Defense-PointNet: Protecting PointNet Against Adversarial Attacks

Yu Zhang; Gongbo Liang; Tawfiq Salem; Nathan Jacobs

doi:10.1109/BigData47090.2019.9006307

Defense-PointNet: Protecting PointNet Against Adversarial Attacks

Yu Zhang, Gongbo Liang, Tawfiq Salem, Nathan Jacobs

Computer Science

Producción científica: Conference contribution › revisión exhaustiva

35 Citas (Scopus)

Resumen

Despite remarkable performance across a broad range of tasks, neural networks have been shown to be vulnerable to adversarial attacks. Many works focus on adversarial attacks and defenses on 2D images, but few focus on 3D point clouds. In this paper, our goal is to enhance the adversarial robustness of PointNet, which is one of the most widely used models for 3D point clouds. We apply the fast gradient sign attack method (FGSM) on 3D point clouds and find that FGSM can be used to generate not only adversarial images but also adversarial point clouds. To minimize the vulnerability of PointNet to adversarial attacks, we propose Defense-PointNet. We compare our model with two baseline approaches and show that Defense-PointNet significantly improves the robustness of the network against adversarial samples.

Idioma original	English
Título de la publicación alojada	Proceedings - 2019 IEEE International Conference on Big Data, Big Data 2019
Editores	Chaitanya Baru, Jun Huan, Latifur Khan, Xiaohua Tony Hu, Ronay Ak, Yuanyuan Tian, Roger Barga, Carlo Zaniolo, Kisung Lee, Yanfang Fanny Ye
Páginas	5654-5660
Número de páginas	7
ISBN (versión digital)	9781728108582
DOI	https://doi.org/10.1109/BigData47090.2019.9006307
Estado	Published - dic 2019
Evento	2019 IEEE International Conference on Big Data, Big Data 2019 - Los Angeles, United States Duración: dic 9 2019 → dic 12 2019

Serie de la publicación

Nombre	Proceedings - 2019 IEEE International Conference on Big Data, Big Data 2019

Conference

Conference	2019 IEEE International Conference on Big Data, Big Data 2019
País/Territorio	United States
Ciudad	Los Angeles
Período	12/9/19 → 12/12/19

Nota bibliográfica

Publisher Copyright:
© 2019 IEEE.

Financiación

We gratefully acknowledge the support of NSF CAREER (IIS-1553116).

Financiadores	Número del financiador
National Science Foundation Arctic Social Science Program	1553116, IIS-1553116

ASJC Scopus subject areas

Artificial Intelligence
Computer Networks and Communications
Information Systems
Information Systems and Management

Acceder al documento

10.1109/BigData47090.2019.9006307

Otros archivos y enlaces

Citar esto

Zhang, Y., Liang, G., Salem, T., & Jacobs, N. (2019). Defense-PointNet: Protecting PointNet Against Adversarial Attacks. En C. Baru, J. Huan, L. Khan, X. T. Hu, R. Ak, Y. Tian, R. Barga, C. Zaniolo, K. Lee, & Y. F. Ye (Eds.), Proceedings - 2019 IEEE International Conference on Big Data, Big Data 2019 (pp. 5654-5660). Artículo 9006307 (Proceedings - 2019 IEEE International Conference on Big Data, Big Data 2019). https://doi.org/10.1109/BigData47090.2019.9006307

Zhang, Yu ; Liang, Gongbo ; Salem, Tawfiq et al. / Defense-PointNet : Protecting PointNet Against Adversarial Attacks. Proceedings - 2019 IEEE International Conference on Big Data, Big Data 2019. editor / Chaitanya Baru ; Jun Huan ; Latifur Khan ; Xiaohua Tony Hu ; Ronay Ak ; Yuanyuan Tian ; Roger Barga ; Carlo Zaniolo ; Kisung Lee ; Yanfang Fanny Ye. 2019. pp. 5654-5660 (Proceedings - 2019 IEEE International Conference on Big Data, Big Data 2019).

@inproceedings{0c00719a523f4cdb9f51394a937ea23e,

title = "Defense-PointNet: Protecting PointNet Against Adversarial Attacks",

abstract = "Despite remarkable performance across a broad range of tasks, neural networks have been shown to be vulnerable to adversarial attacks. Many works focus on adversarial attacks and defenses on 2D images, but few focus on 3D point clouds. In this paper, our goal is to enhance the adversarial robustness of PointNet, which is one of the most widely used models for 3D point clouds. We apply the fast gradient sign attack method (FGSM) on 3D point clouds and find that FGSM can be used to generate not only adversarial images but also adversarial point clouds. To minimize the vulnerability of PointNet to adversarial attacks, we propose Defense-PointNet. We compare our model with two baseline approaches and show that Defense-PointNet significantly improves the robustness of the network against adversarial samples.",

keywords = "adversarial attack, defensive network, point cloud, pointnet",

author = "Yu Zhang and Gongbo Liang and Tawfiq Salem and Nathan Jacobs",

note = "Publisher Copyright: {\textcopyright} 2019 IEEE.; 2019 IEEE International Conference on Big Data, Big Data 2019 ; Conference date: 09-12-2019 Through 12-12-2019",

year = "2019",

month = dec,

doi = "10.1109/BigData47090.2019.9006307",

language = "English",

series = "Proceedings - 2019 IEEE International Conference on Big Data, Big Data 2019",

pages = "5654--5660",

editor = "Chaitanya Baru and Jun Huan and Latifur Khan and Hu, \{Xiaohua Tony\} and Ronay Ak and Yuanyuan Tian and Roger Barga and Carlo Zaniolo and Kisung Lee and Ye, \{Yanfang Fanny\}",

booktitle = "Proceedings - 2019 IEEE International Conference on Big Data, Big Data 2019",

}

Zhang, Y, Liang, G, Salem, T & Jacobs, N 2019, Defense-PointNet: Protecting PointNet Against Adversarial Attacks. En C Baru, J Huan, L Khan, XT Hu, R Ak, Y Tian, R Barga, C Zaniolo, K Lee & YF Ye (eds.), Proceedings - 2019 IEEE International Conference on Big Data, Big Data 2019., 9006307, Proceedings - 2019 IEEE International Conference on Big Data, Big Data 2019, pp. 5654-5660, 2019 IEEE International Conference on Big Data, Big Data 2019, Los Angeles, United States, 12/9/19. https://doi.org/10.1109/BigData47090.2019.9006307

Defense-PointNet: Protecting PointNet Against Adversarial Attacks. / Zhang, Yu; Liang, Gongbo; Salem, Tawfiq et al.
Proceedings - 2019 IEEE International Conference on Big Data, Big Data 2019. ed. / Chaitanya Baru; Jun Huan; Latifur Khan; Xiaohua Tony Hu; Ronay Ak; Yuanyuan Tian; Roger Barga; Carlo Zaniolo; Kisung Lee; Yanfang Fanny Ye. 2019. p. 5654-5660 9006307 (Proceedings - 2019 IEEE International Conference on Big Data, Big Data 2019).

Producción científica: Conference contribution › revisión exhaustiva

TY - GEN

T1 - Defense-PointNet

T2 - 2019 IEEE International Conference on Big Data, Big Data 2019

AU - Zhang, Yu

AU - Liang, Gongbo

AU - Salem, Tawfiq

AU - Jacobs, Nathan

PY - 2019/12

Y1 - 2019/12

N2 - Despite remarkable performance across a broad range of tasks, neural networks have been shown to be vulnerable to adversarial attacks. Many works focus on adversarial attacks and defenses on 2D images, but few focus on 3D point clouds. In this paper, our goal is to enhance the adversarial robustness of PointNet, which is one of the most widely used models for 3D point clouds. We apply the fast gradient sign attack method (FGSM) on 3D point clouds and find that FGSM can be used to generate not only adversarial images but also adversarial point clouds. To minimize the vulnerability of PointNet to adversarial attacks, we propose Defense-PointNet. We compare our model with two baseline approaches and show that Defense-PointNet significantly improves the robustness of the network against adversarial samples.

AB - Despite remarkable performance across a broad range of tasks, neural networks have been shown to be vulnerable to adversarial attacks. Many works focus on adversarial attacks and defenses on 2D images, but few focus on 3D point clouds. In this paper, our goal is to enhance the adversarial robustness of PointNet, which is one of the most widely used models for 3D point clouds. We apply the fast gradient sign attack method (FGSM) on 3D point clouds and find that FGSM can be used to generate not only adversarial images but also adversarial point clouds. To minimize the vulnerability of PointNet to adversarial attacks, we propose Defense-PointNet. We compare our model with two baseline approaches and show that Defense-PointNet significantly improves the robustness of the network against adversarial samples.

KW - adversarial attack

KW - defensive network

KW - point cloud

KW - pointnet

UR - http://www.scopus.com/inward/record.url?scp=85081400708&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85081400708&partnerID=8YFLogxK

U2 - 10.1109/BigData47090.2019.9006307

DO - 10.1109/BigData47090.2019.9006307

M3 - Conference contribution

AN - SCOPUS:85081400708

T3 - Proceedings - 2019 IEEE International Conference on Big Data, Big Data 2019

SP - 5654

EP - 5660

BT - Proceedings - 2019 IEEE International Conference on Big Data, Big Data 2019

A2 - Baru, Chaitanya

A2 - Huan, Jun

A2 - Khan, Latifur

A2 - Hu, Xiaohua Tony

A2 - Ak, Ronay

A2 - Tian, Yuanyuan

A2 - Barga, Roger

A2 - Zaniolo, Carlo

A2 - Lee, Kisung

A2 - Ye, Yanfang Fanny

Y2 - 9 December 2019 through 12 December 2019

ER -

Zhang Y, Liang G, Salem T, Jacobs N. Defense-PointNet: Protecting PointNet Against Adversarial Attacks. En Baru C, Huan J, Khan L, Hu XT, Ak R, Tian Y, Barga R, Zaniolo C, Lee K, Ye YF, editores, Proceedings - 2019 IEEE International Conference on Big Data, Big Data 2019. 2019. p. 5654-5660. 9006307. (Proceedings - 2019 IEEE International Conference on Big Data, Big Data 2019). doi: 10.1109/BigData47090.2019.9006307

Defense-PointNet: Protecting PointNet Against Adversarial Attacks

Resumen

Serie de la publicación

Conference

Nota bibliográfica

Financiación

ASJC Scopus subject areas

Acceder al documento

Otros archivos y enlaces

Huella

Citar esto