noodls browser compatibility check

The security settings of your browser are blocking the execution of scripts.

To use noodls, javascript support must be enabled. Please change your browser's security settings to enable javascript.

If you have changed your browser's security settings, you can click here.

related announcements

News

American Battle Monuments Commission

St. Mihiel American Cemetery to invite visitors to lay flowers on[...]
Presidio Inc.

Presidio Further Expands in the Southeast U.S. with Acquisition of[...]
UTSA - The University of Texas at[...]

The essential role of the University Career Center in student success

Education

UTSA - The University of Texas at San Antonio

10/10/2024 | News release | Distributed by Public on 10/10/2024 03:20

UTSA researchers reveal oversight in AI image recognition tools

"We have two targets. One is a human victim, and one is AI," Chen explained.

To assess the vulnerability, the researchers identified and exploited an alpha channel attack on images by developing AlphaDog. The attack simulator causes humans to see images differently than machines. It works by manipulating the transparency of images.

The researchers generated 6,500 AlphaDog attack images and tested them across 100 AI models, including 80 open-source systems and 20 cloud-based AI platforms like ChatGPT.

They found that AlphaDog excels at targeting grayscale regions within an image, enabling attackers to compromise the integrity of purely grayscale images and colored images containing grayscale regions.

The researchers tested images in a variety of everyday scenarios.

They found gaps in AI that pose a significant risk to road safety. Using AlphaDog, for example, they could manipulate the grayscale elements of road signs, which could potentially mislead autonomous vehicles.

Likewise, they found they could alter grayscale images like X-rays, MRIs and CT scans, potentially creating a serious threat that could lead to misdiagnoses in the realm of telehealth and medical imaging. This could also endanger patient safety and open the door to fraud, such as manipulating insurance claims by altering X-ray results that show a normal leg as a broken leg.

They also found a way to alter images of people. By targeting the alpha channel, the UTSA researchers could disrupt facial recognition systems.

AlphaDog works by leveraging the differences in how AI and humans process image transparency. Computer vision models typically process red, green, blue and alpha (RGBA) images-values defining the opacity of a color. The alpha channel indicates how opaque each pixel is and allows an image to be combined with a background image, producing a compositite image that has the appearance of transparency.

However, using AlphaDog, the researchers found that the AI models they tested do not read all four RGBA channels; instead they only read data from the RGB channels.

"AI is created by humans, and the people who wrote the code focused on RGB but left the alpha channel out. In other words, they wrote code for AI models to read image files without the alpha channel," said Chen. "That's the vulnerability. The exclusion of the alpha channel in these platorms leads to data poisoning."

Sharing and Personal Tools

Please select the service you want to use:

Back

View original format