Poster
in
Workshop: Shift happens: Crowdsourcing metrics and test datasets beyond ImageNet
ImageNet-Patch: A Dataset for Benchmarking Machine Learning Robustness against Adversarial Patches
Maura Pintor · Daniele Angioni · Angelo Sotgiu · Luca Demetrio · Ambra Demontis · Battista Biggio · Fabio Roli
Keywords: [ out of ditribution detection ] [ adversarial machine learning ] [ Computer Vision ] [ Machine Learning ]
Adversarial patches are optimized contiguous pixel blocks in an input image that cause a machine-learning model to misclassify it.However, their optimization is computationally demanding and requires careful hyperparameter tuning.To overcome these issues, we propose ImageNet-Patch, a dataset to benchmark machine-learning models against adversarial patches.It consists of a set of patches optimized to generalize across different models and applied to ImageNet data after preprocessing them with affine transformations.This process enables an approximate yet faster robustness evaluation, leveraging the transferability of adversarial perturbations.