21,982 research outputs found
Adversarial Out-domain Examples for Generative Models
Deep generative models are rapidly becoming a common tool for researchers and
developers. However, as exhaustively shown for the family of discriminative
models, the test-time inference of deep neural networks cannot be fully
controlled and erroneous behaviors can be induced by an attacker. In the
present work, we show how a malicious user can force a pre-trained generator to
reproduce arbitrary data instances by feeding it suitable adversarial inputs.
Moreover, we show that these adversarial latent vectors can be shaped so as to
be statistically indistinguishable from the set of genuine inputs. The proposed
attack technique is evaluated with respect to various GAN images generators
using different architectures, training processes and for both conditional and
not-conditional setups.Comment: accepted in proceedings of the Workshop on Machine Learning for
Cyber-Crime Investigation and Cybersecurit
NAM: Non-Adversarial Unsupervised Domain Mapping
Several methods were recently proposed for the task of translating images
between domains without prior knowledge in the form of correspondences. The
existing methods apply adversarial learning to ensure that the distribution of
the mapped source domain is indistinguishable from the target domain, which
suffers from known stability issues. In addition, most methods rely heavily on
`cycle' relationships between the domains, which enforce a one-to-one mapping.
In this work, we introduce an alternative method: Non-Adversarial Mapping
(NAM), which separates the task of target domain generative modeling from the
cross-domain mapping task. NAM relies on a pre-trained generative model of the
target domain, and aligns each source image with an image synthesized from the
target domain, while jointly optimizing the domain mapping function. It has
several key advantages: higher quality and resolution image translations,
simpler and more stable training and reusable target models. Extensive
experiments are presented validating the advantages of our method.Comment: ECCV 201
- …