Cited By
View all- Grosse KAlahi A(2024)A qualitative AI security risk assessment of autonomous vehiclesTransportation Research Part C: Emerging Technologies10.1016/j.trc.2024.104797169(104797)Online publication date: Dec-2024
Adversarial Attacks on Adaptive Cruise Control Systems
Pages 49 - 54
Abstract
DNN-based Adaptive Cruise Control (ACC) systems are very convenient but also safety critical. Although prior work has explored physical adversarial attacks on DNN models, those attacks are mostly static and their effects on a real-world ACC system are not clear. In this work, we propose the first end-to-end attack on ACC systems, and we test the safety indication on the state-of-the-art ACC products. The experimental results show that our approach can make the vehicle driving with ACC accelerate unsafely and cause a rear-end collision.
References
[1]
[n. d.]. Intelligent Cruise Control. nissan-global.com/EN/TECHNOLOGY/OVERVIEW/icc.html.
[2]
[n. d.]. Toyota Safety Sense (TSS). https://www.buyatoyota.com/home/tools/toyota-safety-sense/.
[3]
2017. Apollo: Open Source Autonomous Driving. https://github.com/ApolloAuto/apollo.
[4]
2018. OpenPilot: Open Source Driving Agent. https://github.com/commaai/ openpilot.
[5]
2018. We hit the road with Comma.ai’s assisted-driving tech at CES 2020. https://www.cnet.com/roadshow/news/comma-ai-assisted-driving-george-hotz-ces-2020/.
[6]
2021. 6 Types of car insurance fraud. https://www.bankrate.com/insurance/car/fraud.
[7]
Anish Athalye, Logan Engstrom, Andrew Ilyas, and Kevin Kwok. 2018. Synthesizing robust adversarial examples. In International conference on machine learning. PMLR, 284–293.
[8]
Nicholas Carlini and David Wagner. 2017. Towards evaluating the robustness of neural networks. In 2017 ieee symposium on security and privacy (sp). IEEE, 39–57.
[9]
Shang-Tse Chen, Cory Cornelius, Jason Martin, and Duen Horng Polo Chau. 2018. Shapeshifter: Robust physical adversarial attack on faster r-cnn object detector. In Joint European Conference on Machine Learning and Knowledge Discovery in Databases. Springer, 52–68.
[10]
Edward Chou, Florian Tramèr, Giancarlo Pellegrino, and Dan Boneh. 2018. Sentinet: Detecting physical attacks against deep learning systems. (2018).
[11]
Alexey Dosovitskiy, German Ros, Felipe Codevilla, Antonio Lopez, and Vladlen Koltun. 2017. CARLA: An Open Urban Driving Simulator. In Proceedings of the 1st Annual Conference on Robot Learning. 1–16.
[12]
Kevin Eykholt, Ivan Evtimov, Earlence Fernandes, Bo Li, Amir Rahmati, Chaowei Xiao, Atul Prakash, Tadayoshi Kohno, and Dawn Song. 2018. Robust physical-world attacks on deep learning visual classification. In Proceedings of the IEEE conference on computer vision and pattern recognition. 1625–1634.
[13]
Tore Hägglund. 1996. An industrial dead-time compensating PI controller. Control Engineering Practice 4, 6 (1996), 749–756.
[14]
Jamie Hayes. 2018. On visible adversarial perturbations & digital watermarking. In Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition Workshops. 1597–1604.
[15]
Alexey Kurakin, Ian Goodfellow, Samy Bengio, 2016. Adversarial examples in the physical world.
[16]
Songhun Kwak, Kwanghun Kim, Kwangnam Choe, and Kumchol Yun. 2020. A local gradient smoothing method for solving strong form governing equation. European Journal of Mechanics-A/Solids 84 (2020), 104073.
[17]
Alexander Levine and Soheil Feizi. 2020. (De) Randomized Smoothing for Certifiable Defense against Patch Attacks. arXiv preprint arXiv:2002.10733 (2020).
[18]
Jiajun Lu, Hussein Sibai, Evan Fabry, and David Forsyth. 2017. No need to worry about adversarial examples in object detection in autonomous vehicles. arXiv preprint arXiv:1707.03501 (2017).
[19]
Joseph Redmon and Ali Farhadi. 2017. YOLO9000: better, faster, stronger. In Proceedings of the IEEE conference on computer vision and pattern recognition. 7263–7271.
[20]
Jacques Richalet, André Rault, JL Testud, and J Papon. 1978. Model predictive heuristic control. Automatica (journal of IFAC) 14, 5 (1978), 413–428.
[21]
Guodong Rong, Byung Hyun Shin, Hadi Tabatabaee, Qiang Lu, Steve Lemke, Mārtiņš Možeiko, Eric Boise, Geehoon Uhm, Mark Gerow, Shalin Mehta, 2020. LGSVL Simulator: A High Fidelity Simulator for Autonomous Driving. arXiv preprint arXiv:2005.03778 (2020).
[22]
Takami Sato, Junjie Shen, Ningfei Wang, Yunhan Jack Jia, Xue Lin, and Qi Alfred Chen. 2020. Hold tight and never let go: Security of deep learning based automated lane centering under physical-world attack. arXiv preprint arXiv:2009.06701 (2020).
[23]
Ali Shafahi, Mahyar Najibi, Amin Ghiasi, Zheng Xu, John Dickerson, Christoph Studer, Larry S Davis, Gavin Taylor, and Tom Goldstein. 2019. Adversarial training for free!arXiv preprint arXiv:1904.12843 (2019).
[24]
Mahmood Sharif, Sruti Bhagavatula, Lujo Bauer, and Michael K Reiter. 2016. Accessorize to a crime: Real and stealthy attacks on state-of-the-art face recognition. In Proceedings of the 2016 acm sigsac conference on computer and communications security. 1528–1540.
[25]
Dawn Song, Kevin Eykholt, Ivan Evtimov, Earlence Fernandes, Bo Li, Amir Rahmati, Florian Tramer, Atul Prakash, and Tadayoshi Kohno. 2018. Physical adversarial examples for object detectors. In 12th { USENIX} Workshop on Offensive Technologies ({ WOOT} 18).
[26]
Florian Tramèr, Alexey Kurakin, Nicolas Papernot, Ian Goodfellow, Dan Boneh, and Patrick McDaniel. 2017. Ensemble adversarial training: Attacks and defenses. arXiv preprint arXiv:1705.07204 (2017).
[27]
Chong Xiang, Arjun Nitin Bhagoji, Vikash Sehwag, and Prateek Mittal. 2021. Patchguard: A provably robust defense against adversarial patches via small receptive fields and masking. In 30th { USENIX} Security Symposium ({ USENIX} Security 21).
[28]
Cihang Xie, Jianyu Wang, Zhishuai Zhang, Yuyin Zhou, Lingxi Xie, and Alan Yuille. 2017. Adversarial examples for semantic segmentation and object detection. In Proceedings of the IEEE International Conference on Computer Vision. 1369–1378.
[29]
Kaichen Yang, Tzungyu Tsai, Honggang Yu, Tsung-Yi Ho, and Yier Jin. 2020. Beyond Digital Domain: Fooling Deep Learning Based Recognition System in Physical World. In Proceedings of the AAAI Conference on Artificial Intelligence, Vol. 34. 1088–1095.
[30]
Sibel Yenikaya, Gökhan Yenikaya, and Ekrem Düven. 2013. Keeping the Vehicle on the Road: A Survey on on-Road Lane Detection Systems. ACM Comput. Surv. 46, 1, Article 2 (July 2013), 43 pages.
[31]
Yue Zhao, Hong Zhu, Ruigang Liang, Qintao Shen, Shengzhi Zhang, and Kai Chen. 2019. Seeing isn’t believing: Towards more robust adversarial attack against real world object detectors. In Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security. 1989–2004.
Index Terms
- Adversarial Attacks on Adaptive Cruise Control Systems
Recommendations
Comparison of Deep Reinforcement Learning Path-Following System Based on Road Geometry and an Adaptive Cruise Control for Autonomous Vehicles
Hybrid Artificial Intelligent SystemsAbstractThis paper presents an intelligent path-following system implemented using deep reinforcement learning based road curvature influence. The vehicle dynamics features are obtained with a 3-DOF vehicle model. The intelligent system consists of a deep ...
Numerical Analysis of Tractor Accidents using Driving Simulator for Autonomous Driving Tractor
ICMRE'19: Proceedings of the 5th International Conference on Mechatronics and Robotics EngineeringAutonomous driving of automobiles is a hot research topic in recent years. The autonomous driving tractor also has been studied in the agricultural field as well as an autonomous driving automobile. On the other hand, tractor accidents frequently occur ...
Cooperative Adaptive Cruise Control: A Reinforcement Learning Approach
Recently, improvements in sensing, communicating, and computing technologies have led to the development of driver-assistance systems (DASs). Such systems aim at helping drivers by either providing a warning to reduce crashes or doing some of the ...
Comments
Please enable JavaScript to view thecomments powered by Disqus.Information & Contributors
Information
Published In
May 2023
419 pages
ISBN:9798400700491
DOI:10.1145/3576914
Copyright © 2023 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].
Sponsors
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 09 May 2023
Check for updates
Author Tags
Qualifiers
- Research-article
- Research
- Refereed limited
Funding Sources
Conference
CPS-IoT Week '23
Sponsor:
CPS-IoT Week '23: Cyber-Physical Systems and Internet of Things Week 2023
May 9 - 12, 2023
TX, San Antonio, USA
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- View Citations1Total Citations
- 343Total Downloads
- Downloads (Last 12 months)167
- Downloads (Last 6 weeks)27
Reflects downloads up to 03 Jan 2025
Other Metrics
Citations
Cited By
View all- Grosse KAlahi A(2024)A qualitative AI security risk assessment of autonomous vehiclesTransportation Research Part C: Emerging Technologies10.1016/j.trc.2024.104797169(104797)Online publication date: Dec-2024
View Options
View options
View or Download as a PDF file.
PDFeReader
View online with eReader.
eReaderHTML Format
View this article in HTML Format.
HTML FormatLogin options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in