{"title":"A fuzzy-based frame transformation to mitigate the impact of adversarial attacks in deep learning-based real-time video surveillance systems","authors":"Sheikh Burhan Ul Haque","doi":"10.1016/j.asoc.2024.112440","DOIUrl":null,"url":null,"abstract":"<div><div>Deep learning (DL) techniques have become integral to smart city projects, including video surveillance systems (VSS). These advanced technologies offer significant benefits, such as enhanced accuracy and efficiency in monitoring and managing urban environments. However, despite their advantages, these systems are not without vulnerabilities. One of the most pressing challenges is their susceptibility to adversarial attacks, which can lead to critical misclassifications during inference. To address these challenges, our research focuses on developing a more robust smart city VSS. Our research unfolds across two pivotal initiatives. In our initial exploration, we introduce a pioneering framework that extends the reach of adversarial attacks to real-time VSS. A practical manifestation involved implementing a real-time face mask surveillance system based on Multi-Task Cascaded Convolutional Networks (MTCNN) for face detection and MobileNet-v2 for face mask classification, subjecting it to the Fast Gradient Sign Method (FGSM) adversarial attack in real-time. In our subsequent endeavor, we propose a sophisticated defense mechanism deploying Fuzzy Image Transformation as a pre-processing unit (FITP). This strategic defense fortification significantly reinforces our real-time VSS against adversarial intrusions. Experimental findings highlight the effectiveness of the proposed adversarial attack framework in real-time, resulting in a marked reduction in the model's performance from a precision (P) of 93 %, recall (R) of 93 %, F1 score (F) of 93 %, and accuracy (A) of 93–22 %, 21 %, 22 %, and 22 %, respectively. However, the post-implementation efficacy of our defense mechanism is striking, enhancing the model's average performance to a noteworthy improvement, with P, R, F, and A ascending to 91 %, 90 %, 91 %, and 91 %. This research illuminates the vulnerabilities intrinsic to VSS in the face of adversarial threats, underscoring the critical need for heightened awareness and the development of robust defense mechanisms before real-world deployment.</div></div>","PeriodicalId":50737,"journal":{"name":"Applied Soft Computing","volume":"167 ","pages":"Article 112440"},"PeriodicalIF":7.2000,"publicationDate":"2024-11-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Applied Soft Computing","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1568494624012146","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE","Score":null,"Total":0}
引用次数: 0
Abstract
Deep learning (DL) techniques have become integral to smart city projects, including video surveillance systems (VSS). These advanced technologies offer significant benefits, such as enhanced accuracy and efficiency in monitoring and managing urban environments. However, despite their advantages, these systems are not without vulnerabilities. One of the most pressing challenges is their susceptibility to adversarial attacks, which can lead to critical misclassifications during inference. To address these challenges, our research focuses on developing a more robust smart city VSS. Our research unfolds across two pivotal initiatives. In our initial exploration, we introduce a pioneering framework that extends the reach of adversarial attacks to real-time VSS. A practical manifestation involved implementing a real-time face mask surveillance system based on Multi-Task Cascaded Convolutional Networks (MTCNN) for face detection and MobileNet-v2 for face mask classification, subjecting it to the Fast Gradient Sign Method (FGSM) adversarial attack in real-time. In our subsequent endeavor, we propose a sophisticated defense mechanism deploying Fuzzy Image Transformation as a pre-processing unit (FITP). This strategic defense fortification significantly reinforces our real-time VSS against adversarial intrusions. Experimental findings highlight the effectiveness of the proposed adversarial attack framework in real-time, resulting in a marked reduction in the model's performance from a precision (P) of 93 %, recall (R) of 93 %, F1 score (F) of 93 %, and accuracy (A) of 93–22 %, 21 %, 22 %, and 22 %, respectively. However, the post-implementation efficacy of our defense mechanism is striking, enhancing the model's average performance to a noteworthy improvement, with P, R, F, and A ascending to 91 %, 90 %, 91 %, and 91 %. This research illuminates the vulnerabilities intrinsic to VSS in the face of adversarial threats, underscoring the critical need for heightened awareness and the development of robust defense mechanisms before real-world deployment.
期刊介绍:
Applied Soft Computing is an international journal promoting an integrated view of soft computing to solve real life problems.The focus is to publish the highest quality research in application and convergence of the areas of Fuzzy Logic, Neural Networks, Evolutionary Computing, Rough Sets and other similar techniques to address real world complexities.
Applied Soft Computing is a rolling publication: articles are published as soon as the editor-in-chief has accepted them. Therefore, the web site will continuously be updated with new articles and the publication time will be short.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
