Detection as Regression: Certified Object Detection by Median Smoothing

• URL: http://arxiv.org/abs/2007.03730v4
• Date: Fri, 25 Feb 2022 14:23:54 GMT
• Title: Detection as Regression: Certified Object Detection by Median Smoothing
• Authors: Ping-yeh Chiang, Michael J. Curry, Ahmed Abdelkader, Aounon Kumar, John Dickerson, Tom Goldstein
• Abstract summary: This work is motivated by recent progress on certified classification by randomized smoothing. We obtain the first model-agnostic, training-free, and certified defense for object detection against $ell$-bounded attacks.
• Score: 50.89591634725045
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: Despite the vulnerability of object detectors to adversarial attacks, very few defenses are known to date. While adversarial training can improve the empirical robustness of image classifiers, a direct extension to object detection is very expensive. This work is motivated by recent progress on certified classification by randomized smoothing. We start by presenting a reduction from object detection to a regression problem. Then, to enable certified regression, where standard mean smoothing fails, we propose median smoothing, which is of independent interest. We obtain the first model-agnostic, training-free, and certified defense for object detection against $\ell_2$-bounded attacks. The code for all experiments in the paper is available at http://github.com/Ping-C/CertifiedObjectDetection .

Related papers

• FLTracer: Accurate Poisoning Attack Provenance in Federated Learning [38.47921452675418]
  Federated Learning (FL) is a promising distributed learning approach that enables multiple clients to collaboratively train a shared global model. Recent studies show that FL is vulnerable to various poisoning attacks, which can degrade the performance of global models or introduce backdoors into them. We propose FLTracer, the first FL attack framework to accurately detect various attacks and trace the attack time, objective, type, and poisoned location of updates.
  arXiv  Detail & Related papers  (2023-10-20T11:24:38Z)
• FROD: Robust Object Detection for Free [1.8139771201780368]
  State-of-the-art object detectors are susceptible to small adversarial perturbations. We propose modifications to the classification-based backbone to instill robustness in object detection.
  arXiv  Detail & Related papers  (2023-08-03T17:31:22Z)
• Robust and Accurate Object Detection via Adversarial Learning [111.36192453882195]
  This work augments the fine-tuning stage for object detectors by exploring adversarial examples. Our approach boosts the performance of state-of-the-art EfficientDets by +1.1 mAP on the object detection benchmark.
  arXiv  Detail & Related papers  (2021-03-23T19:45:26Z)
• Detection of Adversarial Supports in Few-shot Classifiers Using Feature Preserving Autoencoders and Self-Similarity [89.26308254637702]
  We propose a detection strategy to highlight adversarial support sets. We make use of feature preserving autoencoder filtering and also the concept of self-similarity of a support set to perform this detection. Our method is attack-agnostic and also the first to explore detection for few-shot classifiers to the best of our knowledge.
  arXiv  Detail & Related papers  (2020-12-09T14:13:41Z)
• Detecting Backdoors in Neural Networks Using Novel Feature-Based Anomaly Detection [16.010654200489913]
  This paper proposes a new defense against neural network backdooring attacks. It is based on the intuition that the feature extraction layers of a backdoored network embed new features to detect the presence of a trigger. To detect backdoors, the proposed defense uses two synergistic anomaly detectors trained on clean validation data.
  arXiv  Detail & Related papers  (2020-11-04T20:33:51Z)
• RepPoints V2: Verification Meets Regression for Object Detection [65.120827759348]
  We introduce verification tasks into the localization prediction of RepPoints. RepPoints v2 provides consistent improvements of about 2.0 mAP over the original RepPoints. We show that the proposed approach can more generally elevate other object detection frameworks as well as applications such as instance segmentation.
  arXiv  Detail & Related papers  (2020-07-16T17:57:08Z)
• Anomaly Detection-Based Unknown Face Presentation Attack Detection [74.4918294453537]
  Anomaly detection-based spoof attack detection is a recent development in face Presentation Attack Detection. In this paper, we present a deep-learning solution for anomaly detection-based spoof attack detection. The proposed approach benefits from the representation learning power of the CNNs and learns better features for fPAD task.
  arXiv  Detail & Related papers  (2020-07-11T21:20:55Z)
• Miss the Point: Targeted Adversarial Attack on Multiple Landmark Detection [29.83857022733448]
  This paper is the first to study how fragile a CNN-based model on multiple landmark detection to adversarial perturbations. We propose a novel Adaptive Targeted Iterative FGSM attack against the state-of-the-art models in multiple landmark detection.
  arXiv  Detail & Related papers  (2020-07-10T07:58:35Z)
• Learning a Unified Sample Weighting Network for Object Detection [113.98404690619982]
  Region sampling or weighting is significantly important to the success of modern region-based object detectors. We argue that sample weighting should be data-dependent and task-dependent. We propose a unified sample weighting network to predict a sample's task weights.
  arXiv  Detail & Related papers  (2020-06-11T16:19:16Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.