Skip to Content
Uncategorized

How Do You Turn a Dog into a Car? Change a Single Pixel.

October 30, 2017

Thank a new approach to spoofing image recognition AIs, developed by a team from Kyushu University in Japan, for that joke.

Trying to catch out AIs is a popular pastime for many researchers, and we've reported  machine-learning spoofs in the past. The general approach is to add features to images that will incorrectly trigger a neural network and have it identify what it sees as something else entirely.

The new research, published on the arXiv, describes an algorithm that can efficiently identify the best pixels to alter in order to confuse an AI into mislabeling a picture. By changing just one pixel in a 1,024-pixel image, the software can trick an AI about 74 percent of the time. That figure rises to around 87 percent if five pixels are tweaked.

You can see some examples above, which spoofed an AI into calling an airplane a dog, a frog a truck, and a horse a car, among other things.

As the Register points out, 1,024-pixel images are pretty damn small, which means that larger images would need hundreds of pixels tweaked. But the push to make AIs fall over using the smallest number of possible changes is interesting and worrying, in equal measure. As we've explained in the past, finding a way to protect AIs from these kinds of tricks is quite difficult, because we still we don’t truly understand the inner workings of deep neural networks.

Until we do, such hacks will be hard to avoid.

Keep Reading

Most Popular

Scientists are finding signals of long covid in blood. They could lead to new treatments.

Faults in a certain part of the immune system might be at the root of some long covid cases, new research suggests.

Large language models can do jaw-dropping things. But nobody knows exactly why.

And that's a problem. Figuring it out is one of the biggest scientific puzzles of our time and a crucial step towards controlling more powerful future models.

OpenAI teases an amazing new generative video model called Sora

The firm is sharing Sora with a small group of safety testers but the rest of us will have to wait to learn more.

Google’s Gemini is now in everything. Here’s how you can try it out.

Gmail, Docs, and more will now come with Gemini baked in. But Europeans will have to wait before they can download the app.

Stay connected

Illustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.