Pratik Parmar
A data scientist who caught the travel bug!
The Invisibility Cloak
No, not like this
Let's make you Invisible from the surveillance cameras
Surveillance
Surveillance in India
Big Brother is watching you!
And China is not alone!
Surveillance systems around the world
- US Department of State
- South Wales
- Maryland Police Department
- DeepFace by Facebook
Now they don't even need a CCTV camera anymore
They're saying it's there to protect us
But how much Privacy are we willing to give up to be safe?
Is there any solution then?
Adversarial Attack
With the addition of carefully constructed noise to the input image, we can fool the neural networks!
Yeah, it's a kinda optical illusion but for the Neural Networks.
We humans won't find it suspicious, but the system classifies the right image as a speed limit of 45 mph
Adversarial Patch
A patch that can be places anywhere within the field of classifier and cause the classifier to output a targeted class.
Adversarial Patch
Hmm,
seems interesting
But how can we use it be invisible from surveillance systems?
Adversarial Patch against YOLO
Adversarial Patch in Real World
Demo time!
Defense against the Adversarial Attack
Defenses do exist, but incur some cost
Similar to spam vs. anti-spam, we may be in an arms race for some applications
Adversarial Training
Adversarial Training
CleverHans
The Barrage of Random Transforms (BaRT )
Transforms includes
- Color Precision Reduction
- Noise Injection
- FFT
Pertubation - and many more...
Unfortunately, no code or demo available
About me
Pratik Parmar
A Travelling Data Scientist
Twitter: @hackyroot
The Invisibility Cloak (Work In Progress)
By Pratik Parmar
