Synthesizing Robust Physical Camouflage for Universal 3D Evasion Attacks
Abstract:
The rise of deep learning in safety-critical domains like autonomous vehicles and surveillance systems has underscored the urgency of protecting these technologies against adversarial attacks. Physical adversarial attacks, which involve tangible modifications to an object’s appearance, present a practical and significant threat since they can induce misinterpretation of computer vision models. This dissertation demonstrates this critical issue by developing methodologies for generating physical adversarial camouflage and providing comprehensive preliminaries to deepen the understanding of the field.
The research is anchored in two interconnected goals. The first is developing a novel Neural Renderer, addressing the challenge of non-differentiability in legacy 3D simulators. This innovation is crucial for optimizing adversarial textures in a white-box attack framework, enabling the use of accurate and photo-realistic scenes in the optimization pipeline.
The second goal involves formulating two sophisticated frameworks for generating adversarial textures. These frameworks leverage the previously developed Neural Renderer and introduce new loss functions and modules to enhance attack effectiveness. Their aim is to produce universally effective textures across various conditions and models, demonstrating both the versatility and potential threats of such adversarial techniques.
Collectively, this dissertation makes a significant contribution to the field of adversarial machine learning. It not only presents innovative methods for physical adversarial camouflage but also highlights the vulnerabilities in AI systems, emphasizing the urgent need for enhanced AI security in critical applications.
My Related Research
2023
ACTIVE: Towards Highly Transferable 3D Physical Camouflage for Universal and Robust Vehicle Evasion
Naufal Suryanto, Yongsu Kim, Harashta Tatimma Larasati, and 6 more authors
In Proceedings of the IEEE/CVF International Conference on Computer Vision (ICCV), Oct 2023
@inproceedings{Suryanto_2023_ICCV,author={Suryanto, Naufal and Kim, Yongsu and Larasati, Harashta Tatimma and Kang, Hyoeun and Le, Thi-Thu-Huong and Hong, Yoonyoung and Yang, Hunmin and Oh, Se-Yoon and Kim, Howon},title={ACTIVE: Towards Highly Transferable 3D Physical Camouflage for Universal and Robust Vehicle Evasion},booktitle={Proceedings of the IEEE/CVF International Conference on Computer Vision (ICCV)},month=oct,year={2023},pages={4305-4314},}
2022
DTA: Physical Camouflage Attacks Using Differentiable Transformation Network
Naufal Suryanto, Yongsu Kim, Hyoeun Kang, and 6 more authors
In Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR), Jun 2022
@inproceedings{Suryanto_2022_CVPR,author={Suryanto, Naufal and Kim, Yongsu and Kang, Hyoeun and Larasati, Harashta Tatimma and Yun, Youngyeo and Le, Thi-Thu-Huong and Yang, Hunmin and Oh, Se-Yoon and Kim, Howon},title={DTA: Physical Camouflage Attacks Using Differentiable Transformation Network},booktitle={Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR)},month=jun,year={2022},pages={15305-15314},}
2020
A Distributed Black-Box Adversarial Attack Based on Multi-Group Particle Swarm Optimization
Naufal Suryanto, Hyoeun Kang, Yongsu Kim, and 3 more authors
@article{Suryanto_2020_distributed_blackbox,author={Suryanto, Naufal and Kang, Hyoeun and Kim, Yongsu and Yun, Youngyeo and Larasati, Harashta Tatimma and Kim, Howon},title={A Distributed Black-Box Adversarial Attack Based on Multi-Group Particle Swarm Optimization},journal={Sensors},volume={20},month=dec,year={2020},number={24},article-number={7158},url={https://www.mdpi.com/1424-8220/20/24/7158},pubmedid={33327453},issn={1424-8220},doi={10.3390/s20247158},}
