Adversarial Attacks on Multi-task Visual Perception for Autonomous Driving

• URL: http://arxiv.org/abs/2107.07449v1
• Date: Thu, 15 Jul 2021 16:53:48 GMT
• Title: Adversarial Attacks on Multi-task Visual Perception for Autonomous Driving
• Authors: Ibrahim Sobh, Ahmed Hamed, Varun Ravi Kumar and Senthil Yogamani
• Abstract summary: adversarial attacks are applied on a diverse multi-task visual perception deep network across distance estimation, semantic segmentation, motion detection, and object detection. Experiments consider both white and black box attacks for targeted and un-targeted cases, while attacking a task and inspecting the effect on all the others. We conclude this paper by comparing and discussing the experimental results, proposing insights and future work.
• Score: 0.5735035463793008
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: Deep neural networks (DNNs) have accomplished impressive success in various applications, including autonomous driving perception tasks, in recent years. On the other hand, current deep neural networks are easily fooled by adversarial attacks. This vulnerability raises significant concerns, particularly in safety-critical applications. As a result, research into attacking and defending DNNs has gained much coverage. In this work, detailed adversarial attacks are applied on a diverse multi-task visual perception deep network across distance estimation, semantic segmentation, motion detection, and object detection. The experiments consider both white and black box attacks for targeted and un-targeted cases, while attacking a task and inspecting the effect on all the others, in addition to inspecting the effect of applying a simple defense method. We conclude this paper by comparing and discussing the experimental results, proposing insights and future work. The visualizations of the attacks are available at https://youtu.be/R3JUV41aiPY.

Related papers

• Investigating Human-Identifiable Features Hidden in Adversarial Perturbations [54.39726653562144]
  Our study explores up to five attack algorithms across three datasets. We identify human-identifiable features in adversarial perturbations. Using pixel-level annotations, we extract such features and demonstrate their ability to compromise target models.
  arXiv  Detail & Related papers  (2023-09-28T22:31:29Z)
• A reading survey on adversarial machine learning: Adversarial attacks and their understanding [6.1678491628787455]
  Adversarial Machine Learning exploits and understands some of the vulnerabilities that cause the neural networks to misclassify for near original input. A class of algorithms called adversarial attacks is proposed to make the neural networks misclassify for various tasks in different domains. This article provides a survey of existing adversarial attacks and their understanding based on different perspectives.
  arXiv  Detail & Related papers  (2023-08-07T07:37:26Z)
• How Deep Learning Sees the World: A Survey on Adversarial Attacks & Defenses [0.0]
  This paper compiles the most recent adversarial attacks, grouped by the attacker capacity, and modern defenses clustered by protection strategies. We also present the new advances regarding Vision Transformers, summarize the datasets and metrics used in the context of adversarial settings, and compare the state-of-the-art results under different attacks, finishing with the identification of open issues.
  arXiv  Detail & Related papers  (2023-05-18T10:33:28Z)
• Untargeted Backdoor Attack against Object Detection [69.63097724439886]
  We design a poison-only backdoor attack in an untargeted manner, based on task characteristics. We show that, once the backdoor is embedded into the target model by our attack, it can trick the model to lose detection of any object stamped with our trigger patterns.
  arXiv  Detail & Related papers  (2022-11-02T17:05:45Z)
• Detecting Adversarial Perturbations in Multi-Task Perception [32.9951531295576]
  We propose a novel adversarial perturbation detection scheme based on multi-task perception of complex vision tasks. adversarial perturbations are detected by inconsistencies between extracted edges of the input image, the depth output, and the segmentation output. We show that under an assumption of a 5% false positive rate up to 100% of images are correctly detected as adversarially perturbed, depending on the strength of the perturbation.
  arXiv  Detail & Related papers  (2022-03-02T15:25:17Z)
• Identification of Attack-Specific Signatures in Adversarial Examples [62.17639067715379]
  We show that different attack algorithms produce adversarial examples which are distinct not only in their effectiveness but also in how they qualitatively affect their victims. Our findings suggest that prospective adversarial attacks should be compared not only via their success rates at fooling models but also via deeper downstream effects they have on victims.
  arXiv  Detail & Related papers  (2021-10-13T15:40:48Z)
• IoU Attack: Towards Temporally Coherent Black-Box Adversarial Attack for Visual Object Tracking [70.14487738649373]
  Adrial attack arises due to the vulnerability of deep neural networks to perceive input samples injected with imperceptible perturbations. We propose a decision-based black-box attack method for visual object tracking. We validate the proposed IoU attack on state-of-the-art deep trackers.
  arXiv  Detail & Related papers  (2021-03-27T16:20:32Z)
• MixNet for Generalized Face Presentation Attack Detection [63.35297510471997]
  We have proposed a deep learning-based network termed as textitMixNet to detect presentation attacks. The proposed algorithm utilizes state-of-the-art convolutional neural network architectures and learns the feature mapping for each attack category.
  arXiv  Detail & Related papers  (2020-10-25T23:01:13Z)
• Measurement-driven Security Analysis of Imperceptible Impersonation Attacks [54.727945432381716]
  We study the exploitability of Deep Neural Network-based Face Recognition systems. We show that factors such as skin color, gender, and age, impact the ability to carry out an attack on a specific target victim. We also study the feasibility of constructing universal attacks that are robust to different poses or views of the attacker's face.
  arXiv  Detail & Related papers  (2020-08-26T19:27:27Z)
• Monocular Depth Estimators: Vulnerabilities and Attacks [6.821598757786515]
  Recent advancements of neural networks lead to reliable monocular depth estimation. Deep neural networks are highly vulnerable to adversarial samples for tasks like classification, detection and segmentation. In this paper, we investigate the annihilation of the most state-of-the-art monocular depth estimation networks against adversarial attacks.
  arXiv  Detail & Related papers  (2020-05-28T21:25:21Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.