This paper implements and investigates popular adversarial attacks on the YOLOv5 Object Detection algorithm. The paper explores the vulnerability of the YOLOv5 to adversarial attacks in the context of traffic and road sign detection. The paper investigates the impact of different types of attacks, including the Limited memory Broyden Fletcher Goldfarb Shanno (L-BFGS), the Fast Gradient Sign Method (FGSM) attack, the Carlini and Wagner (C&W) attack, the Basic Iterative Method (BIM) attack, the Projected Gradient Descent (PGD) attack, One Pixel Attack, and the Universal Adversarial Perturbations attack on the accuracy of YOLOv5 in detecting traffic and road signs. The results show that YOLOv5 is susceptible to these attacks, with misclassification rates increasing as the magnitude of the perturbations increases. We also explain the results using saliency maps. The findings of this paper have important implications for the safety and reliability of object detection algorithms used in traffic and transportation systems, highlighting the need for more robust and secure models to ensure their effectiveness in real-world applications.

翻译：本文实现并研究了针对YOLOv5目标检测算法的常见对抗攻击。论文探讨了在交通与路标检测场景下YOLOv5对对抗攻击的脆弱性，系统分析了不同攻击类型对YOLOv5检测精度的影响，包括有限内存Broyden-Fletcher-Goldfarb-Shanno（L-BFGS）攻击、快速梯度符号法（FGSM）攻击、Carlini和Wagner（C&W）攻击、基本迭代法（BIM）攻击、投影梯度下降（PGD）攻击、单像素攻击以及通用对抗扰动攻击。实验结果表明，YOLOv5易受上述攻击影响，且误分类率随扰动幅度增大而上升。本文还利用显著性图谱对结果进行了解释。该研究对交通与运输系统中目标检测算法的安全性和可靠性具有重要启示，强调了构建更鲁棒、更安全模型以确保其在真实场景中有效性的必要性。