Adversarial Attack and Defense of YOLO Detectors in Autonomous Driving Scenarios
Visual detection is a key task in autonomous driving, and it serves as a crucial foundation for self-driving planning and control. Deep neural networks have achieved promising results in various visual tasks, but they are known to be vulnerable to adversarial attacks. A comprehensive understanding o...
Saved in:
| Published in | arXiv.org |
|---|---|
| Main Authors | , |
| Format | Paper |
| Language | English |
| Published |
Ithaca
Cornell University Library, arXiv.org
03.07.2022
|
| Subjects | |
| Online Access | Get full text |
Cover
Loading…
| Abstract | Visual detection is a key task in autonomous driving, and it serves as a crucial foundation for self-driving planning and control. Deep neural networks have achieved promising results in various visual tasks, but they are known to be vulnerable to adversarial attacks. A comprehensive understanding of deep visual detectors' vulnerability is required before people can improve their robustness. However, only a few adversarial attack/defense works have focused on object detection, and most of them employed only classification and/or localization losses, ignoring the objectness aspect. In this paper, we identify a serious objectness-related adversarial vulnerability in YOLO detectors and present an effective attack strategy targeting the objectness aspect of visual detection in autonomous vehicles. Furthermore, to address such vulnerability, we propose a new objectness-aware adversarial training approach for visual detection. Experiments show that the proposed attack targeting the objectness aspect is 45.17% and 43.50% more effective than those generated from classification and/or localization losses on the KITTI and COCO traffic datasets, respectively. Also, the proposed adversarial defense approach can improve the detectors' robustness against objectness-oriented attacks by up to 21% and 12% mAP on KITTI and COCO traffic, respectively. |
|---|---|
| AbstractList | Visual detection is a key task in autonomous driving, and it serves as a crucial foundation for self-driving planning and control. Deep neural networks have achieved promising results in various visual tasks, but they are known to be vulnerable to adversarial attacks. A comprehensive understanding of deep visual detectors' vulnerability is required before people can improve their robustness. However, only a few adversarial attack/defense works have focused on object detection, and most of them employed only classification and/or localization losses, ignoring the objectness aspect. In this paper, we identify a serious objectness-related adversarial vulnerability in YOLO detectors and present an effective attack strategy targeting the objectness aspect of visual detection in autonomous vehicles. Furthermore, to address such vulnerability, we propose a new objectness-aware adversarial training approach for visual detection. Experiments show that the proposed attack targeting the objectness aspect is 45.17% and 43.50% more effective than those generated from classification and/or localization losses on the KITTI and COCO traffic datasets, respectively. Also, the proposed adversarial defense approach can improve the detectors' robustness against objectness-oriented attacks by up to 21% and 12% mAP on KITTI and COCO traffic, respectively. |
| Author | Jung Im Choi Tian, Qing |
| Author_xml | – sequence: 1 fullname: Jung Im Choi – sequence: 2 givenname: Qing surname: Tian fullname: Tian, Qing |
| BookMark | eNqNjEkKwkAQRRtRcModClwLsTPY2-CAC0FBN65Ck1SkHaq0q-P5zcIDuPo83uOPVZ-YsKdGOkkWc5NqPVSRyC2OY50vdZYlI3Us6g96sd7ZBxQh2OoOlmpYY4MkCNzA5bA_dBywCuwFHEHRBiZ-ciuw9u7j6AqnCqk7YZmqQWMfgtFvJ2q23ZxXu_nL87tFCeWNW0-dKnWulyY32qTJf9UXc5lAQA |
| ContentType | Paper |
| Copyright | 2022. This work is published under http://arxiv.org/licenses/nonexclusive-distrib/1.0/ (the “License”). Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License. |
| Copyright_xml | – notice: 2022. This work is published under http://arxiv.org/licenses/nonexclusive-distrib/1.0/ (the “License”). Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License. |
| DBID | 8FE 8FG ABJCF ABUWG AFKRA AZQEC BENPR BGLVJ CCPQU DWQXO HCIFZ L6V M7S PIMPY PQEST PQQKQ PQUKI PRINS PTHSS |
| DatabaseName | ProQuest SciTech Collection ProQuest Technology Collection Materials Science & Engineering Collection ProQuest Central (Alumni Edition) ProQuest Central ProQuest Central Essentials ProQuest Central Technology Collection ProQuest One Community College ProQuest Central Korea SciTech Premium Collection ProQuest Engineering Collection Engineering Database Publicly Available Content Database ProQuest One Academic Eastern Edition (DO NOT USE) ProQuest One Academic ProQuest One Academic UKI Edition ProQuest Central China Engineering Collection |
| DatabaseTitle | Publicly Available Content Database Engineering Database Technology Collection ProQuest Central Essentials ProQuest One Academic Eastern Edition ProQuest Central (Alumni Edition) SciTech Premium Collection ProQuest One Community College ProQuest Technology Collection ProQuest SciTech Collection ProQuest Central China ProQuest Central ProQuest Engineering Collection ProQuest One Academic UKI Edition ProQuest Central Korea Materials Science & Engineering Collection ProQuest One Academic Engineering Collection |
| DatabaseTitleList | Publicly Available Content Database |
| Database_xml | – sequence: 1 dbid: 8FG name: ProQuest Technology Collection url: https://search.proquest.com/technologycollection1 sourceTypes: Aggregation Database |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Physics |
| EISSN | 2331-8422 |
| Genre | Working Paper/Pre-Print |
| GroupedDBID | 8FE 8FG ABJCF ABUWG AFKRA ALMA_UNASSIGNED_HOLDINGS AZQEC BENPR BGLVJ CCPQU DWQXO FRJ HCIFZ L6V M7S M~E PIMPY PQEST PQQKQ PQUKI PRINS PTHSS |
| ID | FETCH-proquest_journals_26278682843 |
| IEDL.DBID | BENPR |
| IngestDate | Thu Oct 10 16:48:54 EDT 2024 |
| IsOpenAccess | true |
| IsPeerReviewed | false |
| IsScholarly | false |
| Language | English |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-proquest_journals_26278682843 |
| OpenAccessLink | https://www.proquest.com/docview/2627868284?pq-origsite=%requestingapplication% |
| PQID | 2627868284 |
| PQPubID | 2050157 |
| ParticipantIDs | proquest_journals_2627868284 |
| PublicationCentury | 2000 |
| PublicationDate | 20220703 |
| PublicationDateYYYYMMDD | 2022-07-03 |
| PublicationDate_xml | – month: 07 year: 2022 text: 20220703 day: 03 |
| PublicationDecade | 2020 |
| PublicationPlace | Ithaca |
| PublicationPlace_xml | – name: Ithaca |
| PublicationTitle | arXiv.org |
| PublicationYear | 2022 |
| Publisher | Cornell University Library, arXiv.org |
| Publisher_xml | – name: Cornell University Library, arXiv.org |
| SSID | ssj0002672553 |
| Score | 3.4022188 |
| SecondaryResourceType | preprint |
| Snippet | Visual detection is a key task in autonomous driving, and it serves as a crucial foundation for self-driving planning and control. Deep neural networks have... |
| SourceID | proquest |
| SourceType | Aggregation Database |
| SubjectTerms | Artificial neural networks Classification Computer vision Detectors Localization Object recognition Robustness Sensors Visual aspects |
| Title | Adversarial Attack and Defense of YOLO Detectors in Autonomous Driving Scenarios |
| URI | https://www.proquest.com/docview/2627868284 |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwfV1LS8NAEB5sguDNJz5qWdBrMNmkm_Qk1SYWsW3wAfVUNvuAUkhqkl797c6GVA9Cj8PCsI_Zmf2-nWEAbl2Jhy7xArp6IJxA-AOH60g6gvalK9y-zrgpcJ5M2fgjeJ735y3hVrVplVuf2DhqWQjDkd9RRsOIIT4I7tdfjukaZX5X2xYaHbApIgVqgf0QT9PXX5aFshDfzP4_R9tEj-QQ7JSvVXkEeyo_hv0m6VJUJ5A23ZArbmyADOuaixVBYE9GSiO4VKTQ5HP2MkO5brj1iixzMtzUpg4BATsZlUtDB5A3oXJUUlSncJPE749jZzuNRWsq1eJvYf4ZWIj51TmQzBMs0BHN_IgFXsYyFkpPSc2DkEtF_Qvo7tJ0uXv4Cg6oyeI3LKXfBasuN-oaY2ud9aATJU-9dhtRmnzHPw2khVI |
| link.rule.ids | 783,787,12779,21402,33387,33758,43614,43819 |
| linkProvider | ProQuest |
| linkToHtml | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwfV1bS8MwFD7ohuibV7xMDehrsU3StHuS4axVuws4YT6VNBcYg3a23f83KZ0-CHsMgUMu55LvyzkcgHtXmkuXxgBd3RcOFaTvcB1KR2BfusL1dcZtgfNozOJP-jb35y3hVrVplRuf2DhqWQjLkT9ghoOQGXxAH1ffju0aZX9X2xYau9ClxAQaWykevfxyLJgF5sVM_rnZJnZEh9Cd8pUqj2BH5cew16RciuoEpk0v5IpbDUCDuuZiiQysR0OlDbRUqNDoa5JMzLhumPUKLXI0WNe2CsHAdTQsF5YMQB9C5UZIUZ3CXfQ8e4qdzTLSVlGq9G9b5Aw6BvGrc0CZJxjVIc5IyKiXsYwF0lNScxpwqTC5gN42SZfbp29hP56NkjR5Hb9fwQG2-fyWryQ96NTlWl2bKFtnN81R_gDvy4TG |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=Adversarial+Attack+and+Defense+of+YOLO+Detectors+in+Autonomous+Driving+Scenarios&rft.jtitle=arXiv.org&rft.au=Jung+Im+Choi&rft.au=Tian%2C+Qing&rft.date=2022-07-03&rft.pub=Cornell+University+Library%2C+arXiv.org&rft.eissn=2331-8422 |