Presentation + Paper
27 May 2022 Metrics for evaluating adversarial attack patterns
Author Affiliations +
Abstract
The machine learning community has seen an explosion in the sophistication of adversarial attacks against deep neural network-based computer vision models. In particular, researchers have successfully used adversarial patterns to trigger false positive or false negative results in both research and real-world settings. However, researchers have not yet codified performance metrics for evaluating the efficacy of attack techniques. This evaluation is needed to adequately assess performance improvements of novel adversarial attack methods. This study aims to contribute the following: adversarial pattern performance metrics, demonstration of each metric’s strengths and contributions on a case study, and an initial standardized performance evaluation strategy for novel adversarial pattern attacks. We train state-of-the-art deep neural network-based object detection models on an open-source dataset. We then use these trained models to evaluate trained adversarial patterns for both false positive and false negative attacks and evaluate their performance using our suite of metrics in order to establish and codify a workflow to be used when evaluating future adversarial pattern algorithms.
Conference Presentation
© (2022) COPYRIGHT Society of Photo-Optical Instrumentation Engineers (SPIE). Downloading of the abstract is permitted for personal use only.
Savanna Smith, Shunta Muto, Anna Evans, Chris M. Ward, Josh Harguess, and Emily Holt "Metrics for evaluating adversarial attack patterns", Proc. SPIE 12099, Geospatial Informatics XII, 120990D (27 May 2022); https://doi.org/10.1117/12.2624452
Advertisement
Advertisement
RIGHTS & PERMISSIONS
Get copyright permission  Get copyright permission on Copyright Marketplace
KEYWORDS
Performance modeling

Data modeling

Sensors

Evolutionary algorithms

Detection and tracking algorithms

Machine learning

Optimization (mathematics)

Back to Top