Deep Neural Networks exhibit inherent vulnerabilities to adversarial attacks, which can significantly compromise their outputs and reliability. While existing research primarily focuses on attacking single-task scenarios or indiscriminately targeting all tasks in multi-task environments, we investigate selectively targeting one task while preserving performance in others within a multi-task framework. This approach is motivated by varying security priorities among tasks in real-world applications, such as autonomous driving, where misinterpreting critical objects (e.g., signs, traffic lights) poses a greater security risk than minor depth miscalculations. Consequently, attackers may hope to target security-sensitive tasks while avoiding non-critical tasks from being compromised, thus evading being detected before compromising crucial functions. In this paper, we propose a method for the stealthy multi-task attack framework that utilizes multiple algorithms to inject imperceptible noise into the input. This novel method demonstrates remarkable efficacy in compromising the target task while simultaneously maintaining or even enhancing performance across non-targeted tasks - a criterion hitherto unexplored in the field. Additionally, we introduce an automated approach for searching the weighting factors in the loss function, further enhancing attack efficiency. Experimental results validate our framework's ability to successfully attack the target task while preserving the performance of non-targeted tasks. The automated loss function weight searching method demonstrates comparable efficacy to manual tuning, establishing a state-of-the-art multi-task attack framework.

翻译：深度神经网络对对抗攻击存在固有的脆弱性，这些攻击可能严重损害其输出与可靠性。现有研究主要集中于攻击单任务场景或无差别地攻击多任务环境中的所有任务，而本文研究在多任务框架内选择性攻击某一任务，同时保持其他任务性能的方法。该方法的动机源于实际应用中不同任务的安全优先级差异，例如在自动驾驶场景中，误判关键物体（如标志、交通灯）比微小的深度计算误差构成更大的安全风险。因此，攻击者可能期望针对安全敏感任务进行攻击，同时避免非关键任务受损，从而在破坏关键功能前规避检测。本文提出一种隐蔽式多任务攻击框架方法，利用多种算法向输入注入难以察觉的噪声。这一新颖方法在破坏目标任务的同时，能保持甚至提升非目标任务的性能——该标准在领域内尚未被探索。此外，我们引入一种自动搜索损失函数权重因子的方法，进一步提升攻击效率。实验结果验证了本框架在成功攻击目标任务的同时保持非目标任务性能的能力。自动损失函数权重搜索方法展现出与人工调优相当的效果，确立了当前最先进的多任务攻击框架。