SSD: A State-based Stealthy Backdoor Attack For Navigation System in UAV Route Planning

• URL: http://arxiv.org/abs/2502.20178v2
• Date: Wed, 12 Mar 2025 10:19:58 GMT
• Title: SSD: A State-based Stealthy Backdoor Attack For Navigation System in UAV Route Planning
• Authors: Zhaoxuan Wang, Yang Li, Jie Zhang, Xingshuo Han, Kangbo Liu, Lyu Yang, yuan Zhou, Tianwei Zhang, Quan Pan,
• Abstract summary: Unmanned aerial vehicles (UAVs) are increasingly employed to perform high-risk tasks.<n>UAVs face escalating cybersecurity threats, particularly from spoofing attacks.
• Score: 22.04239473697645
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: Unmanned aerial vehicles (UAVs) are increasingly employed to perform high-risk tasks that require minimal human intervention. However, UAVs face escalating cybersecurity threats, particularly from GNSS spoofing attacks. While previous studies have extensively investigated the impacts of GNSS spoofing on UAVs, few have focused on its effects on specific tasks. Moreover, the influence of UAV motion states on the assessment of network security risks is often overlooked. To address these gaps, we first provide a detailed evaluation of how motion states affect the effectiveness of network attacks. We demonstrate that nonlinear motion states not only enhance the effectiveness of position spoofing in GNSS spoofing attacks but also reduce the probability of speed-related attack detection. Building upon this, we propose a state-triggered backdoor attack method (SSD) to deceive GNSS systems and assess its risk to trajectory planning tasks. Extensive validation of SSD's effectiveness and stealthiness is conducted. Experimental results show that, with appropriately tuned hyperparameters, SSD significantly increases positioning errors and the risk of task failure, while maintaining 100% stealth across three state-of-the-art detectors.

Related papers

• MELON: Indirect Prompt Injection Defense via Masked Re-execution and Tool Comparison [60.30753230776882]
  LLM agents are vulnerable to indirect prompt injection (IPI) attacks.<n>We present MELON, a novel IPI defense.<n>We show that MELON outperforms SOTA defenses in both attack prevention and utility preservation.
  arXiv  Detail & Related papers  (2025-02-07T18:57:49Z)
• GNSS/GPS Spoofing and Jamming Identification Using Machine Learning and Deep Learning [0.8594140167290099]
  Global Navigation Satellite Systems (GNSS) are vulnerable to malicious threats such as spoofing and jamming.<n>Recent advancements in machine learning and deep learning provide promising avenues for enhancing detection and mitigation strategies.<n>This paper addresses both spoofing and jamming by tackling real-world challenges through machine learning, deep learning, and computer vision techniques.
  arXiv  Detail & Related papers  (2025-01-04T18:14:43Z)
• Stealthy and Robust Backdoor Attack against 3D Point Clouds through Additional Point Features [7.066252856912398]
  3D backdoor attacks have posed a substantial threat to 3D Deep Neural Networks (3D DNNs) designed for 3D point clouds. This paper introduces the Stealthy and Robust Backdoor Attack (SRBA), which ensures robustness and stealthiness through intentional design considerations.
  arXiv  Detail & Related papers  (2024-12-10T13:48:11Z)
• Rethinking Targeted Adversarial Attacks For Neural Machine Translation [56.10484905098989]
  This paper presents a new setting for NMT targeted adversarial attacks that could lead to reliable attacking results. Under the new setting, it then proposes a Targeted Word Gradient adversarial Attack (TWGA) method to craft adversarial examples. Experimental results demonstrate that our proposed setting could provide faithful attacking results for targeted adversarial attacks on NMT systems.
  arXiv  Detail & Related papers  (2024-07-07T10:16:06Z)
• Defense against Joint Poison and Evasion Attacks: A Case Study of DERMS [2.632261166782093]
  We propose the first framework of IDS that is robust against joint poisoning and evasion attacks. We verify the robustness of our method on the IEEE-13 bus feeder model against a diverse set of poisoning and evasion attack scenarios.
  arXiv  Detail & Related papers  (2024-05-05T16:24:30Z)
• Unveiling the Stealthy Threat: Analyzing Slow Drift GPS Spoofing Attacks for Autonomous Vehicles in Urban Environments and Enabling the Resilience [4.898754501085215]
  This study explores a stealthy slow drift GPS spoofing attack, replicating the victim AV's satellite reception pattern. The attack is designed to gradually deviate from the correct route, making real-time detection challenging. Changing the pseudo ranges confuses the AV, leading it to incorrect destinations while remaining oblivious to the manipulation.
  arXiv  Detail & Related papers  (2024-01-02T17:36:07Z)
• Adversarial Backdoor Attack by Naturalistic Data Poisoning on Trajectory Prediction in Autonomous Driving [18.72382517467458]
  We propose a novel adversarial backdoor attack against trajectory prediction models. Our attack affects the victim at training time via naturalistic, hence stealthy, poisoned samples crafted using a novel two-step approach. We show that the proposed attack is highly effective, as it can significantly hinder the performance of prediction models.
  arXiv  Detail & Related papers  (2023-06-27T19:15:06Z)
• Adversarial defense for automatic speaker verification by cascaded self-supervised learning models [101.42920161993455]
  More and more malicious attackers attempt to launch adversarial attacks at automatic speaker verification (ASV) systems. We propose a standard and attack-agnostic method based on cascaded self-supervised learning models to purify the adversarial perturbations. Experimental results demonstrate that the proposed method achieves effective defense performance and can successfully counter adversarial attacks.
  arXiv  Detail & Related papers  (2021-02-14T01:56:43Z)
• Measurement-driven Security Analysis of Imperceptible Impersonation Attacks [54.727945432381716]
  We study the exploitability of Deep Neural Network-based Face Recognition systems. We show that factors such as skin color, gender, and age, impact the ability to carry out an attack on a specific target victim. We also study the feasibility of constructing universal attacks that are robust to different poses or views of the attacker's face.
  arXiv  Detail & Related papers  (2020-08-26T19:27:27Z)
• Investigating Robustness of Adversarial Samples Detection for Automatic Speaker Verification [78.51092318750102]
  This work proposes to defend ASV systems against adversarial attacks with a separate detection network. A VGG-like binary classification detector is introduced and demonstrated to be effective on detecting adversarial samples.
  arXiv  Detail & Related papers  (2020-06-11T04:31:56Z)
• Securing of Unmanned Aerial Systems (UAS) against security threats using human immune system [1.2691047660244335]
  An Intrusion Detection System (IDS) has been proposed to protect against the security problems using the human immune system (HIS) The IDSs are used to detect and respond to attempts to compromise the target system.
  arXiv  Detail & Related papers  (2020-03-01T19:05:16Z)
• Adversarial vs behavioural-based defensive AI with joint, continual and active learning: automated evaluation of robustness to deception, poisoning and concept drift [62.997667081978825]
  Recent advancements in Artificial Intelligence (AI) have brought new capabilities to behavioural analysis (UEBA) for cyber-security. In this paper, we present a solution to effectively mitigate this attack by improving the detection process and efficiently leveraging human expertise.
  arXiv  Detail & Related papers  (2020-01-13T13:54:36Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.