人工智能培训

搜索

人工智能论文:将对抗性攻击和防御扩展到深度3D点云分类器(Extending Adversarial Attacks and Defenses to Deep

[复制链接]
zwb521 发表于 2019-1-11 10:47:47 | 显示全部楼层 |阅读模式
zwb521 2019-1-11 10:47:47 183 0 显示全部楼层
人工智能论文:将对抗性攻击和防御扩展到深度3D点云分类器(Extending Adversarial Attacks and Defenses to Deep 3D Point Cloud  Classifiers)使用深度神经网络进行3D对象分类和分割已经非常成功。由于识别3D对象的问题具有对安全性至关重要的应用,因此神经网络必须对输入数据集的对抗性改变具有鲁棒性。越来越多的研究产生了人类难以察觉的对抗性攻击,并且防御了二维图像分类领域。然而,3D对象与2D图像有着各种差异,到目前为止还没有对此特定领域进行过严格的研究。我们通过评估白盒和黑盒对抗,对Deep 3D点云分类器(即PointNet和PointNet ++)进行对抗性攻击的初步评估。针对2D图像提出的攻击以及这些攻击以降低3D空间中的扰动的可感知性。我们还通过提出利用3D点云的独特结构的新防御,展示了针对这些攻击的简单防御的高效性。最后,我们试图通过点云和神经网络架构的内在结构来解释防御的有效性。总的来说,我们发现处理3D pointcloud数据的网络对抗对抗攻击很弱,但与2D图像分类器相比,它们也更容易防范。我们的调查将为未来研究提供地面工作,以提高处理3D数据的深度神经网络的鲁棒性。
3D object classification and segmentation using deep neural networks has beenextremely successful.As the problem of identifying 3D objects has manysafety-critical applications, the neural networks have to be robust againstadversarial changes to the input data set.There is a growing body of researchon generating human-imperceptible adversarial attacks and defenses against themin the 2D image classification domain.However, 3D objects have variousdifferences with 2D images, and this specific domain has not been rigorouslystudied so far.We present a preliminary evaluation of adversarial attacks on deep 3D pointcloud classifiers, namely PointNet and PointNet++, by evaluating both white-boxand black-box adversarialattacks that were proposed for 2D images andextending those attacks to reduce the perceptibility of the perturbations in 3Dspace.We also show the high effectiveness of simple defenses against thoseattacks by proposing new defenses that exploit the unique structure of 3D pointclouds.Finally, we attempt to explain the effectiveness of the defensesthrough the intrinsic structures of both the point clouds and the neuralnetwork architectures.Overall, we find that networks that process 3D pointcloud data are weak to adversarial attacks, but they are also more easilydefensible compared to 2D image classifiers.Our investigation will provide thegroundwork for future studies on improving the robustness of deep neuralnetworks that handle 3D data.人工智能论文:将对抗性攻击和防御扩展到深度3D点云分类器(Extending Adversarial Attacks and Defenses to Deep 3D Point Cloud  Classifiers) hZ8YzX0Si9y1Z8bu.jpg
URL地址:https://arxiv.org/abs/1901.03006     ----pdf下载地址:https://arxiv.org/pdf/1901.03006    ----人工智能论文:将对抗性攻击和防御扩展到深度3D点云分类器(Extending Adversarial Attacks and Defenses to Deep 3D Point Cloud  Classifiers)
回复

使用道具 举报

您需要登录后才可以回帖 登录 | 立即注册

本版积分规则 返回列表 发新帖

zwb521当前离线
新手上路

查看:183 | 回复:0

快速回复 返回顶部 返回列表