StyleFool: Fooling Video Classification Systems via Style Transfer

arXiv:2203.16000v4 Announce Type: replace-cross
Abstract: Video classification systems are vulnerable to adversarial attacks, which can create severe security problems in video verification. Current black-box attacks need a large number of queries to succeed, resulting in high computational overhead in the process of attack. On the other hand, attacks with restricted perturbations are ineffective against defenses such as denoising or adversarial training. In this paper, we focus on unrestricted perturbations and propose StyleFool, a black-box video adversarial attack via style transfer …

adversarial adversarial attacks arxiv attack attacks box can classification computational cs.cr cs.cv current high large problems process restricted security systems transfer verification video vulnerable