3D-Adv: Black-Box Physical Adversarial Attacks against Deep Learning Models through 3D Sensors
TimeWednesday, December 8th2:00pm - 2:30pm PST
Event Type
Research Manuscript
Virtual Programs
Presented In-Person
Hardware Security: Attack and Defense
DescriptionThe combination of deep learning techniques and commercial 3D sensors reveals a bright future as it provides a cheap and convenient method to collect and analyze depth information.
We propose a novel adversarial attack against this combination by showing that deep learning models with popular 3D sensors may misclassify real objects in the physical environment. Comparing to the existing attack algorithms against deep learning models developed for 3D data analysis that only consider digital point cloud data and single deep learning model, our attacks target popular commercial 3D sensors combined with various deep learning schemes in the black-box setting.