Ben Nassi
Yisroel Mirsky
Skip Abstract Section
Abstract
Enabling object detectors to better distinguish between real and fake objects in semi-autonomous and fully autonomous vehicles.
- Anker. 2019. Nebula Capsule; https://amzn.to/3XWDrgY.Google Scholar
- Arcos-Garcia, A., Alvarez-Garcia, J.A., and Soria-Morillo, L.M. Evaluation of deep neural networks for traffic sign detection systems. Neurocomputing 316 (2018), 332--344; http://bit.ly/3J8klQZ.Google ScholarCross Ref
- Bertozzi, M. and Broggi, A. GOLD: A parallel real-time stereo vision system for generic obstacle and lane detection. IEEE Transactions on Image Processing 7, 1 (1998), 62--81.Google ScholarDigital Library
- Brown, T.B. et al. Adversarial patch (2017); arXiv preprint arXiv:1712.09665.Google Scholar
- Carlini, N. and Wagner, D. Towards evaluating the robustness of neural networks. In 2017 IEEE Symp. on Security and Privacy, 39--57.Google Scholar
- Chen, P-Y. et al. EAD: Elastic-net attacks to deep neural networks via adversarial examples (2017); arXiv preprint arXiv:1709.04114.Google Scholar
- Chen, S-T., Cornelius, C., Martin, J., and Chau, D.H.P. Shapeshifter: Robust physical adversarial attack on Faster R-CNN object detector. In Joint European Conf. on Machine Learning and Knowledge Discovery in Databases, Springer (2018), 52--68.Google Scholar
- Dai, J., He, K., Li, Y., and Sun, J. R-FCN: Object detection via region-based fully convolutional networks. In Advances in Neural Information Processing Systems (2016), 379--387.Google Scholar
- De La Escalera, A., Moreno, L.E., Salichs, M.A., and Armingol, J.M. Road traffic sign detection and classification. IEEE Transactions on Industrial Electronics 44, 6 (1997), 848--859.Google ScholarCross Ref
- Eykholt, K. et al. Robust physical-world attacks on deep learning visual classification. In 2018 IEEE/CVF Conf. on Computer Vision and Pattern Recognition, 1625--1634; http://bit.ly/3WC075l.Google Scholar
- Farnebäck, G. Two-frame motion estimation based on polynomial expansion. In Scandinavian Conf. on Image Analysis, Springer (2003), 363--370.Google ScholarCross Ref
- Fayyad, J., Jaradat, M.A., Gruyer, D., and Najjaran, H. Deep learning sensor fusion for autonomous vehicle perception and localization: A review. Sensors 20, 15 (2020), 4220.Google ScholarCross Ref
- García-Martín, E. et al. Estimation of energy consumption in machine learning. J. Parallel and Distributed Computing 134 (2019), 75--88; https://bit.ly/3WFS8UL.Google ScholarDigital Library
- Goodfellow, I.J., Shlens, J., and Szegedy, C. Explaining and harnessing adversarial examples. (2014); arXiv preprint arXiv:1412.6572.Google Scholar
- He, K., Zhang, X., Ren, S., and Sun, J. Delving deep into rectifiers: Surpassing human-level performance on imagenet classification. In Proceedings of the IEEE Intern. Conf. on Computer Vision (2015), 1026--1034.Google ScholarDigital Library
- Howard, A.G. et al. Mobilenets: Efficient convolutional neural networks for mobile vision applications (2017); arXiv preprint arXiv:1704.04861.Google Scholar
- Huang, J. et al. Speed/accuracy trade-offs for modern convolutional object detectors. In Proceedings of the IEEE Conf. on Computer Vision and Pattern Recognition (2017), 7310--7311.Google Scholar
- Hwang, J-N. and Hu, Y-H. Handbook of Neural Network Signal Processing, CRC Press (2001).Google Scholar
- Ioffe, S. and Szegedy, C. Batch normalization: Accelerating deep network training by reducing internal covariate shift (2015); arXiv preprint arXiv:1502.03167.Google Scholar
- Jang, U., Wu, X., and Jha, S. Objective metrics and gradient descent algorithms for adversarial examples in machine learning. In Proceedings of the 33rd Annual Computer Security Applications Conf. (2017), 262--277.Google ScholarDigital Library
- Kurakin, A., Goodfellow, I., and Bengio, S. Adversarial examples in the physical world. (2016); arXiv preprint arXiv:1607.02533.Google Scholar
- Lee, T.B. Men hack electronic billboard, play porn on it. Ars Technica (October 1, 2019); http://bit.ly/3wvLoy4.Google Scholar
- Li, D., et al. Evaluating the energy efficiency of deep convolutional neural networks on CPUs and GPUs. In 2016 IEEE Intern. Confs. on Big Data and Cloud Computing; Social Computing and Networking; Sustainable Computing; and Communications. 477--484.Google Scholar
- Liu, W. et al. High-level semantic feature detection: A new perspective for pedestrian detection. In Proceedings of the IEEE/CVF Conf. on Computer Vision and Pattern Recognition (2019), 5187--5196.Google Scholar
- Moosavi-Dezfooli, S-M., Fawzi, A., Fawzi, O., and Frossard, P. Universal adversarial perturbations. In Proceedings of the IEEE Conf. on Computer Vision and Pattern Recognition (2017), 1765--1773.Google ScholarCross Ref
- Moosavi-Dezfooli, S-M., Fawzi, A., and Frossard, P. Deepfool: A simple and accurate method to fool deep neural networks. In Proceedings of the IEEE Conf. on Computer Vision and Pattern Recognition (2016), 2574--2582.Google ScholarCross Ref
- Morgulis, N., Kreines, A., Mendelowitz, S., and Weisglass, Y. Fooling a real car with adversarial traffic signs (2019); arXiv preprint arXiv:1907.00374.Google Scholar
- Nassi, B., Shams, J., Netanel, R.B., and Elovici, Y. bAdvertisement: Attacking advanced driver-assistance systems using print advertisements (2022); http://bit.ly/3YaCdPe.Google Scholar
- Nguyen, A., Yosinski, J., and Clune, J. Deep neural networks are easily fooled: High confidence predictions for unrecognizable images. In Proceedings of the IEEE Conf. on Computer Vision and Pattern Recognition (2015), 427--436.Google ScholarCross Ref
- Papernot, P. et al. The limitations of deep learning in adversarial settings. In 2016 IEEE European Symp. on Security and Privacy, 372--387.Google Scholar
- Ren, S., He, K., Girshick, R., and Sun, J. Faster R-CNN: Towards real-time object detection with region proposal networks. In IEEE Transactions on Pattern Analysis and Machine Intelligence 39, 6 (June 2017), 1137--1149.Google ScholarDigital Library
- Sitawarin, C. et al. Darts: Deceiving autonomous cars with toxic signs (2018); arXiv preprint arXiv:1802.06430.Google Scholar
- Song, D. et al. Physical adversarial examples for object detectors. USENIX Workshop on Offensive Technologies (2018).Google Scholar
- Strubell, E., Ganesh, A., and McCallum, A. Energy and policy considerations for deep learning in NLP (2019); arXiv preprint arXiv:1906.02243.Google Scholar
- Security tutorials: Hacking digital billboards; http://bit.ly/3HpuIx9.Google Scholar
- Wallace, R.S. et al. First results in robot road-following. In Proceedings of the 9th Intern. Joint Conf. on Artificial Intelligence 2, (August 1985), 1089--1095.Google Scholar
- Wilson, Z. Why Ben Fordham's face is confusing cars in Sydney traffic. Radio Today (September 30, 2020); http://bit.ly/3JA0YAE.Google Scholar
- Xu, K. et al. Adversarial T-shirt! Evading person detectors in a physical world (2019); http://bit.ly/3YekxSX.Google Scholar
- Zhao, L. and Thorpe, C.E. Stereo- and neural network-based pedestrian detection. IEEE Transactions on Intelligent Transportation Systems 1, 3 (2000), 148--154.Google ScholarDigital Library
- Zhao, Y. et al. Seeing isn't believing: Towards more robust adversarial attack against real world object detectors. In Proceedings of the 2019 ACM SIGSAC Conf. on Computer and Communications Security, 1989--2004 Google ScholarDigital Library
Index Terms
Protecting Autonomous Cars from Phantom Attacks
Comments