skip to main content
US FlagAn official website of the United States government
dot gov icon
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
https lock icon
Secure .gov websites use HTTPS
A lock ( lock ) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Attention:The NSF Public Access Repository (PAR) system and access will be unavailable from 11:00 PM ET on Thursday, May 14 until 2:00 AM ET on Friday, May 15 due to maintenance. We apologize for the inconvenience.

Explore Research Products in the PAR
It may take a few hours for recently added research products to appear in PAR search results.


Title: Impact of Adversarial Patches on Object Detection with YOLOv7
With the increased use of machine learning models, there is a need to understand how machine learning models can be maliciously targeted. Understanding how these attacks are ‘enacted’ helps in being able to ‘harden’ models so that it is harder for attackers to evade detection. We want to better understand object detection, the underlying algorithms, different perturbation approaches that can be utilized to fool these models. To this end, we document our findings as a review of existing literature and open-source repositories related to Computer Vision and Object Detection. We also look at how Adversarial Patches impact object detection algorithms. Our objective was to replicate existing processes in order to reproduce results to further our research on adversarial patches.  more » « less
Award ID(s):
2131255
PAR ID:
10436907
Author(s) / Creator(s):
; ;
Date Published:
Journal Name:
The 2023 ADMI Symposium
Format(s):
Medium: X
Sponsoring Org:
National Science Foundation
More Like this
  1. ; ; (, Hampton)
    With the increased use of machine learning models, there is a need to understand how machine learning models can be maliciously targeted. Understanding how these attacks are ‘enacted’ helps in being able to ‘harden’ models so that it is harder for attackers to evade detection. We want to better understand object detection, the underlying algorithms, different perturbation approaches that can be utilized to fool these models. To this end, we document our findings as a review of existing literature and open-source repositories related to Computer Vision and Object Detection. We also look at how Adversarial Patches impact object detection algorithms. Our objective was to replicate existing processes in order to reproduce results to further our research on adversarial patches. 
    more » « less
  2. ; ; (, The 2025 ADMI Symposium.)
    In this paper, we document our findings from previous research and literature related to adversarial examples and object detection. Artificial Intelligence (AI) is an increasingly powerful tool in various fields, particularly in image classification and object detection. As AI becomes more advanced, new methods to deceive machine learning models, such as adversarial patches, have emerged. These subtle modifications to images can cause AI models to misclassify objects, posing a significant challenge to their reliability. This research builds upon our earlier work by investigating how small patches affect object detection on YOLOv8. Last year, we explored patterns within images and their impact on model accuracy. This study extends that work by testing how adversarial patches, particularly those targeting animal patterns, affect YOLOv8's ability to accurately detect objects. We also explore how untrained patterns influence the model’s performance, aiming to identify weaknesses and improve the robustness of object detection systems. 
    more » « less
  3. ; ; (, The 2025 ADMI Symposium)
    Adversarial patches represent a critical vulnerability in computer vision systems, as they are specifically created in order to deceive object detection algorithms, which can compromise their reliability in real-world applications. This research investigates the impact of adversarial patches on object detection models and proposes a novel mitigation strategy to address this challenge. The study's primary objective was to design a comprehensive framework that integrates adversarial patch detection with image restoration. To achieve this, a YOLOv8-based detection framework was employed, trained on a specialized dataset of adversarial patches to ensure high detection accuracy. Upon identification of patches, advanced inpainting techniques utilizing AI models were applied to mask and fill the affected areas, restoring the image with expected content. The methodology combines the precision of object detection with the generative capabilities of modern inpainting algorithms, ensuring minimal disruption to the visual integrity of the image. This work contributes to the field of adversarial robustness by providing a comprehensive approach that integrates detection, masking, and content restoration. The results highlight the potential of AI-driven solutions to enhance the resilience of object detection systems against adversarial attacks, paving the way for safer deployment of vision-based technologies in critical domains such as autonomous vehicles, surveillance, and medical imaging. 
    more » « less
  4. ; ; ; ; ; (, International Conference on Learning Representations (ICLR))
    Recent work in adversarial machine learning started to focus on the visual perception in autonomous driving and studied Adversarial Examples (AEs) for object detection models. However, in such visual perception pipeline the detected objects must also be tracked, in a process called Multiple Object Tracking (MOT), to build the moving trajectories of surrounding obstacles. Since MOT is designed to be robust against errors in object detection, it poses a general challenge to existing attack techniques that blindly target objection detection: we find that a success rate of over 98% is needed for them to actually affect the tracking results, a requirement that no existing attack technique can satisfy. In this paper, we are the first to study adversarial machine learning attacks against the complete visual perception pipeline in autonomous driving, and discover a novel attack technique, tracker hijacking, that can effectively fool MOT using AEs on object detection. Using our technique, successful AEs on as few as one single frame can move an existing object in to or out of the headway of an autonomous vehicle to cause potential safety hazards. We perform evaluation using the Berkeley Deep Drive dataset and find that on average when 3 frames are attacked, our attack can have a nearly 100% success rate while attacks that blindly target object detection only have up to 25%. 
    more » « less
  5. ; (, The 2025 ADMI Symposium)
    In this paper, we documented our findings from previous research and literature related to adversarial examples and object detection. Artificial Intelligence (AI) is an increasingly powerful tool in various fields, particularly in image classification and object detection. As AI becomes more advanced, new methods to deceive machine learning models, such as adversarial perturbations, have emerged. These subtle modifications to images can cause AI models to misclassify objects, posing a significant challenge to their reliability. This research builds upon our earlier work by investigating how small perturbations affect object detection on YOLOv8. Last year, we explored patterns within images and their impact on model accuracy. This study will extend that by testing how adversarial perturbations, particularly those targeting animal patterns, affect YOLO v8's ability to accurately detect objects. We will also explore how untrained patterns influence the model’s performance, aiming to identify weaknesses and improve the robustness of object detection systems. 
    more » « less
  • Citation Formats
  • MLA
  • APA
  • Chicago
  • BibTeX
  • Text Encoded Conversion
  • XML
  • Save / Share this Record
  • Send to Email