Certified Defense Framework against Patch Attacks on Images

Adversarial perturbation of all the image pixels is computationally intensive and may not be realized in practice. In contrast, an adversarial patch attack where an adversary can choose to perturb a specific subset of pixels in an image, is more practical in fooling a trained image classifier or hiding a person from an object-detection model.
In this project, we study and explore state-of-the-art adversarial patch attacks and their defences. An adversarial patch can easily fool the trained object detector to mark an image as having no object of interest, potentially leading to serious security gaps. Therefore, it is necessary to first identify and highlight images with the possible existence of adversarial patches for human verification

Faculty Supervisor:

Apurva Narayan

Student:

Partner:

TrojAI

Discipline:

Computer science

Sector:

Professional, scientific and technical services

University:

The University of British Columbia - Okanagan; The University of Western Ontario

Program:

Accelerate

Related projects

Discover more projects across a range of sectors and discipline — from AI to cleantech to social innovation.

View all
Current openings

Find the perfect opportunity to put your academic skills and knowledge into practice!

Find Projects

Mitacs Partners

The strong support from governments across Canada, international partners, universities, colleges, companies, and community organizations has enabled Mitacs to focus on the core idea that talent and partnerships power innovation — and innovation creates a better future.

Government
Academic
Industry
Innovation
International

International

Load More

International

Load More

Join a thriving innovation ecosystem.

Subscribe to our newsletter now!

Subscribe