Search Results for author:
Found 29 papers, 8 papers with code
Are VLMs Ready for Autonomous Driving? An Empirical Study from the Reliability, Data, and Metric Perspectives
Additionally, we highlight the potential of leveraging VLMs' awareness of corruptions to enhance their reliability, offering a roadmap for developing more trustworthy and interpretable decision-making systems in real-world autonomous driving contexts.
Revisiting Physical-World Adversarial Attack on Traffic Sign Recognition: A Commercial Systems Perspective
We design new attack success metrics that can mathematically model the impacts of such design on the TSR system-level attack success, and use them to revisit existing attacks.
SlowPerception: Physical-World Latency Attack against Visual Perception in Autonomous Driving
Additionally, we conduct AD system-level impact assessments, such as vehicle collisions, using industry-grade AD systems with production-grade AD simulators with a 97% average rate.
ControlLoc: Physical-World Hijacking Attack on Visual Perception in Autonomous Driving
Extensive evaluations demonstrate the superior performance of ControlLoc, achieving an impressive average attack success rate of around 98. 1% across various AD visual perceptions and datasets, which is four times greater effectiveness than the existing hijacking attack.
Can We Trust Embodied Agents? Exploring Backdoor Attacks against Embodied LLM-based Decision-Making Systems
Specifically, we propose three distinct attack mechanisms: word injection, scenario manipulation, and knowledge injection, targeting various components in the LLM-based decision-making pipeline.
Invisible Reflections: Leveraging Infrared Laser Reflections to Target Traffic Sign Perception
We evaluate the effectiveness of the ILR attack with real-world experiments against two major traffic sign recognition architectures on four IR-sensitive cameras.
SlowTrack: Increasing the Latency of Camera-based Perception in Autonomous Driving Using Adversarial Examples
Our evaluation results show that the system-level effects can be significantly improved, i. e., the vehicle crash rate of SlowTrack is around 95% on average while existing works only have around 30%.
On Data Fabrication in Collaborative Vehicular Perception: Attacks and Countermeasures
To understand the impact of the vulnerability, we break the ground by proposing various real-time data fabrication attacks in which the attacker delivers crafted malicious data to victims in order to perturb their perception results, leading to hard brakes or increased collision risks.
Intriguing Properties of Diffusion Models: An Empirical Study of the Natural Attack Capability in Text-to-Image Generative Models
The NDD attack shows a significantly high capability to generate low-cost, model-agnostic, and transferable adversarial attacks by exploiting the natural attack capability in diffusion models.
Does Physical Adversarial Example Really Matter to Autonomous Driving? Towards System-Level Effect of Adversarial Object Evasion Attack
In this work, we conduct the first measurement study on whether and how effectively the existing designs can lead to system-level effects, especially for the STOP sign-evasion attacks due to their popularity and severity.
LiDAR Spoofing Meets the New-Gen: Capability Improvements, Broken Assumptions, and New Attack Strategies
To fill these critical research gaps, we conduct the first large-scale measurement study on LiDAR spoofing attack capabilities on object detectors with 9 popular LiDARs, covering both first- and new-generation LiDARs, and 3 major types of object detectors trained on 5 different datasets.
Learning Representation for Anomaly Detection of Vehicle Trajectories
We conduct extensive experiments to demonstrate that our supervised method based on contrastive learning and unsupervised method based on reconstruction with semantic latent space can significantly improve the performance of anomalous trajectory detection in their corresponding settings over various baseline methods.
Semi-supervised Semantics-guided Adversarial Training for Robust Trajectory Prediction
In this paper, we present a novel adversarial training method for trajectory prediction.
Semi-supervised Semantics-guided Adversarial Training for Trajectory Prediction
In addition, experiments show that our method can significantly improve the system's robust generalization to unseen patterns of attacks.
Towards Driving-Oriented Metric for Lane Detection Models
After the 2017 TuSimple Lane Detection Challenge, its dataset and evaluation based on accuracy and F1 score have become the de facto standard to measure the performance of lane detection methods.
SoK: On the Semantic AI Security in Autonomous Driving
In this paper, we perform the first systematization of knowledge of such growing semantic AD AI security research space.
On Adversarial Robustness of Trajectory Prediction for Autonomous Vehicles
Trajectory prediction is a critical component for autonomous vehicles (AVs) to perform safe planning and navigation.
Sensor Adversarial Traits: Analyzing Robustness of 3D Object Detection Sensor Fusion Models
A critical aspect of autonomous vehicles (AVs) is the object detection stage, which is increasingly being performed with sensor fusion models: multimodal 3D object detection models which utilize both 2D RGB image data and 3D data from a LIDAR sensor as inputs.
On Robustness of Lane Detection Models to Physical-World Adversarial Attacks in Autonomous Driving
We demonstrate that the conventional evaluation fails to reflect the robustness in end-to-end autonomous driving scenarios.
Invisible for both Camera and LiDAR: Security of Multi-Sensor Fusion based Perception in Autonomous Driving Under Physical-World Attacks
In this paper, we present the first study of security issues of MSF-based perception in AD systems.
End-to-end Uncertainty-based Mitigation of Adversarial Attacks to Automated Lane Centering
The experiment results demonstrate that our approach can effectively mitigate the impact of adversarial attacks and can achieve 55% to 90% improvement over the original OpenPilot.
On Adversarial Robustness of 3D Point Cloud Classification under Adaptive Attacks
Since adversarial training (AT) is believed as the most robust defense, we present the first in-depth study showing how AT behaves in point cloud classification and identify that the required symmetric function (pooling operation) is paramount to the 3D model's robustness under AT.
On The Adversarial Robustness of 3D Point Cloud Classification
Since adversarial training (AT) is believed to be the most effective defense, we present the first in-depth study showing how AT behaves in point cloud classification and identify that the required symmetric function (pooling operation) is paramount to the model's robustness under AT.
Dirty Road Can Attack: Security of Deep Learning based Automated Lane Centering under Physical-World Attack
Automated Lane Centering (ALC) systems are convenient and widely deployed today, but also highly security and safety critical.
Towards Robust LiDAR-based Perception in Autonomous Driving: General Black-box Adversarial Sensor Attack and Countermeasures
In this work, we perform the first study to explore the general vulnerability of current LiDAR-based perception architectures and discover that the ignored occlusion patterns in LiDAR point clouds make self-driving cars vulnerable to spoofing attacks.
Security of Deep Learning based Lane Keeping System under Physical-World Adversarial Attack
Lane-Keeping Assistance System (LKAS) is convenient and widely available today, but also extremely security and safety critical.
Fooling Detection Alone is Not Enough: Adversarial Attack against Multiple Object Tracking
Recent work in adversarial machine learning started to focus on the visual perception in autonomous driving and studied Adversarial Examples (AEs) for object detection models.
Adversarial Sensor Attack on LiDAR-based Perception in Autonomous Driving
In contrast to prior work that concentrates on camera-based perception, in this work we perform the first security study of LiDAR-based perception in AV settings, which is highly important but unexplored.
Fooling Detection Alone is Not Enough: First Adversarial Attack against Multiple Object Tracking
Recent work in adversarial machine learning started to focus on the visual perception in autonomous driving and studied Adversarial Examples (AEs) for object detection models.
