Abstract
Autonomous Vehicles (CAVs) are currently seen as a viable alternative to traditional vehicles. However, CAVs will face serious cyber threats because many components of the driving system are based on machine learning models and are vulnerable to adversary attacks. We have reviewed the scientific literature and highlighted the main types of disruptive attacks on autonomous driving models that pose potential threats to CAVs. In this paper, we have compiled a dataset with traffic sign images obtained from public sources. We made experiments in which we distorted the original images and used them to train deep neural network-based classification models. The experiments demonstrated a possible threat to traffic sign recognition by autonomous vehicles. This work can give researchers and engineers a better understanding of the current state and trends in CAV security for their future use.
Similar content being viewed by others
Change history
10 August 2023
A Correction to this paper has been published: https://doi.org/10.1007/s11416-023-00497-8
Notes
Roadmap for the development of "end-to-end" digital technology "Neurotechnology and Artificial Intelligence", URL: https://digital.gov.ru/ru/activity/directions/1046/.
Concepts of road safety with unmanned vehicles on public roads, URL: http://www.consultant.ru/document/cons_doc_LAW_348679/.
Cleaned Russian traffic sign images dataset, URL: https://huggingface.co/datasets/eleldar/rtsd_cleaned.
Russian traffic sign images dataset, URL: https://www.kaggle.com/datasets/watchman/rtsd-dataset.
Traffic sign recognition, URL: https://graphics.cs.msu.ru/projects/traffic-sign-recognition.html.
References
Kim, K., Kim, J.S., Jeong, S., Park, J.H., Kim, H.K.: Cybersecurity for autonomous vehicles: review of attacks and defense. Comput. Secur. 103, 102150 (2021). https://doi.org/10.1016/j.cose.2020.102150
Gao, Y., Kim, Y., Doan, B.G., Zhang, Z., Zhang, G., Nepal, S., Ranasinghe, D., Kim, H.: Design and evaluation of a multi-domain trojandetection method on deep neural networks. IEEE Trans. Depend. Secure Comput. (2021). https://doi.org/10.1109/TDSC.2021.3055844
Zhang, X., Gupta, R., Mian, A., Rahnavard, N., Shah, M.: Cassandra: Detecting trojaned networks from adversarial perturbations. IEEE Access (2021). https://doi.org/10.1109/ACCESS.2021.3101289
Manivasakan, H., Kalra, R., O’Hern, S., Fang, Y., Xi, Y., Zheng, N.: Infrastructure requirement for autonomous vehicle integration for future urban and suburban roads - current practice and a case study of melbourne, australia. Transp. Res. Part A: Policy Pract. 152, 36–53 (2021). https://doi.org/10.1016/j.tra.2021.07.012
Lee, D., Hess, D.J.: Regulations for on-road testing of connected and automated vehicles: assessing the potential for global safety harmonization. Transp. Res. Part A Policy Pract. 136, 85–98 (2020). https://doi.org/10.1016/j.tra.2020.03.026
Feng, D., Haase-Schutz, C., Rosenbaum, L., Hertlein, H., Glaser, C., Timm, F., Wiesbeck, W., Dietmayer, K.: Deep multi-modal object detection and semantic segmentation for autonomous driving: Datasets, methods, and challenges. IEEE Trans. Intell. Transp. Syst. (2021). https://doi.org/10.1109/TITS.2020.2972974
Chowdhury, A., Karmakar, G., Kamruzzaman, J., Jolfaei, A., Das, R.: Attacks on self-driving cars and their countermeasures: a survey. IEEE Access 8, 207308–207342 (2020). https://doi.org/10.1109/ACCESS.2020.3037705
Pham, M., Xiong, K.: A survey on security attacks and defense techniques for connected and autonomous vehicles. Comput. Secur. 109, 102269 (2021). https://doi.org/10.1016/j.cose.2021.102269
Wang, Y., Sarkar, E., Li, W., Maniatakos, M., Jabari, S.E.: Stop-and-go: Exploring backdoor attacks on deep reinforcement learning-based traffic congestion control systems. IEEE Trans. Inf. Forens. Secur. (2021). https://doi.org/10.1109/TIFS.2021.3114024
Abdel-Basset, M., Gamal, A., Moustafa, N., Abdel-Monem, A., El-Saber, N.: A security-by-design decision-making model for risk management in autonomous vehicles. IEEE Access (2021). https://doi.org/10.1109/ACCESS.2021.3098675
Deng, Y., Zhang, T., Lou, G., Zheng, X., Jin, J., Han, Q.L.: Deep learning-based autonomous driving systems: A survey of attacks and defenses. IEEE Trans. Ind. Inform. (2021). https://doi.org/10.1109/TII.2021.3071405
Pitropakis, N., Panaousis, E., Giannetsos, T., Anastasiadis, E., Loukas, G.: A taxonomy and survey of attacks against machine learning. Comput. Sci. Rev. 34, 100199 (2019). https://doi.org/10.1016/j.cosrev.2019.100199
Sharma, O., Sahoo, N.C., Puhan, N.B.: Recent advances in motion and behavior planning techniques for software architecture of autonomous vehicles: a state-of-the-art survey. Eng. Appl. Artif. Intell. 104211, 101 (2021). https://doi.org/10.1016/j.engappai.2021.104211
Torre, G.D.L., Rad, P., Choo, K.K.R.: Driverless vehicle security: challenges and future research opportunities. Future Gener. Comput. Syst. 108, 1092–1111 (2020). https://doi.org/10.1016/j.future.2017.12.041
Cui, J., Liew, L.S., Sabaliauskaite, G., Zhou, F.: A review on safety failures, security attacks, and available countermeasures for autonomous vehicles. Ad Hoc Netw. 90, 101823 (2019). https://doi.org/10.1016/j.adhoc.2018.12.006
Liu, Y., Ma, X., Bailey, J., Lu, F.: Reflection backdoor: A natural backdoor attack on deep neural networks, vol. 12355 LNCS (2020). https://doi.org/10.1007/978-3-030-58607-2_11
Chen, X., Ma, Y.N., Lu, S.W., Yao, Y.: Boundary augment: a data augment method to defend poison attack. IET Image Process. (2021). https://doi.org/10.1049/ipr2.12325
Rehman, H., Ekelhart, A., Mayer, R.: Backdoor attacks in neural networks - a systematic evaluation on multiple traffic sign datasets, vol. 11713 LNCS (2019). https://doi.org/10.1007/978-3-030-29726-8_18
Zhang, Z., Huang, S., Liu, X., Zhang, B., Dong, D.: Adversarial attacks on yolact instance segmentation. Comput. Secur. 116, 102682 (2022). https://doi.org/10.1016/j.cose.2022.102682
Zhang, Q., Zhao, Y., Wang, Y., Baker, T., Zhang, J., Hu, J.: Towards cross-task universal perturbation against black-box object detectors in autonomous driving. Comput. Netw. 180, 107388 (2020). https://doi.org/10.1016/j.comnet.2020.107388
Li, Y., Xu, X., Xiao, J., Li, S., Shen, H.T.: Adaptive square attack: fooling autonomous cars with adversarial traffic signs. IEEE Internet Things J. (2021). https://doi.org/10.1109/JIOT.2020.3016145
Chen, S.T., Cornelius, C., Martin, J., Chau, D.H.P.: Shapeshifter: Robust physical adversarial attack on faster r-cnn object detector, vol. 11051 LNAI (2019). https://doi.org/10.1007/978-3-030-10925-7_4
Xu, X., Zhang, J., Li, Y., Wang, Y., Yang, Y., Shen, H.T.: Adversarial attack against urban scene segmentation for autonomous vehicles. IEEE Trans. Ind. Inform. (2021). https://doi.org/10.1109/TII.2020.3024643
Andriushchenko, M., Croce, F., Flammarion, N., Hein, M.: Square attack: A query-efficient black-box adversarial attack via random search, vol. 12368 LNCS, (2020). https://doi.org/10.1007/978-3-030-58592-1_29
Sheehan, B., Murphy, F., Mullins, M., Ryan, C.: Connected and autonomous vehicles: a cyber-risk classification framework. Transp. Res. Part A: Policy Pract. 124, 523–536 (2019). https://doi.org/10.1016/j.tra.2018.06.033
Cheng, K., Zhou, Y., Chen, B., Wang, R., Bai, Y., Liu, Y.: Guardauto: a decentralized runtime protection system for autonomous driving. IEEE Trans. Comput. (2021). https://doi.org/10.1109/TC.2020.3018329
Zhang, J., Lou, Y., Wang, J., Wu, K., Lu, K., Jia, X.: Evaluating adversarial attacks on driving safety in vision-based autonomous vehicles. IEEE Internet Things J. 9(5), 3443–3456 (2022). https://doi.org/10.1109/JIOT.2021.3099164
He, Y., Huang, K., Zhang, G., Yu, F.R., Chen, J., Li, J.: Bift: A blockchain-based federated learning system for connected and autonomous vehicles. IEEE Internet Things J. (2021). https://doi.org/10.1109/JIOT.2021.3135342
Wang, X., Cai, M., Sohel, F., Sang, N., Chang, Z.: Adversarial point cloud perturbations against 3d object detection in autonomous driving systems. Neurocomputing (2021). https://doi.org/10.1016/j.neucom.2021.09.027
Chen, C., Huang, T.: Camdar-adv: generating adversarial patches on 3d object. Int. J. Intell. Syst. (2021). https://doi.org/10.1002/int.22349
Boloor, A., Garimella, K., He, X., Gill, C., Vorobeychik, Y., Zhang, X.: Attacking vision-based perception in end-to-end autonomous driving models. J. Syst. Architect. 110, 101766 (2020). https://doi.org/10.1016/j.sysarc.2020.101766
Chy, M.K.A., Masum, A.K.M., Sayeed, K.A.M., Uddin, M.Z.: Delicar: A smart deep learning based self driving product delivery car in perspective of bangladesh. Sensors (2022). https://doi.org/10.3390/s22010126
Kang, Y., Yin, H., Berger, C.: Test your self-driving algorithm: an overview of publicly available driving datasets and virtual testing environments. IEEE Trans. Intell. Veh. (2019). https://doi.org/10.1109/TIV.2018.2886678
Huang, X., Wang, P., Cheng, X., Zhou, D., Geng, Q., Yang, R.: The apolloscape open dataset for autonomous driving and its application. IEEE Transactions on Pattern Analysis and Machine Intelligence, 42(2), (2020), https://doi.org/10.1109/TPAMI.2019.2926463
Singh, G., Akrigg, S., Maio, M.D., Fontana, V., Alitappeh, R.J., Khan, S., Saha, S., Jeddisaravi, K., Yousefi, F., Culley, J., Nicholson, T., Omokeowa, J., Grazioso, S., Bradley, A., Gironimo, G.D., Cuzzolin, F.: Road: The road event awareness dataset for autonomous driving. IEEE Trans. Pattern Anal. Mach. Intell. (2022). https://doi.org/10.1109/TPAMI.2022.3150906
Yerznkyan, B., Gataullin, T., Gataullin, S.: Mathematical aspects of synergy. search.proquest.com. https://doi.org/10.14254/1800-5845/2022.18-3.16
Gataullin, T.M., Gataullin, S.T.: Endpoint functions: mathematical apparatus and economic applications. Math. Notes 112, 656–663 (2022). https://doi.org/10.1134/S0001434622110037
Barotov, D., Osipov, A., Korchagin, S., Pleshakova, E., Muzafarov, D., Barotov, R., Serdechnyy, D.: Transformation method for solving system of Boolean algebraic equations. Mathematics (2021). https://doi.org/10.3390/math9243299
Kositzyn, A., Serdechnyy, D., Korchagin, S., Pleshakova, E., Nikitin, P., Kurileva, N.: Mathematical modeling, analysis and evaluation of the complexity of flight paths of groups of unmanned aerial vehicles in aviation and transport systems. Mathematics (2021). https://doi.org/10.3390/math9172171
Andriyanov, N., Khasanshin, I., Utkin, D., Gataullin, T., Ignar, S., Shumaev, V., Soloviev, V.: Intelligent system for estimation of the spatial position of apples based on yolov3 and real sense depth camera d415. Symmetry (2022). https://doi.org/10.3390/sym14010148
Maaz, M., Shaker, A., Cholakkal, H., Khan, S., Zamir, S.W., Anwer, R.M., Khan, F.S.: Edgenext: Efficiently amalgamated cnn-transformer architecture for mobile vision applications (2022)
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
The original online version of this article was revised: In this article Reference 36 and 37 was wrongly given. it has been corrected.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Boltachev, E. Potential cyber threats of adversarial attacks on autonomous driving models. J Comput Virol Hack Tech (2023). https://doi.org/10.1007/s11416-023-00486-x
Received:
Accepted:
Published:
DOI: https://doi.org/10.1007/s11416-023-00486-x