idrl-lab/Adversarial-Attacks-on-Object-Detectors-Paperlist

A Paperlist of Adversarial Attack on Object Detection

A Paperlist of Adversarial Attack on Object Detection

Surveys

• [2021 IEEE Transactions on Industrial Informatics] Deep Learning-Based Autonomous Driving Systems: A Survey of Attacks and Defenses, PDF, Survey
• [2019 International Journal of Computer Vision] Deep Learning for Generic Object Detection: A Survey, PDF, Survey
• [2021 ArXiv] Adversarial Example Detection for DNN Models: A Review and Experimental Comparison, PDF, Review
• [2018 IEEE Access] Threat of Adversarial Attacks on Deep Learning in Computer Vision: A Survey, PDF, Survey

Planar Patches Attack

• [2021 Information Sciences]Towards a physical-world adversarial patch for blinding object detection models, PDF, physical

• [2020 arxiv] Dynamic Adversarial Patch for Evading Object Detection, PDF , physical

• [2020 arxiv] object hider: adversarial patch attack against object detectors, PDF, physicals

• [2020 TPS-ISA] Adversarial Objectness Gradient Attacks on Real-time Object Detection Systems, PDF, Talk, Source code, digital & physicals

• [2020 In European Symposium on Research in Computer Security] Understanding Object Detection Through an Adversarial Lens. [PDF], [Talk] Source code, digital & physicals

• [2021 arxiv] RPAttack: Refined Patch Attack on General Object Detectors, PDF, digital

• [2019 CVPRworkshop] Fooling automated surveillance cameras: adversarial patches to attack person detection PDF, Source code, physicals

• [2019 AAAI] DPatch: An Adversarial patch attack on object detectors, PDF, Source code physicals

• [2019 ICMLworkshop]On physical adversarial patches for object detectionPDF, physicals

• [2019 ACM CCS] Seeing isn’t Believing: Towards More Robust Adversarial Attack Against RealWorld Object Detectors, PDF, physicals

• [2019 IJCAI] Transferable Adversarial Attacks for Image and Video Object Detection, PDF, Source code, physicals

• [2018 WOOT] Physical Adversarial Examples for Object Detectors, PDF., physicals

Pixel-wise Attack

• [2023 WACV] Phantom Sponges: Exploiting Non-Maximum Suppression to Attack Deep Object Detectors, PDF, digital

• [2022 IEEE TRANSACTIONS ON CYBERNETICS] Daedalus: Breaking Nonmaximum Suppression in Object Detection via Adversarial Examples, PDF, digital & physical

• [2021 Pattern Recognition] Relevance attack on detectors, PDF, digital

• [2020 Pattern Recognition] Universal adversarial perturbations against object detection, PDF, digital

• [2019 BMVC] Attacking Object Detectors via Imperceptible Patches on Background, PDF, digital

• [2020 TPS-ISA] Adversarial Objectness Gradient Attacks on Real-time Object Detection Systems, PDF, Talk, Source code, digital & physicals

• [2020 In European Symposium on Research in Computer Security] Understanding Object Detection Through an Adversarial Lens. [PDF], [Talk] Source code, digital & physicals

• [2019 IJCAI] Transferable Adversarial Attacks for Image and Video Object Detection, PDF, Source code, digital

• [2018 BMVC] Robust Adversarial Perturbation on Deep Proposal-based Models, PDF,Source code, digital

Wearable Patches Attack

• [2022 CVPR] Adversarial Texture for Fooling Person Detectors in the Physical World, PDF, physicals
• [2020 ECCV] Making an Invisibility Cloak: Real World Adversarial Attacks on Object Detectors, PDF, physicals
• [2020 ECCV] Adversarial T-shit! Evading Person Detectors in A Physical World, PDF, physicals
• [2019 ICCV] advPattern: Physical-World Attacks on Deep Person Re-Identification via Adversarially Transformable Patterns, PDF, Source code, physicals
• [ACM CCS 2016] Accessorize to a Crime: Real and Stealthy Attacks onState-of-the-Art Face Recognition, PDF, Source code, physicals

Non-Planar Patches/Painting Attack

• [2022 CVPR] Improving the Transferability of Targeted Adversarial Examples through Object-Based Diverse Input, pdf, physicals
• [2022 CVPR] DTA Physical Camouflage Attacks using Differentiable Transformation Network, PDF, physicals /Hu_Adversarial_Texture_for_Fooling_Person_Detectors_in_the_Physical_World_CVPR_2022_paper.pdf), physicals
• [2022 IJCAI] Learning Coated Adversarial Camouflages for Object Detectors, PDF, physicals
• [2022 AAAI] FCA: Learning a 3D Full-coverage Vehicle Camouflage for Multi-view Physical Adversarial Attack, PDF, physicals
• [2021 CVPR] Dual Attention Suppression Attack: Generate adversarial camouflage in physical world, PDF, Source code, physicals
• [2020 arxiv] Physical Adversarial Attack on Vehicle Detector in the Carla Simulator, PDF, digital
• [2020 CVPR] Universal Physical Camouflage Attack on Object Detectors, PDF, physicals
• [2019 ICLR] CAMOU: LEARNING A VEHICLE CAMOUFLAGE FOR PHYSICAL ADVERSARIAL ATTACK ON OBJECT DETECTORS IN THE WILD, PDF, digital
• [2019 CVPR] MeshAdv Adversarial Meshes for Visual Recognition, PDF, physical
• [2019 CVPR] Adversarial Attacks Beyond the Image Space, PDF, digital

Attack against Aerial Object detectors

• [2022 IEEE transactions on geoscience and remote sensing] Benchmarking Adversarial Patch Against Aerial Detection, PDF, aerial imagery, physical

• [2020 ATVA] Adversarial Patch Camouflage against Aerial Detection, PDF, digital

• [remote sensing, 2022] Adversarial Patch Attack on Multi-Scale Object Detection for UAV Remote Sensing Images, PDF, UAV related attacks, physical

• [WACV 2022] [hysical Adversarial Attacks on an Aerial Imagery Object Detector, homepage, PDF, demo

• [remote sensing] Scale-Adaptive adversarial patch attack for remote sensing image aircraft detection,PDF, digital

• [preprint] Adversarial Attacks against a Satellite-borne Multispectral Cloud Detector, PDF, digital

Blackbox Attack

3D Attack

Defense of Attacks on Object Detectors

• [2021 ICLR Workshop on Security and Safety in Machine Learning Systems (Travel Award)], PDF, [GitHub] [Slides] [Poster], digital

• [2021 ACM CCS], DetectorGuard: Provably Securing Object Detectors against Localized Patch Hiding Attacks, PDF [GitHub] [ACM DL] [Video] [Slides], digital

• [2021 USENIX Security], PatchGuard: A Provably Robust Defense against Adversarial Patches via Small Receptive Fields and Masking, PDF, [GitHub] [arXiv Technical Report] [Video] [Slides], digital

• [arXiv 2108],PatchCleanser: Certifiably Robust Defense against Adversarial Patches for Any Image Classifier, PDF, GitHub], digital

• [2021 arxiv] adversarial YOLO defense human detection patch attacks via detecting adversarial patches, PDF, physical

• [2021 arxiv], We Can Always Catch You: Detecting Adversarial Patched Objects WITH or WITHOUT Signature, PDF, physical

• [ICCV 2019] Towards Adversarially Robust Object Detection, PDF, digital

• [ICML 2021]Knowledge Enhanced Machine Learning Pipeline against Diverse Adversarial Attacks, PDF, digital

Useful Object Detection Dataset

1. PASCAL VOC

• Homepage：http://host.robots.ox.ac.uk/pascal/VOC/
• Leaderboards：http://host.robots.ox.ac.uk:8080/leaderboard/main_bootstrap.php
• Download：host.robots.ox.ac.uk/pascal/VOC/voc2012/VOCtrainval_11-May-2012.tar
• Mirror：https://pjreddie.com/projects/pascal-voc-dataset-mirror/
• Official documentation ：The PASCAL Visual Object Classes Challenge 2012 (VOC2012) Development Kit
• Introduction(chinese)：https://blog.csdn.net/u013832707/article/details/80060327

2. MS COCO

• Homepage(documentation & download)：http://cocodataset.org
• paper(Part-1, 2014)：Microsoft COCO: Common Objects in Context
• paper(Part-2, 2015)：What makes for effective detection proposals?

3. Inria

• paper：http://web.archive.org/web/20110408220331/http:/www.acemedia.org/aceMedia/files/document/wp7/2005/cvpr05-inria.pdf
• INRIA Person Dataset：http://pascal.inrialpes.fr/data/human/
• download(Linux)：curl ftp://ftp.inrialpes.fr/pub/lear/douze/data/INRIAPerson.tar -o inria.tar
• introduction(chinese)：https://blog.csdn.net/s9434/article/details/74639321

4. DOTA

• Paper：DOTA: A Large-scale Dataset for Object Detection in Aerial Images
• Homepage：https://captain-whu.github.io/DOTA/

5. ILSVRC

• Introduction(chinese)：https://cloud.tencent.com/developer/article/1747599

6. Open Images(QID)

• Blog(chinese)：https://bbs.easyaiforum.cn/thread-20-1-1.html

• Introduction(chinese)：https://zhuanlan.zhihu.com/p/382702930

7. Remote sensing/UAV aerial dataset

• Aerial Image：https://blog.csdn.net/u012811785/article/details/113175711

• DLR 3K：https://www.dlr.de/eoc/en/desktopdefault.aspx/tabid-5431/9230_read-42467

• VEDAI：https://downloads.greyc.fr/vedai/

• DIOR：https://arxiv.org/abs/1909.00133

8. Cars Overhead With Context (COWC)

• homepage: https://gdo152.llnl.gov/cowc/
• paper: http://gdo-datasci.ucllnl.org/cowc/mundhenk_et_al_eccv_2016.pdf
• poster: http://gdo-datasci.ucllnl.org/cowc/ECCV.poster.big.jpg
• usage: https://arthurdouillard.com/post/nato-challenge/

9. visdrone

• Homepage: http://aiskyeye.com/
• paper: http://arxiv.org/abs/1804.07437

10. NWPU VHR-10

• homepage: www.escience.cn/people/gongcheng/NWPU-VHR-10.html
• paper: http://ieeexplore.ieee.org/document/7560644/

11. RSOD

• homepage: https://github.com/RSIA-LIESMARS-WHU/RSOD-Dataset-
• paper: https://www.tandfonline.com/doi/full/10.1080/01431161.2014.999881