AdvART: adversarial art for camouflaged object detection attacks

Amira Guesmi, Ioan Marius Bilasco, Muhammad Shafique, Ihsen Alouani

Research output: Chapter in Book/Report/Conference proceedingConference contribution

3 Downloads (Pure)

Abstract

Physical adversarial attacks pose a significant practical threat as it deceives deep learning systems operating in the real world by producing prominent and maliciously designed physical perturbations. Emphasizing the evaluation of naturalness is crucial in such attacks, as humans can easily detect unnatural manipulations. To address this, recent work has proposed leveraging generative adversarial networks (GANs) to generate naturalistic patches, which may seem visually suspicious and evade human’s attention. However, these approaches suffer from a limited latent space which leads to an inevitable trade-off between naturalness and attack efficiency. In this paper, we propose a novel approach to generate naturalistic and inconspicuous adversarial patches. Specifically, we redefine the optimization problem by introducing an additional loss term to the total loss. This term works as a semantic constraint to ensure that the generated camouflage pattern holds semantic meaning rather than arbitrary patterns. It leverages similarity metrics-based loss that we optimize within the global adversarial objective function. Our technique is based on directly manipulating the pixel values in the patch, which gives higher flexibility and larger space compared to the GAN-based techniques that are based on indirectly optimizing the patch by modifying the latent vector. Our attack achieves superior success rate of up to 91.19% and 72% respectively, in the digital world and when deployed in smart cameras at the edge compared to the GAN-based approach.

Original languageEnglish
Title of host publication2024 IEEE International Conference on Image Processing (ICIP 2024): proceedings
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages666-672
Number of pages7
ISBN (Electronic)9798350349399
ISBN (Print)9798350349405
DOIs
Publication statusPublished - 27 Sept 2024
Event2024 IEEE International Conference on Image Processing (ICIP 2024) - Abu Dhabi, United Arab Emirates
Duration: 27 Oct 202430 Oct 2024

Publication series

NameIEEE International Conference on Image Processing (ICIP): Proceedings
ISSN (Print)1522-4880
ISSN (Electronic)2381-8549

Conference

Conference2024 IEEE International Conference on Image Processing (ICIP 2024)
Country/TerritoryUnited Arab Emirates
CityAbu Dhabi
Period27/10/202430/10/2024

Publications and Copyright Policy

This work is licensed under Queen’s Research Publications and Copyright Policy.

Keywords

  • AdvART
  • adversarial art
  • camouflaged object detection attacks

Fingerprint

Dive into the research topics of 'AdvART: adversarial art for camouflaged object detection attacks'. Together they form a unique fingerprint.

Cite this