https://github.com/git-disl/TOG

Real-time object detection is one of the key applications of deep neural networks (DNNs) for real-world mission-critical systems. While DNN-powered object detection systems celebrate many life-enriching opportunities, they also open doors for misuse and abuse. This project presents a suite of adversarial objectness gradient attacks, coined as TOG, which can cause the state-of-the-art deep object detection networks to suffer from untargeted random attacks or even targeted attacks with three types of specificity: (1) object-vanishing, (2) object-fabrication, and (3) object-mislabeling. Apart from tailoring an adversarial perturbation for each input image, we further demonstrate TOG as a universal attack, which trains a single adversarial perturbation that can be generalized to effectively craft an unseen input with a negligible attack time cost. Also, we apply TOG as an adversarial patch attack, a form of physical attacks, showing its ability to optimize a visually confined patch filled with malicious patterns, deceiving well-trained object detectors to misbehave purposefully.
https://github.com/git-disl/TOG

adversarial-attacks faster-rcnn object-detection ssd yolov3

Last synced: 12 days ago
JSON representation

Real-time object detection is one of the key applications of deep neural networks (DNNs) for real-world mission-critical systems. While DNN-powered object detection systems celebrate many life-enriching opportunities, they also open doors for misuse and abuse. This project presents a suite of adversarial objectness gradient attacks, coined as TOG, which can cause the state-of-the-art deep object detection networks to suffer from untargeted random attacks or even targeted attacks with three types of specificity: (1) object-vanishing, (2) object-fabrication, and (3) object-mislabeling. Apart from tailoring an adversarial perturbation for each input image, we further demonstrate TOG as a universal attack, which trains a single adversarial perturbation that can be generalized to effectively craft an unseen input with a negligible attack time cost. Also, we apply TOG as an adversarial patch attack, a form of physical attacks, showing its ability to optimize a visually confined patch filled with malicious patterns, deceiving well-trained object detectors to misbehave purposefully.

• Host: GitHub
• URL: https://github.com/git-disl/TOG
• Owner: git-disl
• Created: 2020-04-15T16:41:01.000Z (about 4 years ago)
• Default Branch: master
• Last Pushed: 2023-04-04T17:26:07.000Z (about 1 year ago)
• Last Synced: 2024-02-29T10:34:06.106Z (4 months ago)
• Topics: adversarial-attacks, faster-rcnn, object-detection, ssd, yolov3
• Language: Jupyter Notebook
• Homepage:
• Size: 59 MB
• Stars: 111
• Watchers: 5
• Forks: 41
• Open Issues: 9
• Metadata Files:
  • Readme: README.md

Lists

• awesome-yolo-object-detection - git-disl/TOG - disl/TOG?style=social"/> : "Adversarial Objectness Gradient Attacks on Real-time Object Detection Systems". (**[IEEE TPS-ISA 2020](https://ieeexplore.ieee.org/abstract/document/9325397)**) | "Understanding Object Detection Through an Adversarial Lens". (**[ESORICS 2020](https://link.springer.com/chapter/10.1007/978-3-030-59013-0_23)**) (Applications)