SAAM: Stealthy Adversarial Attack on Monocular Depth Estimation

TL;DR

This paper introduces SAAM, a stealthy adversarial patch that significantly disrupts monocular depth estimation models while remaining inconspicuous, highlighting vulnerabilities and the need for robust defenses.

Contribution

The paper presents a novel stealthy adversarial attack method on monocular depth estimation that effectively causes large depth errors without being visually detectable.

Findings

Achieves 60% depth error with 99% affected region

Patch remains naturalistic and inconspicuous

Demonstrates vulnerability of MDE to stealthy adversarial patches

Abstract

In this paper, we investigate the vulnerability of MDE to adversarial patches. We propose a novel \underline{S}tealthy \underline{A}dversarial \underline{A}ttacks on \underline{M}DE (SAAM) that compromises MDE by either corrupting the estimated distance or causing an object to seamlessly blend into its surroundings. Our experiments, demonstrate that the designed stealthy patch successfully causes a DNN-based MDE to misestimate the depth of objects. In fact, our proposed adversarial patch achieves a significant 60\% depth error with 99\% ratio of the affected region. Importantly, despite its adversarial nature, the patch maintains a naturalistic appearance, making it inconspicuous to human observers. We believe that this work sheds light on the threat of adversarial attacks in the context of MDE on edge devices. We hope it raises awareness within the community about the potential real-life harm of such attacks and encourages further research into developing more robust and adaptive defense mechanisms.