The paper proposes a novel Adversarial Attenuation Patch (AAP) method, which is a physically realizable and stealthy adversarial attack designed to degrade SAR target detection performance.

The paper introduces AdvScene, a novel scene-grounded framework that measures the real-world 'scene robustness' of adversarial patches by characterizing their operational envelope across varying viewp…

The paper proposes CAAP, a capture-aware adversarial patch framework, demonstrating that deep palmprint recognition systems remain vulnerable to physically realizable attacks despite existing defenses…

The paper proposes a unified, architecture-agnostic framework that significantly improves the robustness of deepfake image detectors against adversarial attacks by focusing on higher-order frequency s…

DETOUR proposes a practical backdoor attack against object detection models by using semantic triggers that are robust to variations in size, location, and field of view (FoV), overcoming limitations…

The paper introduces a novel adversarial attack that uses static, view-dependent camouflage on a vehicle to induce consistent feature drift, causing autonomous systems to predict false, yet plausible,…

This paper demonstrates that neural operators used in digital twins for nuclear systems are highly vulnerable to undetectable, sparse adversarial perturbations, necessitating new robustness guarantees…

This paper systematically analyzes the high cross-architecture transferability of physical adversarial attacks on Vision-Language Models (VLMs) used in autonomous driving, demonstrating that attacks e…

The paper introduces the Street-legal Physical Adversarial Rim (SPAR), a physically realizable and street-legal white-box attack that significantly degrades the accuracy of modern Automatic License Pl…

This paper systematically analyzes 48 studies on perception attacks against autonomous vehicles, revealing that the increasing reliance on multi-sensor fusion creates new, complex vulnerabilities that…

The paper introduces SADBench, a systematic benchmark designed to evaluate both the effectiveness of steganographic attacks injecting harmful content and the robustness of steganalysis defenses agains…

The paper identifies a critical vulnerability, the Camouflage Detection Gap (CDG), where standard LLM injection detectors fail dramatically when malicious payloads mimic the target domain's language a…

The paper formally proves a theorem regarding adversarial noise amplification and proposes a novel, lightweight detection mechanism that uses this enhanced signal for robust adversarial defense.

This paper proposes using cyber deception with honey drones (HDs) to defend UAV mission systems against Denial-of-Service (DoS) attacks, achieving superior performance using a novel Hypergame-Theoreti…

The paper demonstrates a coordinated, cross-modal spoofing attack that successfully deceives state-of-the-art multi-sensor fusion systems in autonomous vehicles by making multiple sensors agree on a f…

This study comparatively evaluates four CNN architectures (VGG16, ResNet50, EfficientNetB0, and XceptionNet) for fake image detection, finding VGG16 achieved the highest accuracy (91%).

The paper proposes evaluating certified training methods by comparing their Pareto fronts across the natural-certified accuracy trade-off, revealing superior performance and previously unappreciated c…

This paper systematically investigates the vulnerability of near-field mmWave imaging to physical waveform-domain adversarial attacks, demonstrating that while deep learning algorithms show higher rob…

PatchPoison introduces a lightweight dataset-poisoning method that injects small, high-frequency adversarial patches into multi-view image datasets to systematically corrupt feature matching and degra…

The paper proposes a detection-aware adversarial fine-tuning framework to mitigate backdoor attacks in object detection models, achieving better defense while preserving clean detection performance co…