RoVISQ: Reduction of Video Service Quality via Adversarial Attacks on Deep Learning-based Video Compression
Team
Jung-Woo Chang, Ph.D student, ECE, University of California San Diego
Mojan Javaheripi, Ph.D student, ECE, University of California San Diego
Seira Hidano, KDDI Research, Inc.
Farinaz Koushanfar, Professor, ECE, University of California San Diego
Overview
We present RoVISQ, Reduction of Video Service Quality, as a new threat to video compression. We show that DNN-based video compression systems can be exploited by adversaries to not only reduce the users’ quality of experience (QoE), but also attack downstream video recognition services.
Attacker's Goal
The adversary’s goal is to selectively degrade the bit-rate R and/or distortion level D compared to a pre-trained R-D curve for the video encoder and decoder.
We introduce the following RoVISQ attacks:
RD attack
Video quality attack
Bandwidth attack
Compression-robust classifier attack
Attack Methodology
We conduct the first systematic study for adversarial attacks on deep learning-based video compression and downstream classification systems
RoVISQ attacks are targeted towards video data generated by front-end sources.
We formalize RoVISQ attacks as well-defined optimization problems.
By solving the problem, we can obtain perturbations affecting the R, D, and downstream classification.
Attacked Video Sequences
1. PartyScene
Clean
Video Quality Attack
RD Attack
2. BQTerrace
Clean
Video Quality Attack
RD Attack
3. BasketballDrill
Clean
Video Quality Attack
RD Attack
4. RaceHorses
Clean
Video Quality Attack
RD Attack
5. BQMall
Clean
Video Quality Attack
RD Attack
6. Cactus
Clean
Video Quality Attack
RD Attack
Citation
Jung-Woo Chang, Mojan Javaheripi, Seira Hidano, and Farinaz Koushanfar
To appear in the 30th Network and Distributed System Security (NDSS) Symposium, San Diego, USA, 2023. (acceptance rate=16.2%)
@article{chang2022rovisq,
title={RoVISQ: Reduction of Video Service Quality via Adversarial Attacks on Deep Learning-based Video Compression},
author={Chang, Jung-Woo and Javaheripi, Mojan and Hidano, Seira and Koushanfar, Farinaz},
booktitle={Proceedings 2023 Network and Distributed System Security Symposium. NDSS},
year={2023}
}
Related Works
A curated list of Adversarial Meachine Learning (AML) papers on Neural Compression published in top conferences: Link