基于激光雷达欺骗：效果验证，能力量化和对策

IF 8.9 1区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

IEEE Internet of Things Journal Pub Date : 2024-11-29 DOI:10.1109/JIOT.2024.3496783

Zizhi Jin;Xiaoyu Ji;Yushi Cheng;Bo Yang;Chen Yan;Wenyuan Xu

{"title":"基于激光雷达欺骗：效果验证，能力量化和对策","authors":"Zizhi Jin;Xiaoyu Ji;Yushi Cheng;Bo Yang;Chen Yan;Wenyuan Xu","doi":"10.1109/JIOT.2024.3496783","DOIUrl":null,"url":null,"abstract":"Autonomous vehicles (AVs) and robots increasingly exploit light detection and ranging (LiDAR)-based 3-D object detection systems to detect obstacles in the environment. Correct detection and classification are important to ensure safe driving. Although previous work has demonstrated the feasibility of manipulating point clouds to spoof 3-D object detectors, most of these attempts are performed digitally. In this article, we investigate the possibility of physically fooling LiDAR-based 3-D object detection by injecting adversarial point clouds using lasers. First, we develop a laser transceiver that can inject up to 4200 points, and can measure the scanning cycle of victim LiDARs to schedule the spoofing laser signals. By designing a control signal method that converts the coordinates of point clouds to control signals and an adversarial point cloud optimization method with physical constraints of LiDARs and attack capabilities, we manage to inject spoofing point cloud with desired point cloud shapes into the victim LiDAR physically. We can launch four types of attacks, i.e., naive hiding, record-based creating, optimization-based hiding, and optimization-based creating. Extensive experiments demonstrate the effectiveness of our attacks against two commercial LiDAR and three detectors. We further analyze the impact of our attacks on four fusion-based detectors. This article concludes with experiments on defense methods and discussion on potential defense strategies at both the sensor and AV system levels.","PeriodicalId":54347,"journal":{"name":"IEEE Internet of Things Journal","volume":"12 2","pages":"1165-1181"},"PeriodicalIF":8.9000,"publicationDate":"2024-11-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Laser-Based LiDAR Spoofing: Effects Validation, Capability Quantification, and Countermeasures\",\"authors\":\"Zizhi Jin;Xiaoyu Ji;Yushi Cheng;Bo Yang;Chen Yan;Wenyuan Xu\",\"doi\":\"10.1109/JIOT.2024.3496783\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Autonomous vehicles (AVs) and robots increasingly exploit light detection and ranging (LiDAR)-based 3-D object detection systems to detect obstacles in the environment. Correct detection and classification are important to ensure safe driving. Although previous work has demonstrated the feasibility of manipulating point clouds to spoof 3-D object detectors, most of these attempts are performed digitally. In this article, we investigate the possibility of physically fooling LiDAR-based 3-D object detection by injecting adversarial point clouds using lasers. First, we develop a laser transceiver that can inject up to 4200 points, and can measure the scanning cycle of victim LiDARs to schedule the spoofing laser signals. By designing a control signal method that converts the coordinates of point clouds to control signals and an adversarial point cloud optimization method with physical constraints of LiDARs and attack capabilities, we manage to inject spoofing point cloud with desired point cloud shapes into the victim LiDAR physically. We can launch four types of attacks, i.e., naive hiding, record-based creating, optimization-based hiding, and optimization-based creating. Extensive experiments demonstrate the effectiveness of our attacks against two commercial LiDAR and three detectors. We further analyze the impact of our attacks on four fusion-based detectors. This article concludes with experiments on defense methods and discussion on potential defense strategies at both the sensor and AV system levels.\",\"PeriodicalId\":54347,\"journal\":{\"name\":\"IEEE Internet of Things Journal\",\"volume\":\"12 2\",\"pages\":\"1165-1181\"},\"PeriodicalIF\":8.9000,\"publicationDate\":\"2024-11-29\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IEEE Internet of Things Journal\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://ieeexplore.ieee.org/document/10771740/\",\"RegionNum\":1,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Internet of Things Journal","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10771740/","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

摘要

自动驾驶汽车（AVs）和机器人越来越多地利用基于光探测和测距（LiDAR）的3d物体探测系统来探测环境中的障碍物。正确的检测和分类对于确保安全驾驶至关重要。虽然以前的工作已经证明了操纵点云来欺骗3d目标探测器的可行性，但大多数这些尝试都是数字化的。在本文中，我们研究了通过使用激光注入对抗性点云来物理欺骗基于激光雷达的三维目标检测的可能性。首先，我们开发了一个可以注入多达4200个点的激光收发器，并可以测量受害激光雷达的扫描周期来调度欺骗激光信号。通过设计一种将点云坐标转换为控制信号的控制信号方法和一种结合激光雷达物理约束和攻击能力的对抗性点云优化方法，我们成功地将具有所需点云形状的欺骗点云物理注入到受害激光雷达中。我们可以发起四种类型的攻击，即：朴素隐藏、基于记录的创建、基于优化的隐藏和基于优化的创建。大量的实验证明了我们的攻击对两个商用激光雷达和三个探测器的有效性。我们进一步分析了攻击对四个基于融合的检测器的影响。本文最后进行了防御方法的实验，并讨论了传感器和AV系统级别的潜在防御策略。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Laser-Based LiDAR Spoofing: Effects Validation, Capability Quantification, and Countermeasures

Autonomous vehicles (AVs) and robots increasingly exploit light detection and ranging (LiDAR)-based 3-D object detection systems to detect obstacles in the environment. Correct detection and classification are important to ensure safe driving. Although previous work has demonstrated the feasibility of manipulating point clouds to spoof 3-D object detectors, most of these attempts are performed digitally. In this article, we investigate the possibility of physically fooling LiDAR-based 3-D object detection by injecting adversarial point clouds using lasers. First, we develop a laser transceiver that can inject up to 4200 points, and can measure the scanning cycle of victim LiDARs to schedule the spoofing laser signals. By designing a control signal method that converts the coordinates of point clouds to control signals and an adversarial point cloud optimization method with physical constraints of LiDARs and attack capabilities, we manage to inject spoofing point cloud with desired point cloud shapes into the victim LiDAR physically. We can launch four types of attacks, i.e., naive hiding, record-based creating, optimization-based hiding, and optimization-based creating. Extensive experiments demonstrate the effectiveness of our attacks against two commercial LiDAR and three detectors. We further analyze the impact of our attacks on four fusion-based detectors. This article concludes with experiments on defense methods and discussion on potential defense strategies at both the sensor and AV system levels.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

IEEE Internet of Things Journal Computer Science-Information Systems

CiteScore

17.60

自引率

13.20%

发文量

1982

期刊介绍： The EEE Internet of Things (IoT) Journal publishes articles and review articles covering various aspects of IoT, including IoT system architecture, IoT enabling technologies, IoT communication and networking protocols such as network coding, and IoT services and applications. Topics encompass IoT's impacts on sensor technologies, big data management, and future internet design for applications like smart cities and smart homes. Fields of interest include IoT architecture such as things-centric, data-centric, service-oriented IoT architecture; IoT enabling technologies and systematic integration such as sensor technologies, big sensor data management, and future Internet design for IoT; IoT services, applications, and test-beds such as IoT service middleware, IoT application programming interface (API), IoT application design, and IoT trials/experiments; IoT standardization activities and technology development in different standard development organizations (SDO) such as IEEE, IETF, ITU, 3GPP, ETSI, etc.