‣

Project Outline

This project investigates the vulnerability of state-of-the-art cross-view geo-localization systems to physical adversarial attacks. Focusing on the TransGeo framework and the VIGOR dataset, the students will:

• Scope

  1. Environment & Baseline: Set up the TransGeo codebase, load and evaluate on VIGOR to establish standard Recall@k performance.
  2. Error Analysis: Use embedding visualization (t-SNE) and quantitative logs to identify why and where the model fails (e.g., occlusions, seasonal changes, low-texture scenes).
  3. Adversarial Methods Survey: Review digital (FGSM, PGD) and physical adversarial attack literature to understand feasible strategies for misleading geo-localization.
  4. Patch Design & Implementation: Leverage object segmentation (e.g., buildings, cars) to determine optimal patch locations; formulate and implement loss functions that encourage “different-city” mislocalization.
  5. Training & Evaluation: Build a optimization pipeline in PyTorch, generate physical-style patches, and measure their success rate (ASR), Recall degradation, and geographic displacement on held-out VIGOR splits.

• Objective

  By the end of the eight-week study, the team will have a clear understanding of cross-view geo-localization failure modes, a functioning adversarial-patch generation pipeline, and quantitative evidence of how small, physically realizable perturbations can systematically mislead TransGeo. The ultimate deliverables are (1) an analysis report detailing failure causes and attack design, (2) a set of optimized patches with performance metrics, and (3) a presentation summarizing methodology and findings.

VICEROY 2025 Summer Research Roadmap

Project Meetings

May-19-2025 Kickoff

VICEROY Project Meeting Recordings