Adversarial Catoptric Light: An Effective, Stealthy and Robust Physical-World Attack to DNNs
Chengyin Hu, Weiwen Shi
TL;DR
This paper introduces a novel physical attack on deep neural networks using natural catoptric light, achieving high success, stealthiness, and robustness in both simulated and real-world scenarios.
Contribution
The study presents a new stealthy physical attack method leveraging natural catoptric light, improving over prior artificial light-based attacks in effectiveness and natural appearance.
Findings
Attack success rate of 83.5% in physical scenarios
Over 80% success rate against robust DNNs
Enhanced stealthiness with naturalistic perturbations
Abstract
Deep neural networks (DNNs) have demonstrated exceptional success across various tasks, underscoring the need to evaluate the robustness of advanced DNNs. However, traditional methods using stickers as physical perturbations to deceive classifiers present challenges in achieving stealthiness and suffer from printing loss. Recent advancements in physical attacks have utilized light beams such as lasers and projectors to perform attacks, where the optical patterns generated are artificial rather than natural. In this study, we introduce a novel physical attack, adversarial catoptric light (AdvCL), where adversarial perturbations are generated using a common natural phenomenon, catoptric light, to achieve stealthy and naturalistic adversarial attacks against advanced DNNs in a black-box setting. We evaluate the proposed method in three aspects: effectiveness, stealthiness, and robustness.…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsOcular and Laser Science Research · Random lasers and scattering media · Advanced Optical Sensing Technologies