Cybersecurity practices require effort to be maintained, and one weakness is a lack of awareness regarding potential attacks not only in the usage of machine learning models, but also in their development process. Previous studies have determined that preprocessing attacks, such as image scaling attacks, have been difficult to detect by humans (through visual response) and computers (through entropic algorithms). However, these studies fail to address the real-world performance and detectability of these attacks. The purpose of this work is to analyze the relationship between awareness of image scaling attacks with respect to demographic background and experience. We conduct a survey where we gather the subjects' demographics, analyze the subjects' experience in cybersecurity, record their responses to a poorly-performing convolutional neural network model that has been unknowingly hindered by an image scaling attack of a used dataset, and document their reactions after it is revealed that the images used within the broken models have been attacked. We find in this study that the overall detection rate of the attack is low enough to be viable in a workplace or academic setting, and even after discovery, subjects cannot conclusively determine benign images from attacked images.

翻译：网络安全实践需要持续投入精力加以维护，其中一个薄弱环节在于对潜在攻击的认知不足，这不仅涉及机器学习模型的使用，也涵盖其开发过程。先前研究已证实，预处理攻击（如图像缩放攻击）难以被人眼（通过视觉反应）和计算机（通过熵算法）检测。然而，这些研究未能充分探讨此类攻击在真实场景中的实际表现与可检测性。本研究旨在分析不同人口背景和经验水平对图像缩放攻击认知的影响关系。我们通过开展问卷调查收集受试者人口统计信息，分析其网络安全经验，记录他们对一个因数据集遭受图像缩放攻击而性能低下的卷积神经网络模型的反应，并收集他们在得知故障模型所用图像曾受攻击后的反馈。本研究发现，该攻击的整体检测率低至足以在工作场所或学术环境中实际生效，且即便在攻击行为被揭露后，受试者仍无法明确区分正常图像与受攻击图像。