• Journal of the Institute of Convergence Signal Processing
• /
• v.23 no.4
• /
• pp.194-199
• /
• 2022

Preprocessing for high-quality data is required for high accuracy and usability in various and complex image data-based industries. However, when a contaminated hostile example that combines noise with existing image or video data is introduced, which can pose a great risk to the company, it is necessary to restore the previous damage to ensure the company's reliability, security, and complete results. As a countermeasure for this, restoration was previously performed using Defense-GAN, but there were disadvantages such as long learning time and low quality of the restoration. In order to improve this, this paper proposes a method using adversarial examples created through FGSM according to image segmentation in addition to using the VQ-VAE model. First, the generated examples are classified as a general classifier. Next, the unsegmented data is put into the pre-trained VQ-VAE model, restored, and then classified with a classifier. Finally, the data divided into quadrants is put into the 4-split-VQ-VAE model, the reconstructed fragments are combined, and then put into the classifier. Finally, after comparing the restored results and accuracy, the performance is analyzed according to the order of combining the two models according to whether or not they are split.

• Journal of Internet Computing and Services
• /
• v.24 no.6
• /
• pp.119-125
• /
• 2023

Through the Ukraine-Russia war, the military importance of drones is being reassessed, and North Korea has completed actual verification through a drone provocation towards South Korea at 2022. Furthermore, North Korea is actively integrating artificial intelligence (AI) technology into drones, highlighting the increasing threat posed by drones. In response, the Republic of Korea military has established Drone Operations Command(DOC) and implemented various drone defense systems. However, there is a concern that the efforts to enhance capabilities are disproportionately focused on striking systems, making it challenging to effectively counter swarm drone attacks. Particularly, Air Force bases located adjacent to urban areas face significant limitations in the use of traditional air defense weapons due to concerns about civilian casualties. Therefore, this study proposes a new passive air defense method that aims at disrupting the object detection capabilities of AI models to enhance the survivability of friendly aircraft against the threat posed by AI based swarm drones. Using laser-based adversarial examples, the study seeks to degrade the recognition accuracy of object recognition AI installed on enemy drones. Experimental results using synthetic images and precision-reduced models confirmed that the proposed method decreased the recognition accuracy of object recognition AI, which was initially approximately 95%, to around 0-15% after the application of the proposed method, thereby validating the effectiveness of the proposed method.

• Review of KIISC
• /
• v.29 no.6
• /
• pp.67-74
• /
• 2019

기계학습 알고리즘을 이용한 다양한 분야에서의 활용사례들이 우리 사회로 점차 확산되어가며, 기계학습을 통해 산출된 모델의 오동작을 유발할 수 있는 공격이 활발히 연구되고 있다. 특히, 한국에서는 딥러닝을 포함해 인공지능을 응용한 융합분야를 국가적 차원에서 추진하고 있으며, 만약 인공지능 모델 자체에서 발생하는 취약점을 보완하지 못하고 사전에 공격을 대비하지 않는다면, 뒤늦은 대응으로 인하여 관련 산업의 활성화가 지연될 수 있는 문제점이 발생할 수도 있다. 본 논문에서는 기계학습 모델에서, 특히 심층 신경망으로 구성되어 있는 모델에서 발생할 수 있는 공격들을 정의하고 연구 동향을 분석, 안전한 기계학습 모델 구성을 위해 필요한 시사점을 제시한다. 구체적으로, 가장 널리 알려진 적대적 사례(adversarial examples) 뿐 아니라, 프라이버시 침해를 유발하는 추론 공격 등이 어떻게 정의되는지 설명한다.

• Annual Conference on Human and Language Technology
• /
• 2021.10a
• /
• pp.41-46
• /
• 2021

기계 독해는 문단과 질문이 주어질 때에 정답을 맞추는 자연어처리의 연구분야다. 최근 기계 독해 모델이 사람보다 높은 성능을 보여주고 있지만, 문단과 질의가 크게 변하지 않더라도 예상과 다른 결과를 만들어 성능에 영향을 주기도 한다. 본 논문에서는 문단과 질문 두 가지 관점에서 적대적 예시 데이터를 사용하여 보다 강건한 질의응답 모델을 훈련하는 방식을 제안한다. 트랜스포머 인코더 모델을 활용하였으며, 데이터를 생성하기 위해서 KorQuAD 1.0 데이터셋에 적대적 예시를 추가하여 실험을 진행하였다. 적대적 예시를 이용한 데이터로 실험한 결과, 기존 모델보다 1% 가량 높은 성능을 보였다. 또한 질의의 적대적 예시 데이터를 활용하였을 때, 기존 KorQuAD 1.0 데이터에 대한 성능 향상을 확인하였다.

• Annual Conference on Human and Language Technology
• /
• 2020.10a
• /
• pp.453-454
• /
• 2020

본 연구는 적대적 예제에 강건한 한국어 패러프레이즈 문장 인식 기술을 다룬다. 구글에서 적대적 예제를 포함하는 PAWS-X 다국어 말뭉치를 공개하였다. 이로써, 한국어에서도 적대적 예제를 다룰 수 있는 실마리가 제공되었다. PAWS-X는 개체 교환형을 대표로 하는 적대적 예제를 포함하고 있다. 이 말뭉치만으로도 개체 교환형 이외의 적대적 예제 타입을 위한 인식 모델을 구축할 수 있을지, 다앙한 타입의 실(real) 패러프레이즈 문장 인식에서도 적용할 수 있는지, 학습에 추가적인 타입의 패러프레이즈 데이터가 필요한지 등에 대해 다양한 실험을 통해 알아보고자 한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2021.11a
• /
• pp.580-583
• /
• 2021

인공지능이 발전함에 따라 그에 따른 보안의 중요성이 커지고 있다. 딥러닝을 공격하는 방법 중 하나인 적대적 공격은 적대적 사례를 활용한 공격이다. 이 적대적 사례를 생성하는 대표적인 4가지 기법들에는 기울기 손실함수을 활용하는 FGSM, 네트워크에 쿼리를 반복하여 공격하는 Deepfool, 입력과 결과에 대한 맵을 생성하는 JSMA, 잡음과 원본 데이터의 상관관계에 기반한 공격인 CW 기법이 있다. 이외에도 적대적 사례를 생성하는 다양한 연구들이 진행되고 있다. 그 중에서도 본 논문에서는 FGSM기반의 ABI-FGM, JSMA 기반의 TJSMA, 그 외에 과적합을 줄이는 CIM, DE 알고리즘에 기반한 One pixel 등 최신 적대적 사례 생성 연구에 대해 살펴본다.

• Geophysics and Geophysical Exploration
• /
• v.26 no.2
• /
• pp.37-51
• /
• 2023

The ground roll is the most common coherent noise in land seismic data and has an amplitude much larger than the reflection event we usually want to obtain. Therefore, ground roll suppression is a crucial step in seismic data processing. Several techniques, such as f-k filtering and curvelet transform, have been developed to suppress the ground roll. However, the existing methods still require improvements in suppression performance and efficiency. Various studies on the suppression of ground roll in seismic data have recently been conducted using deep learning methods developed for image processing. In this paper, we introduce three models (DnCNN (De-noiseCNN), pix2pix, and CycleGAN), based on convolutional neural network (CNN) or conditional generative adversarial network (cGAN), for ground roll suppression and explain them in detail through numerical examples. Common shot gathers from the same field were divided into training and test datasets to compare the algorithms. We trained the models using the training data and evaluated their performances using the test data. When training these models with field data, ground roll removed data are required; therefore, the ground roll is suppressed by f-k filtering and used as the ground-truth data. To evaluate the performance of the deep learning models and compare the training results, we utilized quantitative indicators such as the correlation coefficient and structural similarity index measure (SSIM) based on the similarity to the ground-truth data. The DnCNN model exhibited the best performance, and we confirmed that other models could also be applied to suppress the ground roll.

• Journal of Multimedia Information System
• /
• v.7 no.1
• /
• pp.1-10
• /
• 2020

The image analysis is an important and predominant task for classifying the different parts of the image. The analysis of complex image analysis like histopathological define a crucial factor in oncology due to its ability to help pathologists for interpretation of images and therefore various feature extraction techniques have been evolved from time to time for such analysis. Although deep reinforcement learning is a new and emerging technique but very less effort has been made to compare the deep learning and deep reinforcement learning for image analysis. The paper highlights how both techniques differ in feature extraction from complex images and discusses the potential pros and cons. The use of Convolution Neural Network (CNN) in image segmentation, detection and diagnosis of tumour, feature extraction is important but there are several challenges that need to be overcome before Deep Learning can be applied to digital pathology. The one being is the availability of sufficient training examples for medical image datasets, feature extraction from whole area of the image, ground truth localized annotations, adversarial effects of input representations and extremely large size of the digital pathological slides (in gigabytes).Even though formulating Histopathological Image Analysis (HIA) as Multi Instance Learning (MIL) problem is a remarkable step where histopathological image is divided into high resolution patches to make predictions for the patch and then combining them for overall slide predictions but it suffers from loss of contextual and spatial information. In such cases the deep reinforcement learning techniques can be used to learn feature from the limited data without losing contextual and spatial information.