Trojan Triggers for Poisoning Unmanned Aerial Vehicles Navigation: A Deep Learning Approach

Abstract

Cybersecurity for unmanned aerial vehicles (UAVs) has recently gained much attention due to an increase in cyberattacks against drone systems. Many significant cyber security attacks on UAVs have occurred in recent years due to a lack of vulnerability assessments and inadequate security countermeasures. A Trojan attack is a type of cyberattack where Deep Neural Networks (DNN) models are poisoned by injecting malicious modifications into the original design, which leads the DNN to misclassify certain inputs after being triggered. In this paper, we investigate Trojan attacks against neural networks. For a Trojan attack, we consider the DroNet architecture. DroNet is a convolutional neural network capable of safely driving a UAV across city streets. DroNet navigates UAVs by predicting steering angles and collision probabilities from camera images. For the attacking purpose, we have generated poisonous collision and steering angle datasets for DroNet. The TrojAI software framework is used to generate poisonous datasets and Trojan models. First, the effectiveness of the Trojan attack is examined on the DroNet model using poisonous and steering angle datasets. Then, we regulate the intensity of the designed trigger and review the performance of the DroNet architecture. Finally, we proposed a trojan detection technique using label visualization for clean and poisonous datasets.