Machine Learning Attack Series: Image Scaling Attacks · Embrace The Red

submited by
Style Pass
2022-05-13 18:00:20

This post is part of a series about machine learning and artificial intelligence. Click on the blog tag “huskyai” to see related posts.

A few weeks ago while preparing demos for my GrayHat 2020 - Red Team Village presentation I ran across “Image Scaling Attacks” in Adversarial Preprocessing: Understanding and Preventing Image-Scaling Attacks in Machine Learning by Erwin Quiring, et al.

The basic idea is to hide a smaller image inside a larger image (it should be about 5-10x the size). The attack is easy to explain actually:

If you look closely, you can see that the second image does have some strange dots all around. But this is not noticable when viewed in smaller version.

You can find the code on Github. I used Google Colab to run it, and there were some errors initialy but it worked - let me know if interested and I can clean up and share the Notebook also.

The downsized image is an entirely different picture now! Of course I picked a husky, since I wanted to attack “Husky AI” and find another bypass.

Leave a Comment