Figure 2: Diagram of an adversarial attack. An attacker can easily generate a perturbation that causes the AI system to recognise a stop sign as a 100 km/h speed limit sign. Source: Federal Office for Information Security
Use of cookies
The BSI does not save any personal data from our website visitors. Read more about our Privacy Policy