Adversarial Attacks in a Multi-view Setting: An Empirical Study of the Adversarial Patches Inter-view Transferability

Archive ouverte : Communication dans un congrès

Tarchoun, Bilel | Alouani, Ihsen | Ben Khalifa, Anouar | Mahjoub, Mohamed Ali

Edité par HAL CCSD ; IEEE

International audience. While machine learning applications are getting mainstream owing to a demonstrated efficiency in solving complex problems, they suffer from inherent vulnerability to adversarial attacks. Adversarial attacks consist of additive noise to an input which can fool a detector. Recently, successful real-world printable adversarial “patches” were proven efficient against state-of-the-art neural networks. In the transition from digital noise based attacks to real-world physical attacks, the myriad of factors affecting object detection will also affect adversarial patches. Among these factors, view angle is one of the most influential, yet under-explored. In this paper, we study the effect of view angle on the effectiveness of an adversarial patch. To this aim, we propose the first approach that considers a multi-view context by combining existing adversarial patches with a perspective geometric transformation in order to simulate the effect of view angle changes. Our approach has been evaluated on two datasets: the first dataset which contains most real world constraints of a multi-view context, and the second dataset which empirically isolates the effect of view angle. The experiments show that view angle significantly affects the performance of adversarial patches, where in some cases the patch loses most of its effectiveness. We believe that these results motivate taking into account the effect of view angles in future adversarial attacks, and open up new opportunities for adversarial defenses.

Consulter en ligne

Suggestions

Du même auteur

Deep learning-based hard spatial attention for driver in-vehicle action mon...

Archive ouverte: Article de revue

Jegham, Imen | 2023-06

International audience. Distracted driving is one of the main causes of deaths and injuries in the world. Monitoring driver behaviors through Driver Action Recognition (DAR) contributes significantly to building saf...

Soft Spatial Attention-Based Multimodal Driver Action Recognition Using Dee...

Archive ouverte: Article de revue

Jegham, Imen | 2021-01-15

International audience. Driver behaviors and decisions are crucial factors for on-road driving safety. With a precise driver behavior monitoring system, traffic accidents and injuries can be significantly reduced. H...

Entropy-Based Ultra-Wide Band Radar Signals Segmentation for Multi Obstacle...

Archive ouverte: Article de revue

Mimouna, Amira | 2021-03-15

International audience. The development of safe intelligent transportation systems (ITS) has driven extensive research to come up with efficient environment perception techniques with a variety of sensors. In short ...

Du même sujet

Lower Voltage for Higher Security: Using Voltage Overscaling to Secure Deep...

Archive ouverte: Communication dans un congrès

Islam, Shohidul | 2021-11-01

International audience. Deep neural networks (DNNs) are shown to be vulnerable to adversarial attacks-- carefully crafted additive noise that undermines DNNs integrity. Previously proposed defenses against these att...

Automatically weighted binary multi-view clustering via deep initialization...

Archive ouverte: Article de revue

Houfar, Khamis | 2023-05

International audience. Clustering is inherently a process of exploratory data analysis. It has attracted more attention recently because much real-world data consists of multiple representations or views. However, ...

Knowledge-based tensor subspace analysis system for kinship verification

Archive ouverte: Article de revue

Serraoui, I. | 2022-07

International audience. Most existing automatic kinship verification methods focus on learning the optimal distance metrics between family members. However, learning facial features and kinship features simultaneous...

Securing Deep Spiking Neural Networks against Adversarial Attacks through I...

Archive ouverte: Communication dans un congrès

El-Allami, R. | 2021-02-01

International audience. Deep Learning (DL) algorithms have gained popularity owing to their practical problem-solving capacity. However, they suffer from a serious integrity threat, i.e., their vulnerability to adve...

SIT: Stochastic Input Transformation to Defend Against Adversarial Attacks ...

Archive ouverte: Article de revue

Guesmi, Amira | 2022-06

International audience. Deep Neural Networks (DNNs) have been deployed in a wide range of applications, including safety-critical domains, owing to their proven efficiency in solving complex problems. However, these...

Chargement des enrichissements...