NIC Lab | 王晓飞

个人信息

共撰写/参与撰写专利 0 项，录用/发表论文 2 篇，投出待录用论文0篇。

Partially Observable Adversarial Patch Attacks on Vision-Language-Action Models in Robotics IEEE Robotics and Automation Letters 2026 [Abs] [pdf]
Vision–language–action (VLA) models are gaining attention in robotics, yet their robustness to adversarial attacks remains largely unexplored. Existing work shows that adversarial patches can mislead VLA-based robots but assumes full access to the entire execution trajectory, an unrealistic requirement in practice. We address this limitation by formulating a partially observable threat model, where the adversary can exploit only a short prefix of the trajectory to generate a fixed patch applied to all subsequent frames. Under this setting, we propose a two-phase framework. First, we localize the patch using the model’s attention maps to identify visually critical regions that correspond to the full instruction. Then, we optimize the patch to disrupt the semantic grounding of target objects and increase the curvature of action trajectories, thereby compounding failures in both perception and control. Extensive experiments in simulation and real-world robotic environments show that our method sustains strong adversarial effects under partial observability, inducing long-horizon disruptions and significantly reducing task success rates. Codes will be made public upon paper acceptance.

AdvGrasp: Adversarial Attacks on Robotic Grasping from a Physical Perspective Xiaofei Wang, Mingliang Han, Tianyu Hao, Cegang Li, Yunbo Zhao, and Keke Tang In Proceedings of the Thirty-Fourth International Joint Conference on Artificial Intelligence 2025 [Abs] [doi] [pdf]
Adversarial attacks on robotic grasping provide valuable insights into evaluating and improving the robustness of these systems. Unlike studies that focus solely on neural network predictions while overlooking the physical principles of grasping, this paper introduces AdvGrasp, a framework for adversarial attacks on robotic grasping from a physical perspective. Specifically, AdvGrasp targets two core aspects: lift capability, which evaluates the ability to lift objects against gravity, and grasp stability, which assesses resistance to external disturbances. By deforming the object’s shape to increase gravitational torque and reduce stability margin in the wrench space, our method systematically degrades these two key grasping metrics, generating adversarial objects that compromise grasp performance. Extensive experiments across diverse scenarios validate the effectiveness of AdvGrasp, while real-world validations demonstrate its robustness and practical applicability.