In a newly revised paper in Computer Vision and Pattern Recognition, a group of French and Swiss computer science researchers show that "a very small perturbation vector that causes natural images to be misclassified with high probability" -- that is, a minor image transformation can beat machine learning systems nearly every time. Read the rest
In the immediate aftermath of the Trump administration's gag orders on government employees disclosing taxpayer-funded research results, a series of high-profile "rogue" government agency accounts popped up on Twitter, purporting to be managed by civil servants who are unwilling to abide by the gag order. Read the rest
Adam Harvey, creator of 2012's CV Dazzle project to systematically confound facial recognition software with makeup and hairstyles, presented his latest dazzle iteration, Hyperface, at the Chaos Communications Congress in Hamburg last month. Read the rest
Michèle B. Nuijten and co's statcheck program re-examines the datasets in peer-reviewed science and flags anomalies that are associated with fakery, from duplication of data to internal inconsistencies. Read the rest
Many in the information security community doubt that the Sony hack was North Korea's handiwork.
One of the most interesting technical presentations I attended in 2012 was the talk on "adversarial stylometry" given by a Drexel College research team at the 28C3 conference in Berlin. "Stylometry" is the practice of trying to ascribe authorship to an anonymous text by analyzing its writing style; "adversarial stylometry" is the practice of resisting stylometric de-anonymization by using software to remove distinctive characteristics and voice from a text.
Stanford's Arvind Narayanan describes a paper he co-authored on stylometry that has been accepted for the IEEE Symposium on Security and Privacy 2012. In On the Feasibility of Internet-Scale Author Identification (PDF) Narayanan and co-authors show that they can use stylometry to improve the reliability of de-anonymizing blog posts drawn from a large and diverse data-set, using a method that scales well. However, the experimental set was not "adversarial" -- that is, the authors took no countermeasures to disguise their authorship. It would be interesting to see how the approach described in the paper performs against texts that are deliberately anonymized, with and without computer assistance. The summary cites another paper by someone who found that even unaided efforts to disguise one's style makes stylometric analysis much less effective.
Read the rest
We made several innovations that allowed us to achieve the accuracy levels that we did. First, contrary to some previous authors who hypothesized that only relatively straightforward “lazy” classifiers work for this type of problem, we were able to avoid various pitfalls and use more high-powered machinery. Second, we developed new techniques for confidence estimation, including a measure very similar to “eccentricity” used in the Netflix paper.
Today at the Chaos Computer Congress in Berlin (28C3), Sadia Afroz and Michael Brennan presented a talk called "Deceiving Authorship Detection," about research from Drexel College on "Adversarial Stylometry," the practice of identifying the authors of texts who don't want to be identified, and the process of evading detection. Stylometry has made great and well-publicized advances in recent years (and it made the news with scandals like "Gay Girl in Damascus"), but typically this has been against authors who have not taken active, computer-assisted countermeasures at disguising their distinctive "voice" in prose.
As part of the presentation, the Drexel Team released Anonymouth, a free/open tool that partially automates the process of evading authorship detection. The tool is still a rough alpha, and it requires human intervention to oversee the texts it produces, but it is still an exciting move in adversarial stylometry tools. Accompanying the release are large corpuses of test data of deceptive and non-deceptive texts.
Stylometry has been cited by knowledgeable critics as proof of the pointlessness of the Nym Wars: why argue for the right to be anonymous or pseudonymous on Google Plus or Facebook when stylometry will de-anonymize you anyway? I've been suspect of these critiques because they assume that only de-anonymizers will have access to computer-assisted tools, but as Anonymouth shows, there are many opportunities to use automation tools to improve anonymity.
Stylometry matters in many ways: its state of the art changes the balance of power between trolls and moderators, between dissidents and dictators, between employers and whistleblowers, between astroturfers and commenters, and between spammers and filters. Read the rest
My friend Eric Spitznagel took on the Bigfoot beat for Vanity Fair and filed: "Everything's Bigfoot in Texas." From the Texas Bigfoot Conference in Jefferson, Texas, he reports:
Drawing on interviews with dozens of eye-witnesses, [Sasquatch expert Dr. Henner] Fahrenbach went on to say that Bigfoot’s diet is rich in mussels, clams, peacocks, and the “hindquarter” of deer. He insisted that Bigfoots enjoy wrestling, tickle fights, and, most surprisingly, gangbangs. He assured us that even a horny Sasquatch has an impeccable sense of orgy etiquette.
“When an especially large male came onto the scene,” Fahrenbach said, describing a sexual pileup involving one willing female and lots of dudes, “he didn’t try to buck the line but simply stood there and took his turn in good time.”
In the beginning of his lecture, there was some nervous giggling from those in the audience. After a while, they just stared at Fahrenbach, a few with jaws agape. Somewhere in the back row, a woman turned to her husband and whispered, “I can’t tell if he’s kidding.”
It’s been a rough few months for Bigfoot true believers.
"Everything's Bigfoot in Texas." (Illustration credit: John Hogan.) Read the rest