A Survey on Adversarial Robustness of LiDAR-based Machine Learning Perception in Autonomous Vehicles

Junae Kim,Amardeep Kaur
2024-11-21
Abstract:In autonomous driving, the combination of AI and vehicular technology offers great potential. However, this amalgamation comes with vulnerabilities to adversarial attacks. This survey focuses on the intersection of Adversarial Machine Learning (AML) and autonomous systems, with a specific focus on LiDAR-based systems. We comprehensively explore the threat landscape, encompassing cyber-attacks on sensors and adversarial perturbations. Additionally, we investigate defensive strategies employed in countering these threats. This paper endeavors to present a concise overview of the challenges and advances in securing autonomous driving systems against adversarial threats, emphasizing the need for robust defenses to ensure safety and security.
Machine Learning,Artificial Intelligence,Cryptography and Security
What problem does this paper attempt to address?
### What problems does this paper attempt to solve? This paper aims to explore and summarize the adversarial robustness issues faced by LiDAR (Light Detection and Ranging) - based machine - learning perception systems in autonomous vehicles. Specifically, the paper focuses on the following aspects: 1. **The threat of adversarial attacks**: - Sensors (such as LiDAR, cameras, etc.) and machine - learning models in autonomous driving systems are vulnerable to adversarial attacks. These attacks include but are not limited to traditional Adversarial Machine Learning (AML) attacks and cyber - attacks against sensors. - Adversarial attacks cause misjudgments in machine - learning models by introducing carefully designed perturbations or making slight modifications to input data, thus affecting the safety and reliability of autonomous driving systems. 2. **Research on defense strategies**: - The paper investigates existing defense strategies to deal with the above - mentioned adversarial attacks. These defense strategies aim to improve the robustness of autonomous driving systems and ensure their normal operation in the face of malicious attacks. - Analyze the limitations of existing defense strategies and point out the deficiencies in current research, providing directions for future research. 3. **Technical review and challenges**: - The paper details the working principle of LiDAR sensors and their applications in autonomous driving, including point - cloud data processing, 3D object detection, semantic segmentation and other tasks. - Explore the characteristics of LiDAR point - cloud data (such as sparsity, noise, incompleteness, etc.), and analyze the impact of these characteristics on machine - learning models. - Emphasize the necessity of ensuring the robustness of machine - learning perception modules in autonomous driving systems, especially in the face of adversarial attacks. 4. **Contributions and prospects**: - Provide a comprehensive review of machine - learning models based on 3D LiDAR, especially those widely recognized and highly cited models. - Conduct in - depth analysis of adversarial attacks and defense strategies for 3D autonomous driving systems, revealing the gaps and emerging trends in current research. - Emphasize the importance of identifying and analyzing the limitations of existing AML defense strategies, providing a reference for the design of future defense mechanisms. In general, this paper is committed to filling the gaps in the existing literature, providing a comprehensive overview of the robustness research of LiDAR - based autonomous driving systems under adversarial attacks, and emphasizing the urgency of ensuring the safety and reliability of autonomous driving systems.