SAFETYLIT WEEKLY UPDATE

We compile citations and summaries of about 400 new articles every week.
RSS Feed

HELP: Tutorials | FAQ
CONTACT US: Contact info

Search Results

Journal Article

Citation

Hu C, Shi W, Yao W, Jiang T, Tian L, Chen X, Li W. Neural. Netw. 2024; 178: e106459.

Copyright

(Copyright © 2024, Elsevier Publishing)

DOI

10.1016/j.neunet.2024.106459

PMID

38901098

Abstract

Deep neural network security is a persistent concern, with considerable research on visible light physical attacks but limited exploration in the infrared domain. Existing approaches, like white-box infrared attacks using bulb boards and QR suits, lack realism and stealthiness. Meanwhile, black-box methods with cold and hot patches often struggle to ensure robustness. To bridge these gaps, we propose Adversarial Infrared Curves (AdvIC). Using Particle Swarm Optimization, we optimize two Bezier curves and employ cold patches in the physical realm to introduce perturbations, creating infrared curve patterns for physical sample generation. Our extensive experiments confirm AdvIC's effectiveness, achieving 94.8% and 67.2% attack success rates for digital and physical attacks, respectively. Stealthiness is demonstrated through a comparative analysis, and robustness assessments reveal AdvIC's superiority over baseline methods. When deployed against diverse advanced detectors, AdvIC achieves an average attack success rate of 76.2%, emphasizing its robust nature. We conduct thorough experimental analyses, including ablation experiments, transfer attacks, adversarial defense investigations, etc. Given AdvIC's substantial security implications for real-world vision-based applications, urgent attention and mitigation efforts are warranted.


Language: en

Keywords

Deep neural network; Particle swarm optimization; AdvIC; Bezier curves; Physical sample generation

NEW SEARCH


All SafetyLit records are available for automatic download to Zotero & Mendeley
Print