HAG-NET: Hiding Data and Adversarial Attacking with Generative Adversarial Network-Reference-Cited by-同舟云学术

HAG-NET: Hiding Data and Adversarial Attacking with Generative Adversarial Network

Published:2024-03-19 Issue:3 Volume:26 Page:269
ISSN:1099-4300
Container-title:Entropy
language:en
Short-container-title:Entropy

Author:

Fan Haiju¹,Wang Jinsong¹

Affiliation:

1. College of Computer and Information Engineering, Henan Normal University, Xinxiang 453007, China

Abstract

Recent studies on watermarking techniques based on image carriers have demonstrated new approaches that combine adversarial perturbations against steganalysis with embedding distortions. However, while these methods successfully counter convolutional neural network-based steganalysis, they do not adequately protect the data of the carrier itself. Recognizing the high sensitivity of Deep Neural Networks (DNNs) to small perturbations, we propose HAG-NET, a method based on image carriers, which is jointly trained by the encoder, decoder, and attacker. In this paper, the encoder generates Adversarial Steganographic Examples (ASEs) that are adversarial to the target classification network, thereby providing protection for the carrier data. Additionally, the decoder can recover secret data from ASEs. The experimental results demonstrate that ASEs produced by HAG-NET achieve an average success rate of over 99% on both the MNIST and CIFAR-10 datasets. ASEs generated with the attacker exhibit greater robustness in terms of attack ability, with an average increase of about 3.32%. Furthermore, our method, when compared with other generative stego examples under similar perturbation strength, contains significantly more information according to image information entropy measurements.

Publisher

MDPI AG

Link

https://www.mdpi.com/1099-4300/26/3/269/pdf

Reference26 articles.

1. CNN-based adversarial embedding for image steganography;Tang;IEEE Trans. Inf. Forensics Secur.,2019

2. Fan, Z., Chen, K., Qin, C., Zeng, K., Zhang, W., and Yu, N. (2023, January 4–10). Image Adversarial Steganography Based on Joint Distortion. Proceedings of the ICASSP 2023—IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP), Rhodes Island, Greece.

3. Szegedy, C., Zaremba, W., Sutskever, I., Bruna, J., Erhan, D., Goodfellow, I.J., and Fergus, R. (2014, January 14–16). Intriguing Properties of Neural Networks. Proceedings of the ICLR 2014—International Conference on Learning Representations, Banff, AB, Canada.

4. Goodfellow, I.J., Shlens, J., and Szegedy, C. (2015, January 7–9). Explaining and Harnessing AE. Proceedings of the ICLR 2015—International Conference on Learning Representations, San Diego, CA, USA.

5. Madry, A., Makelov, A., Schmidt, L., Tsipras, D., and Vladu, A. (May, January 30). Towards Deep Learning Models Resistant to Adversarial Attacks. Proceedings of the ICLR 2018—International Conference on Learning Representations, Vancouver, BC, Canada.