Cross-modal Adversarial Reprogramming

Paarth Neekhara; Shehzeen Hussain; Jinglong Du; Shlomo Dubnov; Farinaz Koushanfar; Julian McAuley

doi:10.1109/WACV51458.2022.00295

Cross-modal Adversarial Reprogramming

Paarth Neekhara, Shehzeen Hussain, Jinglong Du, Shlomo Dubnov, Farinaz Koushanfar, Julian McAuley

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

With the abundance of large-scale deep learning models, it has become possible to repurpose pre-trained networks for new tasks. Recent works on adversarial reprogramming have shown that it is possible to repurpose neural networks for alternate tasks without modifying the network architecture or parameters. However these works only consider original and target tasks within the same data domain. In this work, we broaden the scope of adversarial reprogramming beyond the data modality of the original task. We analyze the feasibility of adversarially repurposing image classification neural networks for Natural Language Processing (NLP) and other sequence classification tasks. We design an efficient adversarial program that maps a sequence of discrete tokens into an image which can be classified to the desired class by an image classification model. We demonstrate that by using highly efficient adversarial programs, we can reprogram image classifiers to achieve competitive performance on a variety of text and sequence classification benchmarks without retraining the network.

Original language	English
Title of host publication	Proceedings - 2022 IEEE/CVF Winter Conference on Applications of Computer Vision, WACV 2022
Publisher	Institute of Electrical and Electronics Engineers
Pages	2898-2906
Number of pages	9
ISBN (Electronic)	9781665409155
DOIs	https://doi.org/10.1109/WACV51458.2022.00295
State	Published - 1 Jan 2022
Externally published	Yes
Event	22nd IEEE/CVF Winter Conference on Applications of Computer Vision, WACV 2022 - Waikoloa, United States Duration: 4 Jan 2022 → 8 Jan 2022

Publication series

Name	Proceedings - 2022 IEEE/CVF Winter Conference on Applications of Computer Vision, WACV 2022

Conference

Conference	22nd IEEE/CVF Winter Conference on Applications of Computer Vision, WACV 2022
Country/Territory	United States
City	Waikoloa
Period	4/01/22 → 8/01/22

Keywords

Adversarial Attack and Defense Methods
Adversarial Learning
Deep Learning
Few-shot
Semi- and Un- supervised Learning
Transfer
Vision and Languages Deep Learning

ASJC Scopus subject areas

Computer Vision and Pattern Recognition
Computer Science Applications

Access to Document

10.1109/WACV51458.2022.00295

Cite this

Neekhara, P., Hussain, S., Du, J., Dubnov, S., Koushanfar, F., & McAuley, J. (2022). Cross-modal Adversarial Reprogramming. In Proceedings - 2022 IEEE/CVF Winter Conference on Applications of Computer Vision, WACV 2022 (pp. 2898-2906). (Proceedings - 2022 IEEE/CVF Winter Conference on Applications of Computer Vision, WACV 2022). Institute of Electrical and Electronics Engineers. https://doi.org/10.1109/WACV51458.2022.00295

@inproceedings{4db2c99d2b9e4bbcb57aff81b431b7b0,

title = "Cross-modal Adversarial Reprogramming",

abstract = "With the abundance of large-scale deep learning models, it has become possible to repurpose pre-trained networks for new tasks. Recent works on adversarial reprogramming have shown that it is possible to repurpose neural networks for alternate tasks without modifying the network architecture or parameters. However these works only consider original and target tasks within the same data domain. In this work, we broaden the scope of adversarial reprogramming beyond the data modality of the original task. We analyze the feasibility of adversarially repurposing image classification neural networks for Natural Language Processing (NLP) and other sequence classification tasks. We design an efficient adversarial program that maps a sequence of discrete tokens into an image which can be classified to the desired class by an image classification model. We demonstrate that by using highly efficient adversarial programs, we can reprogram image classifiers to achieve competitive performance on a variety of text and sequence classification benchmarks without retraining the network.",

keywords = "Adversarial Attack and Defense Methods, Adversarial Learning, Deep Learning, Few-shot, Semi- and Un- supervised Learning, Transfer, Vision and Languages Deep Learning",

author = "Paarth Neekhara and Shehzeen Hussain and Jinglong Du and Shlomo Dubnov and Farinaz Koushanfar and Julian McAuley",

note = "Funding Information: This work was supported by ARO under award number W911NF1910317, SRC under Task ID: 2899.001 and DoD UCR W911NF2020267 (MCA S-001364). Publisher Copyright: {\textcopyright} 2022 IEEE.; 22nd IEEE/CVF Winter Conference on Applications of Computer Vision, WACV 2022 ; Conference date: 04-01-2022 Through 08-01-2022",

year = "2022",

month = jan,

day = "1",

doi = "10.1109/WACV51458.2022.00295",

language = "English",

series = "Proceedings - 2022 IEEE/CVF Winter Conference on Applications of Computer Vision, WACV 2022",

publisher = "Institute of Electrical and Electronics Engineers",

pages = "2898--2906",

booktitle = "Proceedings - 2022 IEEE/CVF Winter Conference on Applications of Computer Vision, WACV 2022",

address = "United States",

}

Neekhara, P, Hussain, S, Du, J, Dubnov, S, Koushanfar, F & McAuley, J 2022, Cross-modal Adversarial Reprogramming. in Proceedings - 2022 IEEE/CVF Winter Conference on Applications of Computer Vision, WACV 2022. Proceedings - 2022 IEEE/CVF Winter Conference on Applications of Computer Vision, WACV 2022, Institute of Electrical and Electronics Engineers, pp. 2898-2906, 22nd IEEE/CVF Winter Conference on Applications of Computer Vision, WACV 2022, Waikoloa, United States, 4/01/22. https://doi.org/10.1109/WACV51458.2022.00295

Cross-modal Adversarial Reprogramming. / Neekhara, Paarth; Hussain, Shehzeen; Du, Jinglong et al.

Proceedings - 2022 IEEE/CVF Winter Conference on Applications of Computer Vision, WACV 2022. Institute of Electrical and Electronics Engineers, 2022. p. 2898-2906 (Proceedings - 2022 IEEE/CVF Winter Conference on Applications of Computer Vision, WACV 2022).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Cross-modal Adversarial Reprogramming

AU - Neekhara, Paarth

AU - Hussain, Shehzeen

AU - Du, Jinglong

AU - Dubnov, Shlomo

AU - Koushanfar, Farinaz

AU - McAuley, Julian

PY - 2022/1/1

Y1 - 2022/1/1

N2 - With the abundance of large-scale deep learning models, it has become possible to repurpose pre-trained networks for new tasks. Recent works on adversarial reprogramming have shown that it is possible to repurpose neural networks for alternate tasks without modifying the network architecture or parameters. However these works only consider original and target tasks within the same data domain. In this work, we broaden the scope of adversarial reprogramming beyond the data modality of the original task. We analyze the feasibility of adversarially repurposing image classification neural networks for Natural Language Processing (NLP) and other sequence classification tasks. We design an efficient adversarial program that maps a sequence of discrete tokens into an image which can be classified to the desired class by an image classification model. We demonstrate that by using highly efficient adversarial programs, we can reprogram image classifiers to achieve competitive performance on a variety of text and sequence classification benchmarks without retraining the network.

AB - With the abundance of large-scale deep learning models, it has become possible to repurpose pre-trained networks for new tasks. Recent works on adversarial reprogramming have shown that it is possible to repurpose neural networks for alternate tasks without modifying the network architecture or parameters. However these works only consider original and target tasks within the same data domain. In this work, we broaden the scope of adversarial reprogramming beyond the data modality of the original task. We analyze the feasibility of adversarially repurposing image classification neural networks for Natural Language Processing (NLP) and other sequence classification tasks. We design an efficient adversarial program that maps a sequence of discrete tokens into an image which can be classified to the desired class by an image classification model. We demonstrate that by using highly efficient adversarial programs, we can reprogram image classifiers to achieve competitive performance on a variety of text and sequence classification benchmarks without retraining the network.

KW - Adversarial Attack and Defense Methods

KW - Adversarial Learning

KW - Deep Learning

KW - Few-shot

KW - Semi- and Un- supervised Learning

KW - Transfer

KW - Vision and Languages Deep Learning

UR - http://www.scopus.com/inward/record.url?scp=85125780430&partnerID=8YFLogxK

U2 - 10.1109/WACV51458.2022.00295

DO - 10.1109/WACV51458.2022.00295

M3 - Conference contribution

AN - SCOPUS:85125780430

T3 - Proceedings - 2022 IEEE/CVF Winter Conference on Applications of Computer Vision, WACV 2022

SP - 2898

EP - 2906

BT - Proceedings - 2022 IEEE/CVF Winter Conference on Applications of Computer Vision, WACV 2022

PB - Institute of Electrical and Electronics Engineers

T2 - 22nd IEEE/CVF Winter Conference on Applications of Computer Vision, WACV 2022

Y2 - 4 January 2022 through 8 January 2022

ER -

Neekhara P, Hussain S, Du J, Dubnov S, Koushanfar F, McAuley J. Cross-modal Adversarial Reprogramming. In Proceedings - 2022 IEEE/CVF Winter Conference on Applications of Computer Vision, WACV 2022. Institute of Electrical and Electronics Engineers. 2022. p. 2898-2906. (Proceedings - 2022 IEEE/CVF Winter Conference on Applications of Computer Vision, WACV 2022). doi: 10.1109/WACV51458.2022.00295

Cross-modal Adversarial Reprogramming

Abstract

Publication series

Conference

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this