Files in this item



application/pdfECE499-Sp2019-zhu.pdf (365kB)Restricted to U of Illinois
(no description provided)PDF


Title:Simulation of adversarial attack on vision system of self-driving agent
Author(s):Zhu, Ziwei
Contributor(s):Hu, Yih-Chun
Vision system
Adversarial attack
Automobile driving simulation
Abstract:Machine learning has been increasingly applied to the realm of self-driving. The operation of a self-driving vehicle is built upon the cooperation of a vision system, radars and Global Positioning System (GPS). The vision system, as the most complex and vulnerable phase in this whole system, involves convolutional neural networks (CNN) as well as real-time pattern recognition. Previous research has studied adversarial attacks on pre-defined CNN models with known evaluation functions, and applied this attack on stationary images or in a dynamic environment with a relatively slow movement. However, no research has clearly presented the outcomes after a self-driving vehicle sustains such an attack in a real-world scene. In this thesis, we report the process of building the platform to support a black-box test on an open-sourced self-driving system, Openpilot, and carrying out the attack on its vision system in a simulated program, Stunt Rally. This racing game is open-sourced, allowing customizing vehicle specs and tracks, which ensures complete flexibility and fidelity in our experiment. In order to simulate the scenario for Openpilot as controlling a physical car on a straight road, we built a data-streaming module and a real-time signal processing module. We verified the feasibility to simulate Openpilot functioning on highways based on our platform and evaluated trigger conditions in which an adversarial attack can be effective. This experimental setup also allows generative adversarial networks (GAN) to be used as a means of attack in the future
Issue Date:2019-05
Date Available in IDEALS:2019-06-19

This item appears in the following Collection(s)

Item Statistics