CP-Guard+: A New Paradigm for Malicious Agent Detection and Defense in Collaborative Perception
This addresses security risks in connected autonomous vehicles, offering a novel defense mechanism against malicious information injection.
The paper tackles the vulnerability of collaborative perception systems to malicious attacks in autonomous driving by proposing CP-Guard+, a new paradigm for detecting malicious agents at the feature level, which reduces computational overhead and achieves a 15% improvement in detection accuracy over baselines.
Collaborative perception (CP) is a promising method for safe connected and autonomous driving, which enables multiple vehicles to share sensing information to enhance perception performance. However, compared with single-vehicle perception, the openness of a CP system makes it more vulnerable to malicious attacks that can inject malicious information to mislead the perception of an ego vehicle, resulting in severe risks for safe driving. To mitigate such vulnerability, we first propose a new paradigm for malicious agent detection that effectively identifies malicious agents at the feature level without requiring verification of final perception results, significantly reducing computational overhead. Building on this paradigm, we introduce CP-GuardBench, the first comprehensive dataset provided to train and evaluate various malicious agent detection methods for CP systems. Furthermore, we develop a robust defense method called CP-Guard+, which enhances the margin between the representations of benign and malicious features through a carefully designed Dual-Centered Contrastive Loss (DCCLoss). Finally, we conduct extensive experiments on both CP-GuardBench and V2X-Sim, and demonstrate the superiority of CP-Guard+.