smorrins ML Blog

Hands-on adversarial attack on traffic signs

Would you bet your life on a deep learning model trying to recognize a stop sign? In this post, I show why you shouldn’t (at least in theory) by exploring adversarial attacks hands on. Using subtle pixel changes, we’ll trick CNNs into misintepreting a stop sign - the one you’re seeing as a thumbnail is actually not recognized by the model!