While adversarial neural networks have been shown successful for static image attacks, very few approaches have been developed for attacking online image streams while taking into account the underlying physical dynamics of autonomous vehicles, their mission, and environment. This paper presents an online adversarial machine learning framework that can effectively misguide autonomous vehicles' missions. In the existing image attack methods devised toward autonomous vehicles, optimization steps are repeated for every image frame. This framework removes the need for fully converged optimization at every frame to realize image attacks in real-time. Using reinforcement learning, a generative neural network is trained over a set of image frames to obtain an attack policy that is more robust to dynamic and uncertain environments. A state estimator is introduced for processing image streams to reduce the attack policy's sensitivity to physical variables such as unknown position and velocity. A simulation study is provided to validate the results.
翻译:虽然对立神经网络在静态图像攻击中被证明是成功的,但很少为攻击在线图像流制定方法,同时考虑到自主车辆、其使命和环境的基本物理动态。本文件介绍了一个在线对立机器学习框架,可以有效引导自治车辆的任务。在为自动车辆设计的现有图像攻击方法中,每个图像框架都重复了优化步骤。这个框架消除了在每个框架中充分统一优化以实现实时图像攻击的必要性。利用强化学习,对基因神经网络进行了一套图像框架的培训,以获得对动态和不确定环境更强大的攻击政策。为处理图像流引入了州估测器,以减少攻击政策对未知位置和速度等物理变量的敏感度。提供了模拟研究,以验证结果。