# Robustness of 3D Deep Learning in an Adversarial Setting

**Authors:** Matthew Wicker, Marta Kwiatkowska

arXiv: 1904.00923 · 2019-04-02

## TL;DR

This paper investigates the robustness of 3D deep learning models against adversarial occlusion attacks, revealing significant vulnerabilities that challenge their deployment in safety-critical applications.

## Contribution

It introduces a novel algorithm for analyzing pointwise robustness of 3D neural networks and demonstrates their overestimated resilience and vulnerability to occlusion attacks.

## Key findings

- Current models are less robust than previously thought.
- Networks can be completely fooled with minimal occlusion.
- Vulnerability to occlusion attacks is significant at just 6.5% input occlusion.

## Abstract

Understanding the spatial arrangement and nature of real-world objects is of paramount importance to many complex engineering tasks, including autonomous navigation. Deep learning has revolutionized state-of-the-art performance for tasks in 3D environments; however, relatively little is known about the robustness of these approaches in an adversarial setting. The lack of comprehensive analysis makes it difficult to justify deployment of 3D deep learning models in real-world, safety-critical applications. In this work, we develop an algorithm for analysis of pointwise robustness of neural networks that operate on 3D data. We show that current approaches presented for understanding the resilience of state-of-the-art models vastly overestimate their robustness. We then use our algorithm to evaluate an array of state-of-the-art models in order to demonstrate their vulnerability to occlusion attacks. We show that, in the worst case, these networks can be reduced to 0% classification accuracy after the occlusion of at most 6.5% of the occupied input space.

## Full text

_Full body text omitted from this summary view._ Fetch the complete paper as Markdown: https://tomesphere.com/paper/1904.00923/full.md

## Figures

8 figures with captions in the complete paper: https://tomesphere.com/paper/1904.00923/full.md

## References

31 references — full list in the complete paper: https://tomesphere.com/paper/1904.00923/full.md

---
Source: https://tomesphere.com/paper/1904.00923