Improving Adversarial Robustness of 3D Point Cloud Classification Models
Abstract
3D point cloud classification models based on deep neural networks were proven to be vulnerable to adversarial examples, with a quantity of novel attack techniques proposed by researchers recently. It is of paramount importance to preserve the robustness of 3D models under adversarial environments, considering their broad application in safety- and security-critical tasks. Unfortunately, existing defenses are not general enough to satisfactorily mitigate all types of attacks. In this paper, we design two innovative methodologies to improve the adversarial robustness of 3D point cloud classification models. (1) We introduce CCN, a novel point cloud architecture which can smooth and disrupt the adversarial perturbations. (2) We propose AMS, a novel data augmentation strategy to adaptively balance the model usability and robustness. Extensive evaluations indicate the integration of the two techniques provides much more robustness than existing defense solutions for 3D classification models. Our code can be found in https://github.com/GuanlinLee/CCNAMS.
Cite
Text
Li et al. "Improving Adversarial Robustness of 3D Point Cloud Classification Models." Proceedings of the European Conference on Computer Vision (ECCV), 2022. doi:10.1007/978-3-031-19772-7_39Markdown
[Li et al. "Improving Adversarial Robustness of 3D Point Cloud Classification Models." Proceedings of the European Conference on Computer Vision (ECCV), 2022.](https://mlanthology.org/eccv/2022/li2022eccv-improving/) doi:10.1007/978-3-031-19772-7_39BibTeX
@inproceedings{li2022eccv-improving,
title = {{Improving Adversarial Robustness of 3D Point Cloud Classification Models}},
author = {Li, Guanlin and Xu, Guowen and Qiu, Han and He, Ruan and Li, Jiwei and Zhang, Tianwei},
booktitle = {Proceedings of the European Conference on Computer Vision (ECCV)},
year = {2022},
doi = {10.1007/978-3-031-19772-7_39},
url = {https://mlanthology.org/eccv/2022/li2022eccv-improving/}
}