In the development of advanced driver-assistance systems (ADAS) and autonomous vehicles, machine learning techniques that are based on deep neural networks (DNNs) have been widely used for vehicle perception. These techniques offer significant improvement on average perception accuracy over traditional methods, however, have been shown to be susceptible to adversarial attacks, where small perturbations in the input may cause significant errors in the perception results and lead to system failure. Most prior works addressing such adversarial attacks focus only on the sensing and perception modules. In this work, we propose an end-to-end approach that addresses the impact of adversarial attacks throughout perception, planning, and control modules. In particular, we choose a target ADAS application, the automated lane centering system in OpenPilot, quantify the perception uncertainty under adversarial attacks, and design a robust planning and control module accordingly based on the uncertainty analysis. We evaluate our proposed approach using both the public dataset and production-grade autonomous driving simulator. The experiment results demonstrate that our approach can effectively mitigate the impact of adversarial attacks and can achieve 55% to 90% improvement over the original OpenPilot.
翻译:在开发先进的助动系统(ADAS)和自主车辆的过程中,基于深神经网络(DNNS)的机器学习技术被广泛用于车辆感知,这些技术在对传统方法的平均感知精度方面大有改进,但是,这些技术显示,对传统方法的平均感知精度有显著改进,但是,这些技术被证明容易发生对抗性攻击,投入中的小扰动可能造成感知结果的重大错误并导致系统失灵。以前处理这种对抗性攻击的多数工作都只侧重于感知和感知模块。在这项工作中,我们提出了一种端对端攻击的端对端办法,处理整个感知、规划和控制模块的对抗性攻击的影响。特别是,我们选择了目标ADAS应用程序,即OpenPilot的自动车道中心系统,量化对抗性攻击下的感知觉的不确定性,并根据不确定性分析,设计一个强有力的规划和控制模块。我们用公共数据集和生产级自动驱动模拟器评价了我们提议的方法。实验结果表明,我们的方法可以有效减轻对立性攻击的影响,并实现对最初OpPilot的55%至90%的改进。
相关内容
微信扫码咨询专知VIP会员