Abstract
Deep Neural Networks (DNNs) have tremendous potential in advancing the vision for self-driving cars. However, the security of DNN models in this context leads to major safety implications and needs to be better understood. We consider the case study of steering angle prediction from camera images, using the dataset from the 2014 Udacity challenge. We demonstrate for the first time adversarial testing-time attacks for this application for both classification and regression settings. We show that minor modifications to the camera image (an L-2 distance of 0.82 for one of the considered models) result in mis-classification of an image to any class of attacker's choice. Furthermore, our regression attack results in a significant increase in Mean Square Error (MSE) - by a factor of 69 in the worst case.
| Original language | English |
|---|---|
| Title of host publication | Proceedings - 2019 IEEE Symposium on Security and Privacy Workshops, SPW 2019 |
| Publisher | Institute of Electrical and Electronics Engineers Inc. |
| Pages | 132-137 |
| Number of pages | 6 |
| ISBN (Electronic) | 9781728135083 |
| DOIs | |
| State | Published - May 2019 |
| Event | 2019 IEEE Symposium on Security and Privacy Workshops, SPW 2019 - San Francisco, United States Duration: 23 May 2019 → … |
Publication series
| Name | Proceedings - 2019 IEEE Symposium on Security and Privacy Workshops, SPW 2019 |
|---|
Conference
| Conference | 2019 IEEE Symposium on Security and Privacy Workshops, SPW 2019 |
|---|---|
| Country/Territory | United States |
| City | San Francisco |
| Period | 23/05/19 → … |
Bibliographical note
Publisher Copyright:© 2019 IEEE.
Keywords
- Adversarial machine learning
- Deep neural networks
- Self driving cars