@Article{cmc.2025.072449,
AUTHOR = {Leyu Dai, Jindong Wang, Ming Zhou, Song Guo, Hengwei Zhang},
TITLE = {AdvYOLO: An Improved Cross-Conv-Block Feature Fusion-Based YOLO Network for Transferable Adversarial Attacks on ORSIs Object Detection},
JOURNAL = {Computers, Materials \& Continua},
VOLUME = {87},
YEAR = {2026},
NUMBER = {1},
PAGES = {--},
URL = {http://www.techscience.com/cmc/v87n1/66028},
ISSN = {1546-2226},
ABSTRACT = {In recent years, with the rapid advancement of artificial intelligence, object detection algorithms have made significant strides in accuracy and computational efficiency. Notably, research and applications of Anchor-Free models have opened new avenues for real-time target detection in optical remote sensing images (ORSIs). However, in the realm of adversarial attacks, developing adversarial techniques tailored to Anchor-Free models remains challenging. Adversarial examples generated based on Anchor-Based models often exhibit poor transferability to these new model architectures. Furthermore, the growing diversity of Anchor-Free models poses additional hurdles to achieving robust transferability of adversarial attacks. This study presents an improved cross-conv-block feature fusion You Only Look Once (YOLO) architecture, meticulously engineered to facilitate the extraction of more comprehensive semantic features during the backpropagation process. To address the asymmetry between densely distributed objects in ORSIs and the corresponding detector outputs, a novel dense bounding box attack strategy is proposed. This approach leverages dense target bounding boxes loss in the calculation of adversarial loss functions. Furthermore, by integrating translation-invariant (TI) and momentum-iteration (MI) adversarial methodologies, the proposed framework significantly improves the transferability of adversarial attacks. Experimental results demonstrate that our method achieves superior adversarial attack performance, with adversarial transferability rates (ATR) of 67.53% on the NWPU VHR-10 dataset and 90.71% on the HRSC2016 dataset. Compared to ensemble adversarial attack and cascaded adversarial attack approaches, our method generates adversarial examples in an average of 0.64 s, representing an approximately 14.5% improvement in efficiency under equivalent conditions.},
DOI = {10.32604/cmc.2025.072449}
}