{"title":"三维点云分类模型的同志安全对抗噪声","authors":"Taehwa Lee, Soojin Lee, Hyun Kwon","doi":"10.1049/ipr2.70215","DOIUrl":null,"url":null,"abstract":"<p>Deep neural networks (DNNs) are effective across many domains, including text, audio, and image. Recently, DNNs have been used in autonomous driving, robotics, and even drones owing to the increasing utilization of 3D data. However, 3D data point clouds are vulnerable to adversarial examples, much like any other form of data. An adversarial example slightly alters the original sample or adds a small amount of noise, making it appear normal to humans, which results in its misclassification by the models. In this study, we propose a method that can be used to generate a “comrade-secure” adversarial point cloud example. In the proposed method, we subtly adjust the positions of certain points in the point cloud to create an adversarial example. This alteration causes the enemy model to misclassify, while the friendly model remains accurate. We use the ModelNet40 dataset for experimental evaluation and utilize PointNet++ and PointNet, which are representative models to classify 3D point clouds, as friendly and enemy models, respectively. In the experiments, the adversarial point cloud examples generated by the proposed method showed that the friendly model achieved an accuracy of 97.65%, and the enemy model was misclassified with an attack success rate of 99.55%.</p>","PeriodicalId":56303,"journal":{"name":"IET Image Processing","volume":"19 1","pages":""},"PeriodicalIF":2.2000,"publicationDate":"2025-10-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ietresearch.onlinelibrary.wiley.com/doi/epdf/10.1049/ipr2.70215","citationCount":"0","resultStr":"{\"title\":\"Comrade-Secure Adversarial Noise for 3D Point Cloud Classification Model\",\"authors\":\"Taehwa Lee, Soojin Lee, Hyun Kwon\",\"doi\":\"10.1049/ipr2.70215\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<p>Deep neural networks (DNNs) are effective across many domains, including text, audio, and image. Recently, DNNs have been used in autonomous driving, robotics, and even drones owing to the increasing utilization of 3D data. However, 3D data point clouds are vulnerable to adversarial examples, much like any other form of data. An adversarial example slightly alters the original sample or adds a small amount of noise, making it appear normal to humans, which results in its misclassification by the models. In this study, we propose a method that can be used to generate a “comrade-secure” adversarial point cloud example. In the proposed method, we subtly adjust the positions of certain points in the point cloud to create an adversarial example. This alteration causes the enemy model to misclassify, while the friendly model remains accurate. We use the ModelNet40 dataset for experimental evaluation and utilize PointNet++ and PointNet, which are representative models to classify 3D point clouds, as friendly and enemy models, respectively. In the experiments, the adversarial point cloud examples generated by the proposed method showed that the friendly model achieved an accuracy of 97.65%, and the enemy model was misclassified with an attack success rate of 99.55%.</p>\",\"PeriodicalId\":56303,\"journal\":{\"name\":\"IET Image Processing\",\"volume\":\"19 1\",\"pages\":\"\"},\"PeriodicalIF\":2.2000,\"publicationDate\":\"2025-10-06\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"https://ietresearch.onlinelibrary.wiley.com/doi/epdf/10.1049/ipr2.70215\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IET Image Processing\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://ietresearch.onlinelibrary.wiley.com/doi/10.1049/ipr2.70215\",\"RegionNum\":4,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q3\",\"JCRName\":\"COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IET Image Processing","FirstCategoryId":"94","ListUrlMain":"https://ietresearch.onlinelibrary.wiley.com/doi/10.1049/ipr2.70215","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE","Score":null,"Total":0}
Comrade-Secure Adversarial Noise for 3D Point Cloud Classification Model
Deep neural networks (DNNs) are effective across many domains, including text, audio, and image. Recently, DNNs have been used in autonomous driving, robotics, and even drones owing to the increasing utilization of 3D data. However, 3D data point clouds are vulnerable to adversarial examples, much like any other form of data. An adversarial example slightly alters the original sample or adds a small amount of noise, making it appear normal to humans, which results in its misclassification by the models. In this study, we propose a method that can be used to generate a “comrade-secure” adversarial point cloud example. In the proposed method, we subtly adjust the positions of certain points in the point cloud to create an adversarial example. This alteration causes the enemy model to misclassify, while the friendly model remains accurate. We use the ModelNet40 dataset for experimental evaluation and utilize PointNet++ and PointNet, which are representative models to classify 3D point clouds, as friendly and enemy models, respectively. In the experiments, the adversarial point cloud examples generated by the proposed method showed that the friendly model achieved an accuracy of 97.65%, and the enemy model was misclassified with an attack success rate of 99.55%.
期刊介绍:
The IET Image Processing journal encompasses research areas related to the generation, processing and communication of visual information. The focus of the journal is the coverage of the latest research results in image and video processing, including image generation and display, enhancement and restoration, segmentation, colour and texture analysis, coding and communication, implementations and architectures as well as innovative applications.
Principal topics include:
Generation and Display - Imaging sensors and acquisition systems, illumination, sampling and scanning, quantization, colour reproduction, image rendering, display and printing systems, evaluation of image quality.
Processing and Analysis - Image enhancement, restoration, segmentation, registration, multispectral, colour and texture processing, multiresolution processing and wavelets, morphological operations, stereoscopic and 3-D processing, motion detection and estimation, video and image sequence processing.
Implementations and Architectures - Image and video processing hardware and software, design and construction, architectures and software, neural, adaptive, and fuzzy processing.
Coding and Transmission - Image and video compression and coding, compression standards, noise modelling, visual information networks, streamed video.
Retrieval and Multimedia - Storage of images and video, database design, image retrieval, video annotation and editing, mixed media incorporating visual information, multimedia systems and applications, image and video watermarking, steganography.
Applications - Innovative application of image and video processing technologies to any field, including life sciences, earth sciences, astronomy, document processing and security.
Current Special Issue Call for Papers:
Evolutionary Computation for Image Processing - https://digital-library.theiet.org/files/IET_IPR_CFP_EC.pdf
AI-Powered 3D Vision - https://digital-library.theiet.org/files/IET_IPR_CFP_AIPV.pdf
Multidisciplinary advancement of Imaging Technologies: From Medical Diagnostics and Genomics to Cognitive Machine Vision, and Artificial Intelligence - https://digital-library.theiet.org/files/IET_IPR_CFP_IST.pdf
Deep Learning for 3D Reconstruction - https://digital-library.theiet.org/files/IET_IPR_CFP_DLR.pdf
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
