Addressing Adversarial Attacks on Image Vision Systems in Autonomous Vehicles

Summary

Adversarial attacks on image vision systems in autonomous vehicles pose a significant threat to the safety and reliability of autonomous driving technology. These attacks involve subtly altering images or sensor data to deceive the vehicle’s AI systems, leading to misclassification of objects, such as mistaking a stop sign for a 30 MPH sign. This can result in dangerous driving behaviours and potentially catastrophic accidents. The increasing threat of cyber-attacks against autonomous vehicles highlights the urgent need for robust cybersecurity measures. Manufacturers are continuously exploring ways to protect these systems, driven by both the complexity of the technology and stringent regulatory requirements. Addressing this problem is crucial to ensure the safe deployment of autonomous vehicles. By developing robust detection and mitigation algorithms, we aim to enhance the resilience of image vision systems against adversarial attacks, thereby maintaining accurate object recognition and ensuring the safety of passengers and other road users. This research is essential for building public trust in autonomous vehicles and advancing the technology towards widespread adoption.

In this project, a suite of algorithms will be developed to detect and mitigate adversarial attacks on image vision systems in autonomous vehicles. This involves creating robust, real-time detection mechanisms to identify adversarial perturbations and implementing mitigation strategies to neutralize these threats. Additionally, AI models will be trained to remain resilient under attack, ensuring accurate object classification, and integrate these solutions into existing vehicle systems for optimized, real-time processing. Extensive testing will be conducted in both simulated and real-world environments to validate reliability and safety. Building on our cyber research group’s expertise in automotive cybersecurity, developed through prior projects with industry partners like Horiba MIRA, this project brings essential support and real-world relevance to advancing the cybersecurity of autonomous vehicles.

Ideal Candidate Qualifications:

1. Background Knowledge: A background in artificial intelligence and machine learning, particularly in the context of image processing and computer vision. Knowledge of cybersecurity principles, including common threats, attack vectors, and defence mechanisms.
2. Technical Skills: Coding skills and along with experience in developing and implementing machine learning algorithms. The candidate should have hands-on experience with deep learning frameworks such as TensorFlow, Keras, or PyTorch, and be familiar with computer vision libraries like OpenCV. Knowledge on adversarial robustness tools, such as CleverHans, Adversarial Robustness Toolbox (ART), and Foolbox.
3. Personal Attributes: Self-motivated, independent, and proactive in learning.

This project offers a unique opportunity to work at the intersection of artificial intelligence, cybersecurity, and autonomous vehicle technology.

The specific objectives of the project are:

1. Detection Algorithms: To design and implement algorithms capable of detecting adversarial alterations in images and sensor data.
2. Mitigation Strategies: To develop methods for mitigating the effects of detected adversarial attacks, ensuring the AI system can still function correctly.
3. Robust AI Models: To enhance the robustness of AI models against adversarial attacks through training and validation.
4. Real-Time Processing: To ensure all detection and mitigation processes can be performed in real-time without compromising the vehicle’s performance.
5. Evaluation and Testing: To rigorously test the developed solutions in various scenarios to validate their effectiveness and reliability.

Supervisors

Discuss this further with a potential supervisor for this research degree:

Research Themes

Find other Research Degrees in the same theme: