DDSA: Dual-Domain Strategic Attack for Spatial-Temporal Efficiency in Adversarial Robustness Testing

TL;DR

DDSA introduces a resource-efficient adversarial testing framework that strategically targets critical frames and regions in image streams, significantly reducing computational costs while maintaining attack effectiveness in real-time systems.

Contribution

The paper proposes a novel dual-domain approach combining scenario-aware frame selection and explainable AI for targeted perturbations, enhancing efficiency in robustness testing.

Findings

Reduces computational resources by focusing on critical frames and regions.

Maintains high attack success rate with lower resource consumption.

Enables real-time robustness testing in resource-constrained environments.

Abstract

Image transmission and processing systems in resource-critical applications face significant challenges from adversarial perturbations that compromise mission-specific object classification. Current robustness testing methods require excessive computational resources through exhaustive frame-by-frame processing and full-image perturbations, proving impractical for large-scale deployments where massive image streams demand immediate processing. This paper presents DDSA (Dual-Domain Strategic Attack), a resource-efficient adversarial robustness testing framework that optimizes testing through temporal selectivity and spatial precision. We introduce a scenario-aware trigger function that identifies critical frames requiring robustness evaluation based on class priority and model uncertainty, and employ explainable AI techniques to locate influential pixel regions for targeted perturbation. Our dual-domain approach achieves substantial temporal-spatial resource conservation while maintaining attack effectiveness. The framework enables practical deployment of comprehensive adversarial robustness testing in resource-constrained real-time applications where computational efficiency directly impacts mission success.