Abstract
Deterministic perception of the surrounding environment is both crucial and a challenging task for autonomous vehicles. A wide range of sensors, including LiDAR, RADAR, cameras, and so on, are used to build the perception layer of an autonomous vehicle. Many interfaces, such as OBD-II, Wi-Fi, Bluetooth, cellular networks, etc., have been introduced in autonomous vehicles to control various functionalities, including V2X communications, over-the-air updates, security, remote vehicle-health monitoring, and so on. These interfaces are introducing new attack surfaces that can be exploited via external as well as internal attacks. Attackers have successfully demonstrated how to exploit these attack surfaces by crafting attack vectors to launch both insider and external attacks. The sensor and sensor data are also vulnerable to both external and insider attacks. Developing safeguards against these attacks is a steppingstone toward the design and development of reliable autonomous vehicles. For instance, failure to detect and localize sensor data tampering can result in an erroneous perception of the environment and lead to wrong path-planning and control decisions. In this paper, we propose a novel semi-fragile data hiding-based technique for real-time sensor data integrity verification and tamper detection and localization. Specifically, the proposed data hiding-based method relies on 3-dimensional quantization index modulation (QIM)-based data hiding to insert a binary watermark into the LiDAR data at the sensing layer, which is used for integrity verification and tamper detection and localization at the decision-making unit, e.g., the advanced driver assistance system (ADAS). The performance of the proposed scheme is evaluated on a benchmarking LiDAR dataset. The impact of information hiding on the object-recognition algorithm is also evaluated. Experimental results indicate that the proposed method can successfully detect and localize data tampering attacks, such as fake object insertion (FOI) and target object deletion (TOD). Robustness to noise-addition attacks is also evaluated.
Highlights
Autonomous vehicles are the future of our transportation, and the deterministic perception of an ego vehicle’s environment is a crucial step in achieving autonomy
Multiple sensors like LiDAR, cameras, and RADAR connect to the decisionmaking microcontroller over various interfaces like ethernet, controller area network (CAN), and low-voltage differential signaling (LVDS)
RELATED WORK we provide a brief overview of the existing literature on LiDAR sensor attack models, sensor data integrity measures for automotive networks, and 3D quantization index modulation (QIM)-based watermarking techniques for point-sampled data like a LiDAR point cloud
Summary
Autonomous vehicles are the future of our transportation, and the deterministic perception of an ego vehicle’s environment is a crucial step in achieving autonomy. By inserting tampered data containing fake objects or by deleting existing objects an attacker can influence the perception and localization algorithms to consider and act on the tampered data This would result in the ADAS making wrong control decisions like decelerating or braking when it is not supposed to or driving right into a target object. Though some redundancy could be built throughout the system by fusing different sensor information, the computational cost of path planning and other control algorithms to work around and ignore the tampered sensor data is much higher than detecting the tampering at the sensor level
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
