Related papers: VIMU: Effective Physics-based Realtime Detection and Recovery against Stealthy Attacks on UAVs

VIMU: Effective Physics-based Realtime Detection and Recovery against Stealthy Attacks on UAVs

URL: http://arxiv.org/abs/2504.20569v1
Date: Tue, 29 Apr 2025 09:20:41 GMT
Title: VIMU: Effective Physics-based Realtime Detection and Recovery against Stealthy Attacks on UAVs
Authors: Yunbo Wang, Cong Sun, Qiaosen Liu, Bingnan Su, Zongxu Zhang, Michael Norris, Gang Tan, Jianfeng Ma,
Abstract summary: We present VIMU, an efficient sensor attack detection and resilience system for unmanned aerial vehicles.<n>We propose a detection algorithm, CS-EMA, that leverages low-pass filtering to identify stealthy gyroscope attacks.<n>We also augment the state estimation with a FIFO buffer safeguard to mitigate the impact of high-rate IMU attacks.
Score: 22.51314286850798
License: http://creativecommons.org/licenses/by-nc-sa/4.0/
Abstract: Sensor attacks on robotic vehicles have become pervasive and manipulative. Their latest advancements exploit sensor and detector characteristics to bypass detection. Recent security efforts have leveraged the physics-based model to detect or mitigate sensor attacks. However, these approaches are only resilient to a few sensor attacks and still need improvement in detection effectiveness. We present VIMU, an efficient sensor attack detection and resilience system for unmanned aerial vehicles. We propose a detection algorithm, CS-EMA, that leverages low-pass filtering to identify stealthy gyroscope attacks while achieving an overall effective sensor attack detection. We develop a fine-grained nonlinear physical model with precise aerodynamic and propulsion wrench modeling. We also augment the state estimation with a FIFO buffer safeguard to mitigate the impact of high-rate IMU attacks. The proposed physical model and buffer safeguard provide an effective system state recovery toward maintaining flight stability. We implement VIMU on PX4 autopilot. The evaluation results demonstrate the effectiveness of VIMU in detecting and mitigating various realistic sensor attacks, especially stealthy attacks.

Related papers

Mitigation of Camouflaged Adversarial Attacks in Autonomous Vehicles--A Case Study Using CARLA Simulator [3.1006820631993515]
We develop camera-camouflaged adversarial attacks targeting traffic sign recognition in AVs.<n>The results show that such an attack can delay the auto-braking response to the stop sign, resulting in potential safety issues.<n>The proposed attack and defense methods are applicable to other end-to-end trained autonomous cyber-physical systems.
arXiv Detail & Related papers (2025-02-03T17:30:43Z)
Sensor Deprivation Attacks for Stealthy UAV Manipulation [51.9034385791934]
Unmanned Aerial Vehicles autonomously perform tasks with the use of state-of-the-art control algorithms. In this work, we propose a multi-part. Sensor Deprivation Attacks (SDAs), aiming to stealthily impact. process control via sensor reconfiguration.
arXiv Detail & Related papers (2024-10-14T23:03:58Z)
Experimental Validation of Sensor Fusion-based GNSS Spoofing Attack Detection Framework for Autonomous Vehicles [5.624009710240032]
We present a sensor fusion-based spoofing attack detection framework for Autonomous Vehicles. Experiments are conducted in Tuscaloosa, AL, mimicking urban road structures. Results demonstrate the framework's ability to detect various sophisticated spoofing attacks, even including slow drifting attacks.
arXiv Detail & Related papers (2024-01-02T17:30:46Z)
TPatch: A Triggered Physical Adversarial Patch [19.768494127237393]
We propose TPatch, a physical adversarial patch triggered by acoustic signals. To avoid the suspicion of human drivers, we propose a content-based camouflage method and an attack enhancement method to strengthen it.
arXiv Detail & Related papers (2023-12-30T06:06:01Z)
Spatial-Temporal Anomaly Detection for Sensor Attacks in Autonomous Vehicles [1.7188280334580195]
Time-of-flight (ToF) distance measurement devices are vulnerable to spoofing, triggering and false data injection attacks. We propose a spatial-temporal anomaly detection model textitSTAnDS which incorporates a residual error spatial detector, with a time-based expected change detection.
arXiv Detail & Related papers (2022-12-15T12:21:27Z)
Benchmarking Adversarial Patch Against Aerial Detection [11.591143898488312]
A novel adaptive-patch-based physical attack (AP-PA) framework is proposed. AP-PA generates adversarial patches that are adaptive in both physical dynamics and varying scales. We establish one of the first comprehensive, coherent, and rigorous benchmarks to evaluate the attack efficacy of adversarial patches on aerial detection tasks.
arXiv Detail & Related papers (2022-10-30T07:55:59Z)
Illusory Attacks: Information-Theoretic Detectability Matters in Adversarial Attacks [76.35478518372692]
We introduce epsilon-illusory, a novel form of adversarial attack on sequential decision-makers. Compared to existing attacks, we empirically find epsilon-illusory to be significantly harder to detect with automated methods. Our findings suggest the need for better anomaly detectors, as well as effective hardware- and system-level defenses.
arXiv Detail & Related papers (2022-07-20T19:49:09Z)
Evaluating the Robustness of Semantic Segmentation for Autonomous Driving against Real-World Adversarial Patch Attacks [62.87459235819762]
In a real-world scenario like autonomous driving, more attention should be devoted to real-world adversarial examples (RWAEs) This paper presents an in-depth evaluation of the robustness of popular SS models by testing the effects of both digital and real-world adversarial patches.
arXiv Detail & Related papers (2021-08-13T11:49:09Z)
No Need to Know Physics: Resilience of Process-based Model-free Anomaly Detection for Industrial Control Systems [95.54151664013011]
We present a novel framework to generate adversarial spoofing signals that violate physical properties of the system. We analyze four anomaly detectors published at top security conferences.
arXiv Detail & Related papers (2020-12-07T11:02:44Z)
Investigating Robustness of Adversarial Samples Detection for Automatic Speaker Verification [78.51092318750102]
This work proposes to defend ASV systems against adversarial attacks with a separate detection network. A VGG-like binary classification detector is introduced and demonstrated to be effective on detecting adversarial samples.
arXiv Detail & Related papers (2020-06-11T04:31:56Z)
Adversarial vs behavioural-based defensive AI with joint, continual and active learning: automated evaluation of robustness to deception, poisoning and concept drift [62.997667081978825]
Recent advancements in Artificial Intelligence (AI) have brought new capabilities to behavioural analysis (UEBA) for cyber-security. In this paper, we present a solution to effectively mitigate this attack by improving the detection process and efficiently leveraging human expertise.
arXiv Detail & Related papers (2020-01-13T13:54:36Z)

This list is automatically generated from the titles and abstracts of the papers in this site.