Emerging
Jun 18, 20261
67%
Research Paper on Budget-Aware Adversarial Patches Against Object Detection Systems
Researchers have submitted a paper examining adversarial patches—visual perturbations that can fool object detection systems. The study presents a query-efficient attack method that adapts patch size and placement to work within computational budgets, demonstrating vulnerability across multiple detector architectures including both CNN and transformer-based models.
Quick Facts
Who
Pedram MohajerAnsari
What
Submitted research paper on adversarial patches against object detectors
When
June 16, 2026 submission
Where
arXiv Computer Vision and Pattern Recognition category
- Submitted research paper on adversarial patches against object detectors
- Developed budget-adaptive black-box attack method
- Evaluated against YOLOv5, Faster R-CNN, and YOLOS detectors
- Conducted print-capture pilot experiment for physical transferability
- Implemented Contextual Thompson-Sampling placement strategy with NES-style pixel updates
A new research paper submitted to arXiv's Computer Vision and Pattern Recognition category examines vulnerabilities in modern object detection systems to adversarial patches. The study, submitted by Pedram MohajerAnsari on June 16, 2026, addresses three significant gaps in existing research on adversarial attacks against object detectors.
The paper identifies limitations in prior work: few studies conduct score-based black-box attacks that jointly optimize patch location, texture, and size under strict query budgets; success metrics are rarely connected to the patch's visual footprint; and evaluations frequently conflate expectation-over-transformation (EOT) robustness with actual suppression in plain-view scenarios. These gaps have limited the practical applicability of findings for securing object detection systems.
The researchers present a novel approach that couples a lightweight Contextual Thompson-Sampling placement strategy with Natural Evolution Strategy (NES)-style pixel updates. The method grows patches only when optimization progress stalls, enabling query-efficient attacks within tight computational budgets. The reporting framework emphasizes strict plain-image suppression testing while auditing but not relying on EOT as a success metric, with optional appearance and printability weighting to expose trade-offs between attack strength and visual visibility.
The research evaluates the proposed method against multiple state-of-the-art object detection architectures, including CNN-based systems (YOLOv5, Faster R-CNN) and a transformer-based detector (YOLOS). Results demonstrate strong suppression on CNN-based detectors and substantial suppression on the transformer model, using notably compact patches. A print-and-capture pilot experiment further validates the approach's transferability across previously unseen physical objects and viewpoints, suggesting practical real-world applicability.
The study contributes to understanding the vulnerability landscape of modern computer vision systems and provides insights into query-footprint trade-offs compared to fixed-size and heuristic baseline approaches. This work has implications for both the development and robustness testing of object detection systems used in security-critical applications.
Why This Matters
This research exposes critical vulnerabilities in widely-deployed object detection systems that are fundamental to autonomous vehicles, surveillance, and security applications. By demonstrating query-efficient adversarial attacks that work within realistic computational constraints and transfer to physical environments, the paper provides a wake-up call for practitioners to strengthen defenses against adversarial perturbations. The work has direct implications for security testing protocols and the development of robust computer vision systems in high-stakes domains.
Timeline & Sources
Jun 16, 2026
WireResearch paper submitted to arXiv by Pedram MohajerAnsari
Jun 18, 2026
WirePaper published and announced on arXiv Computer Vision and Pattern Recognition category