语区分割网在自主驾驶时易受对立攻击的脆弱性:加强广泛的环境遥感 (The Vulnerability of Semantic Segmentation Networks to Adversarial Attacks in Autonomous Driving: Enhancing Extensive Environment Sensing)

Enabling autonomous driving (AD) can be considered one of the biggest challenges in today's technology. AD is a complex task accomplished by several functionalities, with environment perception being one of its core functions. Environment perception is usually performed by combining the semantic information captured by several sensors, i.e., lidar or camera. The semantic information from the respective sensor can be extracted by using convolutional neural networks (CNNs) for dense prediction. In the past, CNNs constantly showed state-of-the-art performance on several vision-related tasks, such as semantic segmentation of traffic scenes using nothing but the red-green-blue (RGB) images provided by a camera. Although CNNs obtain state-of-the-art performance on clean images, almost imperceptible changes to the input, referred to as adversarial perturbations, may lead to fatal deception. The goal of this article is to illuminate the vulnerability aspects of CNNs used for semantic segmentation with respect to adversarial attacks, and share insights into some of the existing known adversarial defense strategies. We aim to clarify the advantages and disadvantages associated with applying CNNs for environment perception in AD to serve as a motivation for future research in this field.

翻译：赋能自主驱动(AD)可被视为当今技术的最大挑战之一。 AD是一个复杂的任务,由若干功能完成,环境感知是其核心职能之一。环境感知通常是通过结合由多个传感器,即激光雷达或照相机所捕捉的语义信息来完成的。来自各个传感器的语义信息可以使用脉冲神经网络(CNNs)来进行密集的预测。过去,有线电视新闻网经常在几项与视觉有关的任务上显示最先进的表现,例如使用相机提供的红色绿色蓝色图像(RGB),对交通场进行语义分割。尽管有线电视网在清洁图像上取得了最先进的性能,但几乎无法察觉的对输入的改变可能导致致命的欺骗。文章的目的是要阐明CNN在对抗性攻击中用于语义性分离的脆弱方面,并分享对一些已知的对抗性防御战略的见解。我们的目的是澄清与将CNNA用于未来环境的研究有关的优势和劣势。

相关内容