Loading web-font TeX/Math/Italic
Self-Supervised Adversarial Training of Monocular Depth Estimation Against Physical-World Attacks | IEEE Journals & Magazine | IEEE Xplore
Access provided by:
MIT Libraries
Sign Out
Access provided by:
MIT Libraries
Sign Out
ADVANCED SEARCH
Journals & Magazines >IEEE Transactions on Pattern ... >Volume: 46 Issue: 12

Self-Supervised Adversarial Training of Monocular Depth Estimation Against Physical-World Attacks

PDF
Zhiyuan Cheng; Cheng Han; James Liang; Qifan Wang; Xiangyu Zhang; Dongfang Liu
All Authors

Abstract:

Monocular Depth Estimation (MDE) plays a vital role in applications such as autonomous driving. However, various attacks target MDE models, with physical attacks posing s...Show More

Metadata

Abstract:

Monocular Depth Estimation (MDE) plays a vital role in applications such as autonomous driving. However, various attacks target MDE models, with physical attacks posing significant threats to system security. Traditional adversarial training methods, which require ground-truth labels, are not directly applicable to MDE models that lack ground-truth depth. Some self-supervised model hardening techniques (e.g., contrastive learning) overlook the domain knowledge of MDE, resulting in suboptimal performance. In this work, we introduce a novel self-supervised adversarial training approach for MDE models, leveraging view synthesis without the need for ground-truth depth. We enhance adversarial robustness against real-world attacks by incorporating L_{0}-norm-bounded perturbation during training. We evaluate our method against supervised learning-based and contrastive learning-based approaches specifically designed for MDE. Our experiments with two representative MDE networks demonstrate improved robustness against various adversarial attacks, with minimal impact on benign performance.
Published in: IEEE Transactions on Pattern Analysis and Machine Intelligence ( Volume: 46, Issue: 12, December 2024)
Page(s): 9084 - 9101
Date of Publication: 17 June 2024

ISSN Information:

PubMed ID: 38885107
DOI: 10.1109/TPAMI.2024.3412632

Funding Agency:

Contents

I. Introduction

Monocular Depth Estimation (MDE) is a deep neural network (DNN)-based task that estimates depth from a single image, allowing for 2D-to-3D projection by predicting the distance for each pixel in a 2D image [2]. This makes it a cost-effective alternative to pricey Lidar sensors. Applications of MDE are vast, including autonomous driving [3], visual SLAM [4], and visual relocalization [5], etc. Specifically, self-supervised MDE has become increasingly popular in the industry (e.g., Tesla Autopilot [3]) due to its ability to achieve comparable accuracy without requiring ground-truth depth data from Lidar during training. However, due to the known vulnerabilities in DNNs [6], [7], several digital-world [8], [9] and physical-world adversarial attacks [10] has been developed against MDE. These attacks primarily use optimization-based methods to create adversarial input that deceive the MDE models. Given the significance and widespread use of MDE models, these adversarial attacks pose a substantial risk to the security of applications such as autonomous driving. As a result, there is an urgent need to develop and strengthen MDE models against these threats.

Contact IEEE to Subscribe
More Like This
Globally-Optimal Inlier Set Maximisation for Camera Pose and Correspondence Estimation

IEEE Transactions on Pattern Analysis and Machine Intelligence

Published: 2020

Learning Camera Viewpoint Using CNN to Improve 3D Body Pose Estimation

2016 Fourth International Conference on 3D Vision (3DV)

Published: 2016

Show More

References

References is not available for this document.

IEEE Account

Purchase Details

Profile Information

Need Help?

A not-for-profit organization, IEEE is the world's largest technical professional organization dedicated to advancing technology for the benefit of humanity.
© Copyright 2025 IEEE - All rights reserved. Use of this web site signifies your agreement to the terms and conditions.