Generating Adversarial Surfaces via Band-Limited Perturbations

dc.contributor.authorMariani, Giorgioen_US
dc.contributor.authorCosmo, Lucaen_US
dc.contributor.authorBronstein, Alex M.en_US
dc.contributor.authorRodolĂ , Emanueleen_US
dc.contributor.editorJacobson, Alec and Huang, Qixingen_US
dc.date.accessioned2020-07-05T13:26:23Z
dc.date.available2020-07-05T13:26:23Z
dc.date.issued2020
dc.description.abstractAdversarial attacks have demonstrated remarkable efficacy in altering the output of a learning model by applying a minimal perturbation to the input data. While increasing attention has been placed on the image domain, however, the study of adversarial perturbations for geometric data has been notably lagging behind. In this paper, we show that effective adversarial attacks can be concocted for surfaces embedded in 3D, under weak smoothness assumptions on the perceptibility of the attack. We address the case of deformable 3D shapes in particular, and introduce a general model that is not tailored to any specific surface representation, nor does it assume access to a parametric description of the 3D object. In this context, we consider targeted and untargeted variants of the attack, demonstrating compelling results in either case. We further show how discovering adversarial examples, and then using them for adversarial training, leads to an increase in both robustness and accuracy. Our findings are confirmed empirically over multiple datasets spanning different semantic classes and deformations.en_US
dc.description.number5
dc.description.sectionheadersMachine Learning and Analysis
dc.description.seriesinformationComputer Graphics Forum
dc.description.volume39
dc.identifier.doi10.1111/cgf.14083
dc.identifier.issn1467-8659
dc.identifier.pages253-264
dc.identifier.urihttps://doi.org/10.1111/cgf.14083
dc.identifier.urihttps://diglib.eg.org:443/handle/10.1111/cgf14083
dc.publisherThe Eurographics Association and John Wiley & Sons Ltd.en_US
dc.rightsAttribution 4.0 International License
dc.rights.urihttps://creativecommons.org/licenses/by/4.0/
dc.subjectComputing methodologies
dc.subjectAdversarial learning
dc.subjectShape analysis
dc.titleGenerating Adversarial Surfaces via Band-Limited Perturbationsen_US
Files
Original bundle
Now showing 1 - 1 of 1
Loading...
Thumbnail Image
Name:
v39i5pp253-264.pdf
Size:
8.49 MB
Format:
Adobe Portable Document Format
Collections