IPG: Incremental Patch Generation for Generalized Adversarial Patch Training

The advent of adversarial patches poses a significant challenge to the robustness of AI models, particularly in the domain of computer vision tasks such as object detection. In contradistinction to traditional adversarial examples, these patches target specific regions of an image, resulting in the malfunction of AI models. This paper proposes Incremental Patch Generation (IPG), a method that generates adversarial patches up to 11.1 times more efficiently than existing approaches while maintaining comparable attack performance. The efficacy of IPG is demonstrated by experiments and ablation studies including YOLO's feature distribution visualization and adversarial training results, which show that it produces well-generalized patches that effectively cover a broader range of model vulnerabilities. Furthermore, IPG-generated datasets can serve as a robust knowledge foundation for constructing a robust model, enabling structured representation, advanced reasoning, and proactive defenses in AI security ecosystems. The findings of this study suggest that IPG has considerable potential for future utilization not only in adversarial patch defense but also in real-world applications such as autonomous vehicles, security systems, and medical imaging, where AI models must remain resilient to adversarial attacks in dynamic and high-stakes environments.

Key Contributions

• IPG method that generates generalized adversarial patches up to 11.1x more efficiently than existing approaches while maintaining comparable attack performance
• Demonstration via YOLO feature distribution visualization that IPG patches cover a broader range of model vulnerabilities than prior methods
• IPG-generated datasets as a knowledge foundation for adversarial training, enabling more robust object detection models

🛡️ Threat Analysis

Details

Similar Papers