Performance Measurement and Analysis ofCertifiable Defenses against Adversarial PatchAttacks

Read the full article See related articles

Listed in

This article is not in any list yet, why not save it to one of your lists.
Log in to save this article

Abstract

We consider deep learning-based perception in real-time, safety-critical cyber-physical systems (CPS), such as autonomous driving and robotics, where embedded computing platforms typically operate under limited hardware resources due to SWaP-C (Size, Weight, Power, and Cost) constraints. In computer vision-based deep learning perception, adversarial patch attacks have emerged as a powerful method for deceiving classifiers. These attacks involve placing a carefully crafted patch on the input image, constituting a physically realizable and practical threat. Defense techniques against such attacks remain an active area of research. In this study, we evaluate and compare six well-known certifiable adversarial patch defenses, encompassing 14 models, across three different hardware platforms. We analyze their performance in terms of accuracy and processing time, highlighting key trade-offs. This paper aims to serve as a reference for selecting adversarial patch defense algorithms in real-time, safety-critical applications.

Article activity feed