Learning Image Attacks toward Vision Guided Autonomous Vehicles
This work addresses the security of autonomous vehicles against adversarial attacks, presenting an incremental improvement over existing methods by focusing on real-time applicability and environmental uncertainty.
The paper tackles the problem of real-time adversarial attacks on vision-guided autonomous vehicles by introducing an online framework that eliminates the need for fully converged optimization per frame, using reinforcement learning and a state estimator to improve robustness in dynamic environments, validated through simulation.
While adversarial neural networks have been shown successful for static image attacks, very few approaches have been developed for attacking online image streams while taking into account the underlying physical dynamics of autonomous vehicles, their mission, and environment. This paper presents an online adversarial machine learning framework that can effectively misguide autonomous vehicles' missions. In the existing image attack methods devised toward autonomous vehicles, optimization steps are repeated for every image frame. This framework removes the need for fully converged optimization at every frame to realize image attacks in real-time. Using reinforcement learning, a generative neural network is trained over a set of image frames to obtain an attack policy that is more robust to dynamic and uncertain environments. A state estimator is introduced for processing image streams to reduce the attack policy's sensitivity to physical variables such as unknown position and velocity. A simulation study is provided to validate the results.