A Human-in-the-Middle Attack against Object Detection Systems
This work addresses security risks for safety-critical applications like autonomous driving, though it is incremental as it builds on existing adversarial attack methods.
The paper tackles the vulnerability of object detection systems in robotics to adversarial attacks by proposing a novel hardware-based attack that injects Universal Adversarial Perturbations via a Man-in-the-Middle approach, significantly increasing attack strength through new evaluation metrics.
Object detection systems using deep learning models have become increasingly popular in robotics thanks to the rising power of CPUs and GPUs in embedded systems. However, these models are susceptible to adversarial attacks. While some attacks are limited by strict assumptions on access to the detection system, we propose a novel hardware attack inspired by Man-in-the-Middle attacks in cryptography. This attack generates a Universal Adversarial Perturbations (UAP) and injects the perturbation between the USB camera and the detection system via a hardware attack. Besides, prior research is misled by an evaluation metric that measures the model accuracy rather than the attack performance. In combination with our proposed evaluation metrics, we significantly increased the strength of adversarial perturbations. These findings raise serious concerns for applications of deep learning models in safety-critical systems, such as autonomous driving.