When AI Fails to See: Adversarial Patches and their Impact on AI Models

Abstract:

This article delves into the realm of adversarial attacks in artificial intelligence, with a focus on adversarial patches and their impact on object detection models, particularly YOLOv5x. These patches, which manipulate AI perception by introducing deceptive visual elements into input data, pose significant threats to applications reliant on accurate AI interpretation, such as autonomous navigation and security systems. Our research investigates the transferability of these patches across different AI models, exploring whether vulnerabilities detected in YOLOv5x are model-specific or indicative of broader systemic weaknesses. Moreover, we assess the efficacy of re-training AI models with adversarial data as a potential defence strategy, hypothesizing that such training can enhance model resilience to these attacks. Experiments demonstrate that while re-training with adversarial patches improves model resistance, the effectiveness varies depending on the nature and amount of adversarial data used. The study contributes to ongoing discussions in AI cybersecurity, emphasizing the need for continuous research to develop robust defence mechanisms against sophisticated adversarial techniques.