We gratefully acknowledge support from
the Simons Foundation and member institutions.
Full-text links:

Download:

Current browse context:

cs.CV
< prev | next >
new | recent | 2303

Change to browse by:

cs
cs.AI
cs.NE

References & Citations

DBLP - CS Bibliography

listing | bibtex

Bookmark

(what is this?)
CiteULike logo BibSonomy logo Mendeley logo del.icio.us logo Digg logo Reddit logo ScienceWISE logo

Computer Science > Computer Vision and Pattern Recognition

Title: Patch of Invisibility: Naturalistic Black-Box Adversarial Attacks on Object Detectors

Authors: Raz Lapid, Moshe Sipper
(Submitted on 7 Mar 2023 (v1), last revised 23 Mar 2023 (this version, v3))
Abstract: Adversarial attacks on deep-learning models have been receiving increased attention in recent years. Work in this area has mostly focused on gradient-based techniques, so-called white-box attacks, wherein the attacker has access to the targeted model's internal parameters; such an assumption is usually unrealistic in the real world. Some attacks additionally use the entire pixel space to fool a given model, which is neither practical nor physical (i.e., real-world). On the contrary, we propose herein a gradient-free method that uses the learned image manifold of a pretrained generative adversarial network (GAN) to generate naturalistic physical adversarial patches for object detectors. We show that our proposed method works both digitally and physically.
Subjects: Computer Vision and Pattern Recognition (cs.CV); Artificial Intelligence (cs.AI); Neural and Evolutionary Computing (cs.NE)
Cite as: arXiv:2303.04238 [cs.CV]
  (or arXiv:2303.04238v3 [cs.CV] for this version)

Submission history

From: Raz Lapid [view email]
[v1] Tue, 7 Mar 2023 21:03:48 GMT (15280kb,D)
[v2] Thu, 9 Mar 2023 11:14:06 GMT (15280kb,D)
[v3] Thu, 23 Mar 2023 08:49:30 GMT (15292kb,D)
Which authors of this paper are endorsers? | Disable MathJax (What is MathJax?)

Link back to: arXiv, form interface, contact.