Vigilante Defender: A Vaccination-based Defense Against Backdoor Attacks on 3D Point Clouds Using Particle Swarm Optimization
Primary Investigator:
Feng Li
Agnideven Palanisamy Sundar, Dr. Feng Li, Dr. Xukai Zou, Dr. Tianchong Gao, Dr. Yucheng Xie, Ryan Hosler.
Abstract
Backdoor attacks, where hidden triggers in training data cause incorrect model predictions, pose significant threats to point cloud (PC) applications. These
stealthy attacks, involving subtle point cloud manipulations, compromise models especially in distributed learning environments where data is pooled for
central training. To counteract this, we introduce a novel 'vaccination' strategy that allows data contributors with only black-box model access to
independently defend against such attacks. By embedding benign 'vaccination' triggers discovered through Particle Swarm Optimization, our method
effectively neutralizes potential backdoors, preserving both the model's integrity and task performance. Tested on standard datasets with common PC
models like PointNet and DGCNN, our experiments show a marked decrease in attack success rates with negligible impact on accuracy.