Adversarial Patch

Autor: Brown, Tom B., Mané, Dandelion, Roy, Aurko, Abadi, Martín, Gilmer, Justin
Rok vydání: 2017
Předmět:
Druh dokumentu: Working Paper
Popis: We present a method to create universal, robust, targeted adversarial image patches in the real world. The patches are universal because they can be used to attack any scene, robust because they work under a wide variety of transformations, and targeted because they can cause a classifier to output any target class. These adversarial patches can be printed, added to any scene, photographed, and presented to image classifiers; even when the patches are small, they cause the classifiers to ignore the other items in the scene and report a chosen target class. To reproduce the results from the paper, our code is available at https://github.com/tensorflow/cleverhans/tree/master/examples/adversarial_patch
Databáze: arXiv