Abstract

We present a systematic study of adversarial attacks on state-of-the-artobject detection frameworks. Using standard detection datasets, we trainpatterns that suppress the objectness scores produced by a range of commonlyused detectors, and ensembles of detectors. Through extensive experiments, webenchmark the effectiveness of adversarially trained patches under bothwhite-box and black-box settings, and quantify transferability of attacksbetween datasets, object classes, and detector models. Finally, we present adetailed study of physical world attacks using printed posters and wearableclothes, and rigorously quantify the performance of such attacks with differentmetrics.

 

Quick Read (beta)