Generating Semantic Adversarial Examples with Differentiable Rendering

Lakshya Jain; Steven Chen; Wilson Wu; Uyeong Jang; Varun Chandrasekaran; Sanjit Seshia; Somesh Jha

Generating Semantic Adversarial Examples with Differentiable Rendering

Lakshya Jain, Steven Chen, Wilson Wu, Uyeong Jang, Varun Chandrasekaran, Sanjit Seshia, Somesh Jha

25 Sept 2019 (modified: 22 Oct 2023)ICLR 2020 Conference Blind SubmissionReaders: Everyone

Keywords: semantic adversarial examples, inverse graphics, differentiable rendering

TL;DR: Generating Semantic Adversarial Examples with Differentiable Rendering

Abstract: Machine learning (ML) algorithms, especially deep neural networks, have demonstrated success in several domains. However, several types of attacks have raised concerns about deploying ML in safety-critical domains, such as autonomous driving and security. An attacker perturbs a data point slightly in the pixel space and causes the ML algorithm to misclassify (e.g. a perturbed stop sign is classified as a yield sign). These perturbed data points are called adversarial examples, and there are numerous algorithms in the literature for constructing adversarial examples and defending against them. In this paper we explore semantic adversarial examples (SAEs) where an attacker creates perturbations in the semantic space. For example, an attacker can change the background of the image to be cloudier to cause misclassification. We present an algorithm for constructing SAEs that uses recent advances in differential rendering and inverse graphics.

Community Implementations: [![CatalyzeX](/images/catalyzex_icon.svg) 2 code implementations](https://www.catalyzex.com/paper/arxiv:1910.00727/code)

Original Pdf: pdf

7 Replies

Loading