Mr. Marshal Aiken Profile

Marshal Aiken

at MITRE Corp

SPIE Involvement:

Author

Publications (1)

This will count as one of your downloads.

You will have access to both the presentation and article (if available).

DOWNLOAD NOW

This content is available for download via your institution's subscription. To access this item, please sign in to your personal account.

Email or Username Forgot your username?

Password Forgot your password?

Show

Keep me signed in

No SPIE account? Create an account

Proceedings Article | 16 June 2023 Presentation + Paper

Fake it till you break it: evaluating the performance of synthetically optimized adversarial patches against real-world imagery

Mohammad Zarei, Chris Ward, Joshua Harguess, Marshal Aiken

Proceedings Volume 12525, 125250I (2023) https://doi.org/10.1117/12.2665960

KEYWORDS: Object detection, Data modeling, Education and training, Visual process modeling, 3D modeling, Performance modeling, Retina, Systems modeling, Computer vision technology, Sensors

Read Abstract +

Deep neural networks (DNNs), enabled by massive open datasets like ImageNet, have produced impressive results in a wide range of fields and applications. ImageNet, a database of over 15 million high-resolution images categorized into 22,000 categories, has revolutionized the field of computer vision with state-of-the-art models achieving 98% accuracy. However, this performance comes at a cost. Recent advances in adversarial machine learning have revealed inherent vulnerabilities in DNN-based models. Adversarial patches have been successfully used to disrupt the performance of artificial intelligence (AI) systems that leverage DNN-based computer vision models, but the trade space of these attacks is not fully understood; adversarial attack generation and validation methods are still nascent. In this paper we explore the generation and performance of synthetically-trained attacks against models trained on real data like MSCOCO, VIRAT and VisDrone. Using a synthetic environment tool built on the Unreal Engine, we generate a synthetic dataset consisting of pedestrians and vehicles, train synthetic object detection models, and optimize adversarial patch attacks on the synthetic feature space of those models. We then apply our synthetic attacks to real image data and examine the efficacy of synthetic patch attacks against models trained on real-word image data. The implications of synthetically optimized attacks are broad: a much larger attack surface for DNN-based computer vision models, development of simulation-based validation pipelines, more effective attacks, and stronger defenses against adversarial examples.

My Library

You currently do not have any folders to save your paper to! Create a new folder below.

Folder Name

Folder Description

View contact details

UPDATE YOUR PROFILE

Is this your profile? Update it now.

Sign into your SPIE.org account

Don’t have a profile and want one?

Create an account on SPIE.org

Access to the requested content is limited to institutions that have purchased or subscribe to SPIE eBooks. You are receiving this notice because your organization may not have SPIE eBooks access.*

*Shibboleth/Open Athens users─please sign in to access your institution's subscriptions.

To obtain this item, you may purchase the complete book in print or electronic format on SPIE.org.

ORGANIZATIONAL
Sign in with credentials provided by your organization.

Organizational Username

Organizational Password

Show/Hide Password

INSTITUTIONAL
Select your institution to access the SPIE Digital Library.

SELECT YOUR INSTITUTION

PERSONAL
Sign in with your SPIE account to access your personal subscriptions or to use specific features such as save to my library, sign up for alerts, save searches, etc.

PERSONAL SIGN IN

No SPIE Account? Create one

;

PURCHASE THIS CONTENT

SUBSCRIBE TO DIGITAL LIBRARY

50 downloads per 1-year subscription

Members: $195

Non-members: $335 ADD TO CART

25 downloads per 1 - year subscription

Members: $145

Non-members: $250 ADD TO CART

PURCHASE SINGLE ARTICLE

Includes PDF, HTML & Video, when available

Members:

Non-members: ADD TO CART

Keywords/Phrases

Search In:

Publication Years