StealthAttack: Robust 3D Gaussian Splatting Poisoning via Density-Guided Illusions
This addresses security risks in 3D scene representation methods for applications like novel view synthesis, though it is incremental as it builds on existing poisoning attack frameworks.
The paper tackles the vulnerability of 3D Gaussian Splatting to poisoning attacks by proposing a density-guided method that injects Gaussian points into low-density regions, embedding viewpoint-dependent illusory objects visible from poisoned views while minimally affecting innocent views, with experiments showing superior performance over state-of-the-art techniques.
3D scene representation methods like Neural Radiance Fields (NeRF) and 3D Gaussian Splatting (3DGS) have significantly advanced novel view synthesis. As these methods become prevalent, addressing their vulnerabilities becomes critical. We analyze 3DGS robustness against image-level poisoning attacks and propose a novel density-guided poisoning method. Our method strategically injects Gaussian points into low-density regions identified via Kernel Density Estimation (KDE), embedding viewpoint-dependent illusory objects clearly visible from poisoned views while minimally affecting innocent views. Additionally, we introduce an adaptive noise strategy to disrupt multi-view consistency, further enhancing attack effectiveness. We propose a KDE-based evaluation protocol to assess attack difficulty systematically, enabling objective benchmarking for future research. Extensive experiments demonstrate our method's superior performance compared to state-of-the-art techniques. Project page: https://hentci.github.io/stealthattack/