Enhancing Robustness of Indoor Robotic Navigation with Free-Space Segmentation Models Against Adversarial Attacks
Qiyuan An, Christos Sevastopoulos, Fillia Makedon
TL;DR
This work addresses the vulnerability of indoor free-space segmentation to adversarial perturbations by augmenting traditional adversarial training with an adversarial hidden loss that aligns intermediate representations between clean and perturbed inputs. Implemented on SegFormer, the approach trains on positive free-space data and leverages PGD adversaries, achieving higher mIoU under attack than baselines and standard AT. The findings demonstrate practical robustness gains for indoor robotic navigation, with limitations in scenarios where objects resemble free space and where overly aggressive regularization can degrade performance. The study offers a path toward more reliable perception in real-world indoor robots and suggests future integration with object detection and other defense strategies.
Abstract
Endeavors in indoor robotic navigation rely on the accuracy of segmentation models to identify free space in RGB images. However, deep learning models are vulnerable to adversarial attacks, posing a significant challenge to their real-world deployment. In this study, we identify vulnerabilities within the hidden layers of neural networks and introduce a practical approach to reinforce traditional adversarial training. Our method incorporates a novel distance loss function, minimizing the gap between hidden layers in clean and adversarial images. Experiments demonstrate satisfactory performance in improving the model's robustness against adversarial perturbations.