SoK: Security of the Image Processing Pipeline in Autonomous Vehicles
- URL: http://arxiv.org/abs/2409.01234v1
- Date: Mon, 2 Sep 2024 13:10:53 GMT
- Title: SoK: Security of the Image Processing Pipeline in Autonomous Vehicles
- Authors: Michael Kühr, Mohammad Hamad, Pedram MohajerAnsari, Mert D. Pesé, Sebastian Steinhorst,
- Abstract summary: We combine security and robustness research for the image processing pipeline in autonomous vehicles.
We classify the risk of attacks using the automotive security standard ISO 21434.
We present an embedded testbed that can influence various parameters across all layers.
- Score: 1.648591296466459
- License: http://creativecommons.org/licenses/by/4.0/
- Abstract: Cameras are crucial sensors for autonomous vehicles. They capture images that are essential for many safety-critical tasks, including perception. To process these images, a complex pipeline with multiple layers is used. Security attacks on this pipeline can severely affect passenger safety and system performance. However, many attacks overlook different layers of the pipeline, and their feasibility and impact vary. While there has been research to improve the quality and robustness of the image processing pipeline, these efforts often work in parallel with security research, without much awareness of their potential synergy. In this work, we aim to bridge this gap by combining security and robustness research for the image processing pipeline in autonomous vehicles. We classify the risk of attacks using the automotive security standard ISO 21434, emphasizing the need to consider all layers for overall system security. We also demonstrate how existing robustness research can help mitigate the impact of attacks, addressing the current research gap. Finally, we present an embedded testbed that can influence various parameters across all layers, allowing researchers to analyze the effects of different defense strategies and attack impacts. We demonstrate the importance of such a test environment through a use-case analysis and show how blinding attacks can be mitigated using HDR imaging as an example of robustness-related research.
Related papers
- Achieving the Safety and Security of the End-to-End AV Pipeline [9.714684348295707]
This paper provides a thorough description of the current state of autonomous vehicle (AV) safety and security research.
We provide sections for the primary research questions that concern this research area, including AV surveillance, sensor system reliability, security of the AV stack, algorithmic robustness, and safe environment interaction.
At the conclusion of each section, we propose future research questions that still lack conclusive answers.
arXiv Detail & Related papers (2024-09-05T20:14:22Z) - Modeling Electromagnetic Signal Injection Attacks on Camera-based Smart Systems: Applications and Mitigation [18.909937495767313]
electromagnetic waves pose a threat to safety- or security-critical systems.
Such attacks enable attackers to manipulate the images remotely, leading to incorrect AI decisions.
We present a pilot study on adversarial training to improve their robustness against attacks.
arXiv Detail & Related papers (2024-08-09T15:33:28Z) - Work-in-Progress: Crash Course: Can (Under Attack) Autonomous Driving Beat Human Drivers? [60.51287814584477]
This paper evaluates the inherent risks in autonomous driving by examining the current landscape of AVs.
We develop specific claims highlighting the delicate balance between the advantages of AVs and potential security challenges in real-world scenarios.
arXiv Detail & Related papers (2024-05-14T09:42:21Z) - The Last Decade in Review: Tracing the Evolution of Safety Assurance
Cases through a Comprehensive Bibliometric Analysis [7.431812376079826]
Safety assurance is of paramount importance across various domains, including automotive, aerospace, and nuclear energy.
The use of safety assurance cases allows for verifying the correctness of the created systems capabilities, preventing system failure.
arXiv Detail & Related papers (2023-11-13T17:34:23Z) - Securing Visually-Aware Recommender Systems: An Adversarial Image
Reconstruction and Detection Framework [41.680028677031316]
Visually-aware recommendation systems ( VARS) are vulnerable to item-image adversarial attacks.
In this paper, we propose an adversarial image reconstruction and detection framework to secure VARS.
Our proposed method can simultaneously (1) secure VARS from adversarial attacks characterized by local perturbations by image reconstruction based on global vision transformers; and (2) accurately detect adversarial examples using a novel contrastive learning approach.
arXiv Detail & Related papers (2023-06-11T19:59:35Z) - Self-supervised Interest Point Detection and Description for Fisheye and
Perspective Images [7.451395029642832]
Keypoint detection and matching is a fundamental task in many computer vision problems.
In this work, we focus on the case when this is caused by the geometry of the cameras used for image acquisition.
We build on a state-of-the-art approach and derive a self-supervised procedure that enables training an interest point detector and descriptor network.
arXiv Detail & Related papers (2023-06-02T22:39:33Z) - Camera-Radar Perception for Autonomous Vehicles and ADAS: Concepts,
Datasets and Metrics [77.34726150561087]
This work aims to carry out a study on the current scenario of camera and radar-based perception for ADAS and autonomous vehicles.
Concepts and characteristics related to both sensors, as well as to their fusion, are presented.
We give an overview of the Deep Learning-based detection and segmentation tasks, and the main datasets, metrics, challenges, and open questions in vehicle perception.
arXiv Detail & Related papers (2023-03-08T00:48:32Z) - Physical Adversarial Attack meets Computer Vision: A Decade Survey [57.46379460600939]
This paper presents a comprehensive overview of physical adversarial attacks.
We take the first step to systematically evaluate the performance of physical adversarial attacks.
Our proposed evaluation metric, hiPAA, comprises six perspectives.
arXiv Detail & Related papers (2022-09-30T01:59:53Z) - Adversarially-Aware Robust Object Detector [85.10894272034135]
We propose a Robust Detector (RobustDet) based on adversarially-aware convolution to disentangle gradients for model learning on clean and adversarial images.
Our model effectively disentangles gradients and significantly enhances the detection robustness with maintaining the detection ability on clean images.
arXiv Detail & Related papers (2022-07-13T13:59:59Z) - Deep Image Destruction: A Comprehensive Study on Vulnerability of Deep
Image-to-Image Models against Adversarial Attacks [104.8737334237993]
We present comprehensive investigations into the vulnerability of deep image-to-image models to adversarial attacks.
For five popular image-to-image tasks, 16 deep models are analyzed from various standpoints.
We show that unlike in image classification tasks, the performance degradation on image-to-image tasks can largely differ depending on various factors.
arXiv Detail & Related papers (2021-04-30T14:20:33Z) - Exploring Adversarial Robustness of Multi-Sensor Perception Systems in
Self Driving [87.3492357041748]
In this paper, we showcase practical susceptibilities of multi-sensor detection by placing an adversarial object on top of a host vehicle.
Our experiments demonstrate that successful attacks are primarily caused by easily corrupted image features.
Towards more robust multi-modal perception systems, we show that adversarial training with feature denoising can boost robustness to such attacks significantly.
arXiv Detail & Related papers (2021-01-17T21:15:34Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.