Razan Dibo; Anton Bibin; Nikolay Kalmykov; Ashish Jha; Nikolay Kozyrskiy; ANH-HUY PHAN

Adaptive Log-Exp Perturbations for Secure AI Image Compression

Razan Dibo, Anton Bibin, Nikolay Kalmykov, Ashish Jha, Nikolay Kozyrskiy, ANH-HUY PHAN

27 Sept 2024 (modified: 11 Jan 2025)ICLR 2025 Conference Withdrawn SubmissionEveryoneRevisionsBibTeXCC BY 4.0

Keywords: neural image compression, adversarial attack, adaptive perturbation

Abstract: AI image compression has outperformed traditional methods in both efficiency and quality but remains vulnerable to adversarial attacks. Most attacks on deep neural networks (DNNs) involve adding small perturbations to the input image to deceive the system and produce incorrect results. While simple, these additive perturbations affect pixels uniformly across different intensity levels, from dark to bright regions. However the human eye is less sensitive to variations in dark areas than in bright ones, making noise in brighter areas more visible. This observation suggests a novel attack strategy that minimizes the visibility of adversarial noise through adaptive perturbations. To achieve this, we propose a nonlinear log-exp perturbation, which applies more noise to dark pixels while minimizing its impact on bright areas. We evaluated this perturbation model in two scenarios: one distorts the output of decompression models and another one increases the bit rate of compressed images without visibly affecting quality. Our findings offer new strategies to protect AI-driven image compression systems, ensuring both security and performance in practical applications.

Primary Area: alignment, fairness, safety, privacy, and societal considerations

Code Of Ethics: I acknowledge that I and all co-authors of this work have read and commit to adhering to the ICLR Code of Ethics.

Submission Guidelines: I certify that this submission complies with the submission instructions as described on https://iclr.cc/Conferences/2025/AuthorGuide.

Reciprocal Reviewing: I understand the reciprocal reviewing requirement as described on https://iclr.cc/Conferences/2025/CallForPapers. If none of the authors are registered as a reviewer, it may result in a desk rejection at the discretion of the program chairs. To request an exception, please complete this form at https://forms.gle/Huojr6VjkFxiQsUp6.

Anonymous Url: I certify that there is no URL (e.g., github page) that could be used to find authors’ identity.

No Acknowledgement Section: I certify that there is no acknowledgement section in this submission for double blind review.

Submission Number: 11812

Loading