Papers
Topics
Authors
Recent
Search
2000 character limit reached

One Noise to Rule Them All: Multi-View Adversarial Attacks with Universal Perturbation

Published 2 Apr 2024 in cs.CV and cs.AI | (2404.02287v1)

Abstract: This paper presents a novel universal perturbation method for generating robust multi-view adversarial examples in 3D object recognition. Unlike conventional attacks limited to single views, our approach operates on multiple 2D images, offering a practical and scalable solution for enhancing model scalability and robustness. This generalizable method bridges the gap between 2D perturbations and 3D-like attack capabilities, making it suitable for real-world applications. Existing adversarial attacks may become ineffective when images undergo transformations like changes in lighting, camera position, or natural deformations. We address this challenge by crafting a single universal noise perturbation applicable to various object views. Experiments on diverse rendered 3D objects demonstrate the effectiveness of our approach. The universal perturbation successfully identified a single adversarial noise for each given set of 3D object renders from multiple poses and viewpoints. Compared to single-view attacks, our universal attacks lower classification confidence across multiple viewing angles, especially at low noise levels. A sample implementation is made available at https://github.com/memoatwit/UniversalPerturbation.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (30)
  1. Maksym Andriushchenko and Nicolas Flammarion. 2020. Understanding and improving fast adversarial training. Advances in Neural Information Processing Systems 33 (2020), 16048–16059.
  2. Frugal following: Power thrifty object detection and tracking for mobile augmented reality. In Proceedings of the 17th Conference on Embedded Networked Sensor Systems. 96–109.
  3. Alex Bes. 2017. Worn Baseball Ball. https://sketchfab.com/3d-models/worn-baseball-ball-fdf3de6ae225421ea78961b897b9608a Last accessed 10 February 2024.
  4. Nicholas Carlini and David Wagner. 2017. Towards Evaluating the Robustness of Neural Networks. arXiv:1608.04644 [cs.CR]
  5. dannyboy70000. 2014. lemon 3D Model. https://free3d.com/3d-model/lemon-72357.html Last accessed 10 February 2024.
  6. Imagenet: A large-scale hierarchical image database. In 2009 IEEE conference on computer vision and pattern recognition. Ieee, 248–255.
  7. Boosting Adversarial Attacks with Momentum. arXiv:1710.06081 [cs.LG]
  8. Learning visual feature spaces for robotic manipulation with deep spatial autoencoders. arXiv preprint arXiv:1509.06113 25 (2015), 2.
  9. GetDeadEntertainment. 2020. Medieval Shovel. https://www.turbosquid.com/3d-models/medieval-shovel-3d-model-1494436 Last accessed 10 February 2024.
  10. Explaining and Harnessing Adversarial Examples. arXiv:1412.6572 [stat.ML]
  11. Object recognition and robot grasping: A deep learning based approach. In The 34th Annual Conference of the Robotics Society of Japan (RSJ 2016), Yamagata, Japan.
  12. 3-D deformable object manipulation using deep neural networks. IEEE Robotics and Automation Letters 4, 4 (2019), 4255–4261.
  13. Roman Klokov and Victor Lempitsky. 2017. Escape from cells: Deep kd-networks for the recognition of 3d point cloud models. In Proceedings of the IEEE international conference on computer vision. 863–872.
  14. Adversarial examples in the physical world. arXiv:1607.02533 [cs.CV]
  15. Truc Le and Ye Duan. 2018. Pointgrid: A deep network for 3d shape understanding. In Proceedings of the IEEE conference on computer vision and pattern recognition. 9204–9214.
  16. Stereo r-cnn based 3d object detection for autonomous driving. In Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition. 7644–7652.
  17. Object detection in the context of mobile augmented reality. In 2020 IEEE International Symposium on Mixed and Augmented Reality (ISMAR). IEEE, 156–163.
  18. Nesterov Accelerated Gradient and Scale Invariance for Adversarial Attacks. arXiv:1908.06281 [cs.LG]
  19. Edge assisted real-time object detection for mobile augmented reality. In The 25th annual international conference on mobile computing and networking. 1–16.
  20. Entangling metropolitan-distance separated quantum memories. arXiv preprint arXiv:2201.11953 (2022).
  21. Towards deep learning models resistant to adversarial attacks. arXiv preprint arXiv:1706.06083 (2017).
  22. mitsui. 2020. table 3D Model. https://free3d.com/3d-model/table-747735.html Last accessed 10 February 2024.
  23. Pointnet: Deep learning on point sets for 3d classification and segmentation. In Proceedings of the IEEE conference on computer vision and pattern recognition. 652–660.
  24. Multi-object detection and tracking, based on DNN, for autonomous vehicles: A review. IEEE Sensors Journal 21, 5 (2020), 5668–5677.
  25. Adversarial attacks and defenses in deep learning. Engineering 6, 3 (2020), 346–360.
  26. selfie 3D scan. 2019. Tractor. https://sketchfab.com/3d-models/tractor-1b258bcc01bf4ed0935ef73e80442c30 Last accessed 10 February 2024.
  27. Intriguing properties of neural networks. arXiv preprint arXiv:1312.6199 (2013).
  28. NormalNet: A voxel-based CNN for 3D object classification and retrieval. Neurocomputing 323 (2019), 139–147.
  29. DNN based camera and LiDAR fusion framework for 3D object recognition. In Journal of Physics: Conference Series, Vol. 1518. IOP Publishing, 012044.
  30. Toward real-time 3D object recognition: A lightweight volumetric CNN framework using multitask learning. Computers & Graphics 71 (2018), 199–207.
Citations (2)
View on Semantic Scholar

Summary

No one has generated a summary of this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Sign Up to Summarize

Paper to Video (Beta)

Whiteboard

No one has generated a whiteboard explanation for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Sign Up to Generate

Open Problems

We haven't generated a list of open problems mentioned in this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Generate Now

Continue Learning

We haven't generated follow-up questions for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Generate Now

Collections

Sign up for free to add this paper to one or more collections.

User Circle Single Streamline Icon: https://streamlinehq.com Sign Up