상세 보기
- Park, Donghyeok;
- Yeon, Sumin;
- Seo, Hyeon;
- Buu, Seok-Jun;
- Lee, Suwon
WEB OF SCIENCE
2SCOPUS
2초록
Recent research on adversarial attacks has primarily focused on white-box attack techniques, with limited exploration of black-box attack methods. Furthermore, in many black-box research scenarios, it is assumed that the output label and probability distribution can be observed without imposing any constraints on the number of attack attempts. Unfortunately, this disregard for the real-world practicality of attacks, particularly their potential for human detectability, has left a gap in the research landscape. Considering these limitations, our study focuses on using a similar color attack method, assuming access only to the output label, limiting the number of attack attempts to 100, and subjecting the attacks to human perceptibility testing. Through this approach, we demonstrated the effectiveness black box attack techniques in deceiving models and achieved a success rate of 82.68% in deceiving humans. This study emphasizes the significance of research that addresses the challenge of deceiving both humans and models, highlighting the importance of real-world applicability.
키워드
- 제목
- Practical Adversarial Attacks Imperceptible to Humans in Visual Recognition
- 저자
- Park, Donghyeok; Yeon, Sumin; Seo, Hyeon; Buu, Seok-Jun; Lee, Suwon
- 발행일
- 2025-02
- 유형
- Article
- 권
- 142
- 호
- 3
- 페이지
- 2725 ~ 2737