Show simple item record

dc.contributor.authorHamdi, Abdullah
dc.contributor.authorRojas, Sara
dc.contributor.authorThabet, Ali Kassem
dc.contributor.authorGhanem, Bernard
dc.date.accessioned2020-11-04T13:00:15Z
dc.date.available2020-11-04T13:00:15Z
dc.date.issued2020-10-07
dc.identifier.citationHamdi, A., Rojas, S., Thabet, A., & Ghanem, B. (2020). AdvPC: Transferable Adversarial Perturbations on 3D Point Clouds. Lecture Notes in Computer Science, 241–257. doi:10.1007/978-3-030-58610-2_15
dc.identifier.isbn9783030586096
dc.identifier.issn1611-3349
dc.identifier.issn0302-9743
dc.identifier.doi10.1007/978-3-030-58610-2_15
dc.identifier.urihttp://hdl.handle.net/10754/665816
dc.description.abstractDeep neural networks are vulnerable to adversarial attacks, in which imperceptible perturbations to their input lead to erroneous network predictions. This phenomenon has been extensively studied in the image domain, and has only recently been extended to 3D point clouds. In this work, we present novel data-driven adversarial attacks against 3D point cloud networks. We aim to address the following problems in current 3D point cloud adversarial attacks: they do not transfer well between different networks, and they are easy to defend against via simple statistical methods. To this extent, we develop a new point cloud attack (dubbed AdvPC) that exploits the input data distribution by adding an adversarial loss, after Auto-Encoder reconstruction, to the objective it optimizes. AdvPC leads to perturbations that are resilient against current defenses, while remaining highly transferable compared to state-of-the-art attacks. We test AdvPC using four popular point cloud networks: PointNet, PointNet++ (MSG and SSG), and DGCNN. Our proposed attack increases the attack success rate by up to 40% for those transferred to unseen networks (transferability), while maintaining a high success rate on the attacked network. AdvPC also increases the ability to break defenses by up to 38% as compared to other baselines on the ModelNet40 dataset. The code is available at https://github.com/ajhamdi/AdvPC.
dc.description.sponsorshipThis work was supported by the King Abdullah University of Science and Technology (KAUST) Office of Sponsored Research under Award No. RGC/3/3570-01-01.
dc.publisherSpringer Nature
dc.relation.urlhttp://link.springer.com/10.1007/978-3-030-58610-2_15
dc.rightsArchived with thanks to Springer International Publishing
dc.titleAdvPC: Transferable Adversarial Perturbations on 3D Point Clouds
dc.typeConference Paper
dc.contributor.departmentComputer, Electrical and Mathematical Sciences and Engineering (CEMSE) Division
dc.contributor.departmentElectrical Engineering Program
dc.contributor.departmentVCC Analytics Research Group
dc.contributor.departmentVisual Computing Center (VCC)
dc.rights.embargodate2021-10-06
dc.conference.date2020-08-23 to 2020-08-28
dc.conference.name16th European Conference on Computer Vision, ECCV 2020
dc.conference.locationGlasgow, GBR
dc.eprint.versionPost-print
dc.identifier.volume12357 LNCS
dc.identifier.pages241-257
dc.identifier.arxivid1912.00461
kaust.personHamdi, Abdullah
kaust.personRojas, Sara
kaust.personThabet, Ali Kassem
kaust.personGhanem, Bernard
kaust.grant.numberRGC/3/3570-01-01
dc.relation.issupplementedbygithub:ajhamdi/AdvPC
dc.identifier.eid2-s2.0-85093089308
refterms.dateFOA2020-11-05T05:10:08Z
display.relations<b>Is Supplemented By:</b><br/> <ul><li><i>[Software]</i> <br/> Title: ajhamdi/AdvPC: AdvPC: Transferable Adversarial Perturbations on 3D Point Clouds (ECCV 2020). Publication Date: 2019-08-26. github: <a href="https://github.com/ajhamdi/AdvPC" >ajhamdi/AdvPC</a> Handle: <a href="http://hdl.handle.net/10754/668128" >10754/668128</a></a></li></ul>
kaust.acknowledged.supportUnitOffice of Sponsored Research
dc.date.published-online2020-10-07
dc.date.published-print2020
dc.date.posted2019-12-01


Files in this item

Thumbnail
Name:
1912.00461.pdf
Size:
2.674Mb
Format:
PDF
Description:
Accepted manuscript

This item appears in the following Collection(s)

Show simple item record