Securing Deep Learning against Adversarial Attacks for Connected and Autonomous Vehicles
Intelligent mobile robots, including autonomous agents, highly rely on the correctness of surrounding environment perception. Recently, Deep Learning-based perception models have been shown to be vulnerable to adversarial attacks through one kind of well-designed input called adversarial examples. Existing defenses include mainly adversarial training and adversarial detecting; however, they fail to solve the intrinsic issue of current deep learning models, which is the weak adversarial robustness, which partly lies in the opaque nature of the black box models. This project developed a deep ensemble network for image classification based on the fusion of discriminative features and generative models. Specifically, a causal adversarial graph is built into a generative model to model the distribution of adversarial perturbations. To improve the accuracy of generative classifiers, pre-trained object features and original images are fused together. We show that the ensemble network is robust against adversarial examples even without adversarial training (i.e., trained only with clean data), yet needs shorter training time and lower computation cost. In addition, we leverage counterfactual explanations to evaluate the model causality of the ensemble network.
Language
- English
Project
- Status: Completed
- Funding: $103824
-
Contract Numbers:
69A3551747117
-
Sponsor Organizations:
Office of the Assistant Secretary for Research and Technology
University Transportation Centers Program
Department of Transportation
Washington, DC United States 20590Center for Connected Multimodal Mobility
Clemson University
Clemson, SC United States 29634Clemson University International Center for Automotive Research
5 Research Drive
Greenville, South Carolina United States 29607 1600 Harden Street
Columbia, South Carolina United States 29204 -
Managing Organizations:
Clemson University International Center for Automotive Research
5 Research Drive
Greenville, South Carolina United States 29607 -
Project Managers:
Pisu, Pierluigi
-
Performing Organizations:
Clemson University International Center for Automotive Research
5 Research Drive
Greenville, South Carolina United States 29607 1600 Harden Street
Columbia, South Carolina United States 29204 -
Principal Investigators:
Pisu, Pierluigi
- Start Date: 20210915
- Expected Completion Date: 20220916
- Actual Completion Date: 20231010
- USDOT Program: University Transportation Centers
Subject/Index Terms
- TRT Terms: Autonomous vehicles; Cameras; Computer security; Connected vehicles; Detectors; Laser radar; Machine learning
- Subject Areas: Design; Safety and Human Factors; Security and Emergencies; Vehicles and Equipment;
Filing Info
- Accession Number: 01838174
- Record Type: Research project
- Source Agency: Center for Connected Multimodal Mobility
- Contract Numbers: 69A3551747117
- Files: UTC, RIP
- Created Date: Mar 6 2022 3:11PM