This post is also available in:
עברית (Hebrew)
A recently published study has revealed a powerful technique capable of undermining some of the world’s most widely deployed AI vision models. The method, called RisingAttacK, allows attackers to subtly alter digital images in a way that causes artificial intelligence systems to misinterpret or completely miss key visual elements—without making noticeable changes to human observers.
Researchers at North Carolina State University demonstrated that this new adversarial attack outperforms previous approaches across multiple industry-standard computer vision models. By identifying and manipulating the most critical visual features within an image, the technique effectively deceives AI systems into ignoring or misclassifying objects they were specifically trained to detect.
The implications are serious. AI-powered computer vision is increasingly used in safety-critical environments—such as autonomous vehicles, medical diagnostics, and security systems. A manipulated image could cause a self-driving car to ignore a stop sign, or mislead a diagnostic AI into overlooking signs of disease on a medical scan.
RisingAttacK operates by analyzing how sensitive an AI model is to specific visual features. It then makes ultra-precise, minimal alterations to only the most influential parts of an image. These changes are imperceptible to the human eye but sufficient to disrupt the AI’s recognition process.
For instance, in a real-world scenario, two images might appear identical to a human viewer—both clearly showing a pedestrian. Yet, with RisingAttacK applied to one of them, the AI system might fail to register the pedestrian entirely.
What makes this technique particularly alarming is its versatility. The study found it could reliably disable recognition of any among the top 20 to 30 categories the AI was trained to detect—including traffic lights, vehicles, bicycles, and people.
The researchers emphasize that exposing these vulnerabilities is a necessary step toward building more robust AI defenses. As reliance on automated systems grows across sectors, securing AI from these forms of manipulation is increasingly urgent—especially in applications where misclassification can have life-threatening consequences.
