Deep learning models often face challenges when handling real-world image corruptions. In response, researchers have developed image corruption datasets to evaluate the performance of deep neural networks in handling such corruptions. However, these datasets have a significant limitation: they do not account for all corruptions encountered in real-life scenarios. To address this gap, we present MUFIA (Multiplicative Filter Attack), an algorithm designed to identify the specific types of corruptions that can cause models to fail. Our algorithm identifies the combination of image frequency components that render a model susceptible to misclassification while preserving the semantic similarity to the original image. We find that even state-of-the-art models trained to be robust against known common corruptions struggle against the low visibility-based corruptions crafted by MUFIA. This highlights the need for more comprehensive approaches to enhance model robustness against a wider range of real-world image corruptions.

翻译：深度学习模型在处理真实世界中的图像损坏时常常面临挑战。为此，研究人员开发了图像损坏数据集，以评估深度神经网络应对此类损坏的性能。然而，这些数据集存在一个显著局限：它们无法涵盖真实场景中可能遇到的所有损坏类型。为弥补这一不足，我们提出了MUFIA（乘法滤波器攻击）算法，该算法旨在识别可能导致模型失效的特定损坏类型。我们的算法能够找出使模型易受错误分类影响的图像频率分量组合，同时保持与原始图像的语义相似性。我们发现，即便是针对已知常见损坏训练的最先进鲁棒模型，也难以应对MUFIA所生成的基于低可见性的损坏。这凸显了需要采用更全面的方法，以增强模型对更广泛真实世界图像损坏的鲁棒性。