AdvART: Adversarial Art for Camouflaged ...
Communication dans un congrès avec actes
AdvART: Adversarial Art for Camouflaged Object Detection Attacks
Guesmi, Amira [Auteur]
Bilasco, Ioan Marius [Auteur]
Shafique, Muhammad [Auteur]
Alouani, Lihsen [Auteur]
Bilasco, Ioan Marius [Auteur]
Shafique, Muhammad [Auteur]
Alouani, Lihsen [Auteur]
2024 IEEE International Conference on Image Processing (ICIP)
Abu Dhabi
Émirats arabes unis
2024-10-27
IEEE
Adversarial patch
naturalistic patch
GANs
object detection
adversarial art
physical attacks
yolo
latent space
Physical adversarial attacks pose a significant practical threat as it deceives deep learning systems operating in the real world by producing prominent and maliciously designed physical perturbations. Emphasizing the evaluation of naturalness is crucial in such attacks
as humans can easily detect unnatural manipulations. To address this
recent work has proposed leveraging generative adversarial networks (GANs) to generate naturalistic patches
which may seem visually suspicious and evade human’s attention. However
these approaches suffer from a limited latent space which leads to an inevitable trade-off between naturalness and attack efficiency. In this paper
we propose a novel approach to generate naturalistic and inconspicuous adversarial patches. Specifically
we redefine the optimization problem by introducing an additional loss term to the total loss. This term works as a semantic constraint to ensure that the generated camouflage pattern holds semantic meaning rather than arbitrary patterns. It leverages similarity metrics-based loss that we optimize within the global adversarial objective function. Our technique is based on directly manipulating the pixel values in the patch
which gives higher flexibility and larger space compared to the GAN-based techniques that are based on indirectly optimizing the patch by modifying the latent vector. Our attack achieves superior success rate of up to 91.19% and 72%
respectively
naturalistic patch
GANs
object detection
adversarial art
physical attacks
yolo
latent space
Physical adversarial attacks pose a significant practical threat as it deceives deep learning systems operating in the real world by producing prominent and maliciously designed physical perturbations. Emphasizing the evaluation of naturalness is crucial in such attacks
as humans can easily detect unnatural manipulations. To address this
recent work has proposed leveraging generative adversarial networks (GANs) to generate naturalistic patches
which may seem visually suspicious and evade human’s attention. However
these approaches suffer from a limited latent space which leads to an inevitable trade-off between naturalness and attack efficiency. In this paper
we propose a novel approach to generate naturalistic and inconspicuous adversarial patches. Specifically
we redefine the optimization problem by introducing an additional loss term to the total loss. This term works as a semantic constraint to ensure that the generated camouflage pattern holds semantic meaning rather than arbitrary patterns. It leverages similarity metrics-based loss that we optimize within the global adversarial objective function. Our technique is based on directly manipulating the pixel values in the patch
which gives higher flexibility and larger space compared to the GAN-based techniques that are based on indirectly optimizing the patch by modifying the latent vector. Our attack achieves superior success rate of up to 91.19% and 72%
respectively
Physique [physics]
Sciences de l'ingénieur [physics]
Sciences de l'ingénieur [physics]
[en]
Physical adversarial attacks pose a significant practical threat as it deceives deep learning systems operating in the real world by producing prominent and maliciously designed physical perturbations. Emphasizing the ...
Lire la suite >
Lire la suite >
Anglais
Oui
Internationale
Non
2025-02-26T05:25:47Z