Search engine for discovering works of Art, research articles, and books related to Art and Culture
Javascript must be enabled to continue!
Enhancing Autonomous Vehicle's Perception Under Adversarial Attacks Using Dual Autoencoders
View through CrossRef
Machine learning (ML) has become essential for tasks like detection and classification in autonomous vehicles (AVs). However, ML models are vulnerable to adversarial attacks, which can undermine passenger trust and raise safety concerns in autonomous driving systems. This is especially critical in systems like traffic sign recognition (TSR), where a misclassification caused by an adversarial attack could lead to serious safety risks. In this work, we propose a lightweight yet accurate defense system against adversarial attacks in TSR systems. Specifically, we first investigate the vulnerabilities of TSR models to adversarial attacks, where adversarial attacks, such as projected gradient descent (PGD) and the fast gradient sign method (FGSM), are considered and an adversarial attack pipeline is proposed that focuses on specific regions of interest (ROI) in traffic signs using a ScoreCAM-based approach to improve the effectiveness of FGSM and PGD attacks on TSR models. These attacks manipulate the input data to mislead the models, achieving a high attack success rate (ASR) by exploiting their vulnerabilities. Then, to address adversarial attacks, we propose a dual autoencoder-based defense system against adversarial attacks on traffic signs. This model combines two encoders that work collaboratively: one optimized for global feature extraction and the other for local features. The defense mechanism also integrates residual connections to retain important features of the input and attention mechanism to highlight critical regions in traffic sign images. Experimental results demonstrate that the proposed defense model outperforms existing works with a test classification accuracy of 96.08% and 96.69% against PGD and FGSM attack scenarios, respectively, while maintaining a fraction of the model size (approximately 9MBs) and a reduced parameter count, thereby making it the most lightweight and high-performance model available for TSR.
Institute of Electrical and Electronics Engineers (IEEE)
Title: Enhancing Autonomous Vehicle's Perception Under Adversarial Attacks Using Dual Autoencoders
Description:
Machine learning (ML) has become essential for tasks like detection and classification in autonomous vehicles (AVs).
However, ML models are vulnerable to adversarial attacks, which can undermine passenger trust and raise safety concerns in autonomous driving systems.
This is especially critical in systems like traffic sign recognition (TSR), where a misclassification caused by an adversarial attack could lead to serious safety risks.
In this work, we propose a lightweight yet accurate defense system against adversarial attacks in TSR systems.
Specifically, we first investigate the vulnerabilities of TSR models to adversarial attacks, where adversarial attacks, such as projected gradient descent (PGD) and the fast gradient sign method (FGSM), are considered and an adversarial attack pipeline is proposed that focuses on specific regions of interest (ROI) in traffic signs using a ScoreCAM-based approach to improve the effectiveness of FGSM and PGD attacks on TSR models.
These attacks manipulate the input data to mislead the models, achieving a high attack success rate (ASR) by exploiting their vulnerabilities.
Then, to address adversarial attacks, we propose a dual autoencoder-based defense system against adversarial attacks on traffic signs.
This model combines two encoders that work collaboratively: one optimized for global feature extraction and the other for local features.
The defense mechanism also integrates residual connections to retain important features of the input and attention mechanism to highlight critical regions in traffic sign images.
Experimental results demonstrate that the proposed defense model outperforms existing works with a test classification accuracy of 96.
08% and 96.
69% against PGD and FGSM attack scenarios, respectively, while maintaining a fraction of the model size (approximately 9MBs) and a reduced parameter count, thereby making it the most lightweight and high-performance model available for TSR.
Related Results
ProDef-MDS: A Proactive Defense Mechanism Protecting Malware Detection Systems from Adversarial Attacks
ProDef-MDS: A Proactive Defense Mechanism Protecting Malware Detection Systems from Adversarial Attacks
Malware threatens cybersecurity by enabling data theft, unauthorized access, and extortion. Traditional malware detection systems (MDS) struggle with the increasing volume and comp...
Efficient Defense Against First Order Adversarial Attacks on Convolutional Neural Networks
Efficient Defense Against First Order Adversarial Attacks on Convolutional Neural Networks
Machine learning models, especially neural networks, are vulnerable to adversarial attacks, where inputs are purposefully altered to induce incorrect predictions. These adversarial...
Computational Analysis of Concept Autonomous Heavy Vehicle to Reduce Drag Using Shape Optimization Technique and Add-On Devices
Computational Analysis of Concept Autonomous Heavy Vehicle to Reduce Drag Using Shape Optimization Technique and Add-On Devices
The design of heavy commercial vehicles plays a vital role in improving aerodynamic performance. Typically, conventional commercial vehicles have box-shaped driver cabins and stand...
Deception-Based Security Framework for IoT: An Empirical Study
Deception-Based Security Framework for IoT: An Empirical Study
<p><b>A large number of Internet of Things (IoT) devices in use has provided a vast attack surface. The security in IoT devices is a significant challenge considering c...
When Does a Dual Matrix Have a Dual Generalized Inverse?
When Does a Dual Matrix Have a Dual Generalized Inverse?
This paper deals with the existence of various types of dual generalized inverses of dual matrices. New and foundational results on the necessary and sufficient conditions for vari...
An enhanced ensemble defense framework for boosting adversarial robustness of intrusion detection systems
An enhanced ensemble defense framework for boosting adversarial robustness of intrusion detection systems
Abstract
Machine learning (ML) and deep neural networks (DNN) have emerged as powerful tools for enhancing intrusion detection systems (IDS) in cybersecurity. However, re...
Adversarial attacks on deepfake detection: Assessing vulnerability and robustness in video-based models
Adversarial attacks on deepfake detection: Assessing vulnerability and robustness in video-based models
The increasing prevalence of deepfake media has led to significant advancements in detection models, but these models remain vulnerable to adversarial attacks that exploit weakness...
Improving Diversity and Quality of Adversarial Examples in Adversarial Transformation Network
Improving Diversity and Quality of Adversarial Examples in Adversarial Transformation Network
Abstract
This paper proposes a method to mitigate two major issues of Adversarial Transformation Networks (ATN) including the low diversity and the low quality of adversari...