| CPC G06F 18/24 (2023.01) [G06F 18/214 (2023.01); G06F 18/2163 (2023.01); G06F 18/217 (2023.01); G06F 18/232 (2023.01); G06F 21/566 (2013.01); G06N 3/08 (2013.01); G06V 10/22 (2022.01); G06F 2221/034 (2013.01)] | 17 Claims |
|
1. A system for object detection that is robust to adversarial attacks, the system comprising:
one or more processors and a non-transitory computer-readable medium having executable instructions encoded thereon such that when executed, the one or more processors perform operations of:
generating an initial hypothesis of an identity of an object in an input image using a sparse convolutional neural network (CNN) and a distribution aware classifier;
performing a foveated hypothesis verification process, wherein performing the foveated hypothesis verification process comprises identifying a region of the input image that supports the initial hypothesis;
using a part-based classifier, predicting an identity of a part of the object in the region of the input image;
determining an attack probability for the predicted identity of the part;
updating the initial hypothesis based on the predicted identity of the part and the attack probability;
performing the foveated hypothesis verification process and updating of hypotheses until a hypothesis reaches a certainty threshold;
labeling the object based on the hypothesis that reached the certainty threshold; and
controlling an action performed by an autonomous platform based on the labeling of the object.
|