advPattern: Physical-World Attacks on Deep Person Re-Identification via Adversarially Transformable Patterns

08/25/2019
by   Zhibo Wang, et al.
13

Person re-identification (re-ID) is the task of matching person images across camera views, which plays an important role in surveillance and security applications. Inspired by great progress of deep learning, deep re-ID models began to be popular and gained state-of-the-art performance. However, recent works found that deep neural networks (DNNs) are vulnerable to adversarial examples, posing potential threats to DNNs based applications. This phenomenon throws a serious question about whether deep re-ID based systems are vulnerable to adversarial attacks. In this paper, we take the first attempt to implement robust physical-world attacks against deep re-ID. We propose a novel attack algorithm, called advPattern, for generating adversarial patterns on clothes, which learns the variations of image pairs across cameras to pull closer the image features from the same camera, while pushing features from different cameras farther. By wearing our crafted "invisible cloak", an adversary can evade person search, or impersonate a target person to fool deep re-ID models in physical world. We evaluate the effectiveness of our transformable patterns on adversaries'clothes with Market1501 and our established PRCS dataset. The experimental results show that the rank-1 accuracy of re-ID models for matching the adversary decreases from 87.9 the adversary can impersonate a target person with 47.1 67.9 systems are vulnerable to our physical attacks.

READ FULL TEXT

page 1

page 2

page 3

page 4

page 5

page 6

page 7

page 9

research
09/17/2020

Physical-world attacks on deep person re-identification via adversarially transformable patterns

Person re-identification (re-ID) is the task of matching person images a...
research
10/30/2019

Universal Adversarial Perturbations Against Person Re-Identification

Person re-identification (re-ID) has made great progress and achieved hi...
research
01/30/2019

Adversarial Metric Attack for Person Re-identification

Person re-identification (re-ID) has attracted much attention recently d...
research
08/23/2021

Multi-Expert Adversarial Attack Detection in Person Re-identification Using Context Inconsistency

The success of deep neural networks (DNNs) haspromoted the widespread ap...
research
12/02/2021

Stronger Baseline for Person Re-Identification

Person re-identification (re-ID) aims to identify the same person of int...
research
08/16/2018

Measuring the Temporal Behavior of Real-World Person Re-Identification

Designing real-world person re-identification (re-id) systems requires a...
research
10/15/2020

Taking A Closer Look at Synthesis: Fine-grained Attribute Analysis for Person Re-Identification

Person re-identification (re-ID) plays an important role in applications...

Please sign up or login with your details

Forgot password? Click here to reset