Rao Li (The Pennsylvania State University), Shih-Chieh Dai (Pennsylvania State University), Aiping Xiong (Penn State University)

Physical adversarial objects-evasion attacks pose a safety concern for automated driving systems (ADS) and are a significant obstacle to their widespread adoption. To enhance the ability of ADS to address such concerns, we aim to propose a human-AI collaboration framework to bring human in the loop to mitigate the attacks. In this WIP work, we investigate the performance of two object detectors in the YOLO-series (YOLOv5 and YOLOv8) against three physical adversarial object-evasion attacks across different driving contexts in the CARLA simulator. Using static images, we found that YOLOv8 generally outperformed YOLOv5 in attack detection but remained susceptible to certain attacks in specific contexts. Moreover, the study results showed that none of the attacks had achieved a high attack success rate in dynamic tests when system-level features were considered. Nevertheless, such detection results varied across different locations for each attack. Altogether, these results suggest that perception in autonomous driving, the same as human perception in manual driving, might also be context-dependent. Moreover, our results revealed object detection failures at a braking distance anticipated by human drivers, suggesting a necessity to involve human drivers in future evaluation processes.

View More Papers

From Hardware Fingerprint to Access Token: Enhancing the Authentication...

Yue Xiao (Wuhan University), Yi He (Tsinghua University), Xiaoli Zhang (Zhejiang University of Technology), Qian Wang (Wuhan University), Renjie Xie (Tsinghua University), Kun Sun (George Mason University), Ke Xu (Tsinghua University), Qi Li (Tsinghua University)

Read More

WIP: Towards Practical LiDAR Spoofing Attack against Vehicles Driving...

Ryo Suzuki (Keio University), Takami Sato (University of California, Irvine), Yuki Hayakawa, Kazuma Ikeda, Ozora Sako, Rokuto Nagata (Keio University), Qi Alfred Chen (University of California, Irvine), Kentaro Yoshioka (Keio University)

Read More

Detecting Voice Cloning Attacks via Timbre Watermarking

Chang Liu (University of Science and Technology of China), Jie Zhang (Nanyang Technological University), Tianwei Zhang (Nanyang Technological University), Xi Yang (University of Science and Technology of China), Weiming Zhang (University of Science and Technology of China), NengHai Yu (University of Science and Technology of China)

Read More

Compensating Removed Frequency Components: Thwarting Voice Spectrum Reduction Attacks

Shu Wang (George Mason University), Kun Sun (George Mason University), Qi Li (Tsinghua University)

Read More