信息安全研究2024,Vol.10Issue(9):786-794,9.DOI:10.12379/j.issn.2096-1057.2024.09.01
面向自动驾驶感知系统的对抗样本攻击研究综述
A Review of Adversarial Attack on Autonomous Driving Perception System
摘要
Abstract
The autonomous driving perception system collects surrounding environmental information through various sensors and processes this data to detect vehicles,pedestrians and obstacles,providing real-time foundational data for subsequent control and decision-making functions.Since sensors are directly connected to the external environment and often lack the ability to discern the credibility of inputs,the perception systems are potential targets for various attacks.Among these,adversarial example attack is a mainstream attack method characterized by high concealment and harm.Attackers manipulate or forge input data of the perception system to deceive the perception algorithms,leading to incorrect output results by the system.Based on the research of existing relevant literature,this paper systematically summarizes the working methods of the autonomous driving perception system,analyzes the adversarial example attack schemes and defense strategies targeting the perception system.In particular,this paper subdivide the adversarial examples for the autonomous driving perception system into signal-based adversarial example attack scheme and object-based adversarial example attack scheme.Additionally,the paper comprehensively discusses defense strategy of the adversarial example attack for the perception system,and subdivide it into anomaly detection,model defense,and physical defense.Finally,this paper prospects the future research directions of adversarial example attack targeting autonomous driving perception systems.关键词
车联网/自动驾驶/感知系统/对抗样本攻击/安全防御Key words
Internet of vehicle/autonomous driving/perception system/adversarial attack/security defenses分类
信息技术与安全科学引用本文复制引用
顾芳铭,况博裕,许亚倩,付安民..面向自动驾驶感知系统的对抗样本攻击研究综述[J].信息安全研究,2024,10(9):786-794,9.基金项目
国家自然科学基金项目(62072239,62372236) (62072239,62372236)
江苏省青蓝工程 ()
江苏省卓越博士后计划项目 ()
