Evasion attacks against on-device violent image classification deep learning models

Thumbnail Image

Files

bachelor_Shumilin_Anton_2025.pdf (1.25 MB)

URL

Journal Title

Journal ISSN

Volume Title

School of Science | Bachelor's thesis
Unless otherwise stated, all rights belong to the author. You may download, display and print this publication for Your own personal use. Commercial use is prohibited.

Authors

Date

2025-12-12

Department

Major/Subject

Data Science

Mcode

Degree programme

Aalto Bachelor's Programme in Science and Technology
Aalto Bachelor's Programme in Science and Technology
Aalto Bachelor's Programme in Science and Technology

Language

en

Pages

38

Series

Abstract

Deep learning models can be effectively utilized in many applications, including the detection of violent images. Unfortunately, these models can be vulnerable to attacks that introduce imperceptible modifications to the image. Such attacks can cause misclassification, which may lead to inefficiencies in public safety and to the spread of violent content. However, despite the risks, the research comparing attacks on violence detectors is limited. This thesis explores a range of attacks applicable to the on-device violence classification task. It presents a literature review that identifies various types of attacks under the threat model tailored to the task and proposes a taxonomy of the attack methods based on their scenarios and generation principles. The review complements the taxonomy with the analysis of the attack differences and recent improvements. The review is supplemented by an experiment, which evaluates a subset of the discussed attacks on lightweight violence classification models. The experiment demonstrates a significant vulnerability of undefended models and illustrates the effect of various attack constraints on the imperceptibility and generation time.

Description

Supervisor

Korpi-Lagg, Maarit

Thesis advisor

Szyller, Sebastian

Keywords

evasion attacks, computer vision, deep learning, image classification, violence detection

Other note

Citation

Permanent link to this item

https://urn.fi/URN:NBN:fi:aalto-202512309704

Collections

[kand] Perustieteiden korkeakoulu / SCI