Real-Time Robust Video Object Detection System Against Physical-World Adversarial Attacks

被引:1
|
作者
Han, Husheng [1 ,2 ,3 ]
Hu, Xing [1 ,4 ]
Hao, Yifan [3 ]
Xu, Kaidi [5 ]
Dang, Pucheng [1 ,2 ,3 ]
Wang, Ying [6 ]
Zhao, Yongwei [7 ]
Du, Zidong [1 ,4 ]
Guo, Qi
Wang, Yanzhi [6 ]
Zhang, Xishan [1 ,7 ]
Chen, Tianshi [8 ]
机构
[1] Chinese Acad Sci, Inst Comp Technol, State Key Lab Processors, Beijing 100190, Peoples R China
[2] Univ Chinese Acad Sci, Sch Comp Sci, Beijing 100049, Peoples R China
[3] Cambricon Technol, Dept Architecture Algorithm, Beijing 100191, Peoples R China
[4] Chinese Acad Sci, Shanghai Innovat Ctr Processor Technol, Beijing 100190, Peoples R China
[5] Drexel Univ, Coll Comp & Informat, Dept Comp Sci, Philadelphia, PA 19104 USA
[6] Northeastern Univ, Dept Elect & Comp Engn, Boston, MA 02115 USA
[7] Cambricon Technol, Dept Architecture Algorithm, Beijing 100191, Peoples R China
[8] Cambricon Technol, Beijing 100191, Peoples R China
来源
IEEE TRANSACTIONS ON COMPUTER-AIDED DESIGN OF INTEGRATED CIRCUITS AND SYSTEMS | 2024年 / 43卷 / 01期
关键词
Object detection; Streaming media; Optical flow; Feature extraction; Real-time systems; Task analysis; Detectors; Adversarial patch attack; deep learning security; domain-specific accelerator; hardware/software co-design; real time;
D O I
10.1109/TCAD.2023.3305932
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
DNN-based video object detection (VOD) powers autonomous driving and video surveillance industries with rising importance and promising opportunities. However, adversarial patch attack yields huge concern in live vision tasks because of its practicality, feasibility, and powerful attack effectiveness. This work proposes Themis, a software/hardware system to defend against adversarial patches for real-time robust VOD. We observe that adversarial patches exhibit extremely localized superficial feature importance in a small region with nonrobust predictions, and thus propose the adversarial region detection algorithm for adversarial effect elimination. Themis also proposes a systematic design to efficiently support the algorithm by eliminating redundant computations and memory traffics. Experimental results show that the proposed methodology can effectively recover the system from the adversarial attack with negligible hardware overhead.
引用
收藏
页码:366 / 379
页数:14
相关论文
共 50 条
  • [21] Adversarial catoptric light: An effective, stealthy and robust physical-world attack to DNNs
    Hu, Chengyin
    Shi, Weiwen
    Tian, Ling
    Li, Wen
    IET COMPUTER VISION, 2024, 18 (05) : 557 - 573
  • [22] Transferable Adversarial Attacks for Image and Video Object Detection
    Wei, Xingxing
    Liang, Siyuan
    Chen, Ning
    Cao, Xiaochun
    PROCEEDINGS OF THE TWENTY-EIGHTH INTERNATIONAL JOINT CONFERENCE ON ARTIFICIAL INTELLIGENCE, 2019, : 954 - 960
  • [23] Effective and Robust Physical-World Attacks on Deep Learning Face Recognition Systems
    Shen, Meng
    Yu, Hao
    Zhu, Liehuang
    Xu, Ke
    Li, Qi
    Hu, Jiankun
    IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, 2021, 16 : 4063 - 4077
  • [24] Real-Time Moving Object Detection for Video Surveillance
    Sagrebin, Maria
    Pauli, Josef
    AVSS: 2009 6TH IEEE INTERNATIONAL CONFERENCE ON ADVANCED VIDEO AND SIGNAL BASED SURVEILLANCE, 2009, : 31 - 36
  • [25] Real-time Object Detection and Tracking in Video Sequences
    Dornaika, F.
    Chakik, F.
    INTELLIGENT ROBOTS AND COMPUTER VISION XXVII: ALGORITHMS AND TECHNIQUES, 2010, 7539
  • [26] Real-time unsupervised video object detection on the edge
    Ruiz-Barroso, Paula
    Castro, Francisco M.
    Guil, Nicolas
    FUTURE GENERATION COMPUTER SYSTEMS-THE INTERNATIONAL JOURNAL OF ESCIENCE, 2025, 167
  • [27] Real-time Robust Algorithm for Circle Object Detection
    Wu, Jianping
    Li, Jinxiang
    Xiao, Changshui
    Tan, Fangyong
    Gu, Caidong
    PROCEEDINGS OF THE 9TH INTERNATIONAL CONFERENCE FOR YOUNG COMPUTER SCIENTISTS, VOLS 1-5, 2008, : 1722 - 1727
  • [28] Robust Real-World Image Super-Resolution against Adversarial Attacks
    Yue, Jiutao
    Li, Haofeng
    Wei, Pengxu
    Li, Guanbin
    Lin, Liang
    PROCEEDINGS OF THE 29TH ACM INTERNATIONAL CONFERENCE ON MULTIMEDIA, MM 2021, 2021, : 5148 - 5157
  • [29] Stealthy Adversarial Perturbations Against Real-Time Video Classification Systems
    Li, Shasha
    Neupane, Ajaya
    Paul, Sujoy
    Song, Chengyu
    Krishnamurthy, Srikanth, V
    Chowdhury, Amit K. Roy
    Swami, Ananthram
    26TH ANNUAL NETWORK AND DISTRIBUTED SYSTEM SECURITY SYMPOSIUM (NDSS 2019), 2019,
  • [30] A Robust SNMP-MIB Intrusion Detection System Against Adversarial Attacks
    Yasmeen Alslman
    Mouhammd Alkasassbeh
    Mohammad Almseidin
    Arabian Journal for Science and Engineering, 2024, 49 : 4179 - 4195
12345