Autoencoder-based Denoising Defense against Adversarial Attacks on Object Detection
This addresses security vulnerabilities in object detection for applications like autonomous driving, but it is incremental as it provides only partial defense without model retraining.
The paper tackles the problem of adversarial attacks degrading object detection performance by proposing an autoencoder-based denoising defense, which recovers bbox mAP from 0.1640 to 0.1700 (3.7% recovery) and improves bbox mAP@50 by 10.8% on COCO dataset images.
Deep learning-based object detection models play a critical role in real-world applications such as autonomous driving and security surveillance systems, yet they remain vulnerable to adversarial examples. In this work, we propose an autoencoder-based denoising defense to recover object detection performance degraded by adversarial perturbations. We conduct adversarial attacks using Perlin noise on vehicle-related images from the COCO dataset, apply a single-layer convolutional autoencoder to remove the perturbations, and evaluate detection performance using YOLOv5. Our experiments demonstrate that adversarial attacks reduce bbox mAP from 0.2890 to 0.1640, representing a 43.3% performance degradation. After applying the proposed autoencoder defense, bbox mAP improves to 0.1700 (3.7% recovery) and bbox mAP@50 increases from 0.2780 to 0.3080 (10.8% improvement). These results indicate that autoencoder-based denoising can provide partial defense against adversarial attacks without requiring model retraining.