Go to DBLP homepageA Dynamic Thermal IR Display for Physical Adversarial Attacks
Abstract: Machine learning systems, and specifically deep neural networks, are increasingly being utilized in domains beyond the standard visible spectrum in imagery applications. Work researching adversarial vulnerabilities in these domains, meanwhile, is still catching up. While some work has been done to extend digital attacks to various domains, most research largely focuses on virtual attacks, or visible spectrum imaging, where a color printer is all that is typically needed to deploy such attacks in the physical world. In this work, we demonstrate adversarial attacks on thermal imaging in long-wave infrared (IR). After demonstrating these attacks digitally, we introduce a programmable prototype tool developed for displaying these adversary thermal patches in the physical domain. This tool allows us to rapidly test different attacks and evaluate their efficacy as a virtual versus physical attack, which is work that has previously only been demonstrated with imagery in the human-visible spectrum, and opens the door to future adversarial attacks against multi-modal ML systems.
Loading