Adversarial Framing for Image and Video Classification
This addresses security concerns in computer vision systems by providing a novel attack method that is universal and efficient, though it is incremental in the context of adversarial attack research.
The paper tackles the problem of neural networks being vulnerable to adversarial attacks by introducing a method that adds an adversarial framing on the image border without altering the image content, achieving successful attacks on state-of-the-art image and video classification models with fast test-time performance.
Neural networks are prone to adversarial attacks. In general, such attacks deteriorate the quality of the input by either slightly modifying most of its pixels, or by occluding it with a patch. In this paper, we propose a method that keeps the image unchanged and only adds an adversarial framing on the border of the image. We show empirically that our method is able to successfully attack state-of-the-art methods on both image and video classification problems. Notably, the proposed method results in a universal attack which is very fast at test time. Source code can be found at https://github.com/zajaczajac/adv_framing .