Model-Agnostic Defense for Lane Detection against Adversarial Attack

TL;DR

This paper introduces a model-agnostic lane verification system that effectively detects adversarial attacks on lane detection models, enhancing autonomous driving safety with minimal impact on inference speed.

Contribution

The proposed modular verification system can defend against various adversarial attacks on lane detection models without depending on specific model architectures.

Findings

Detects 96% of non-adaptive attacks

Detects 90% of adaptive attacks

Detects 98% of patch attacks

Abstract

Susceptibility of neural networks to adversarial attack prompts serious safety concerns for lane detection efforts, a domain where such models have been widely applied. Recent work on adversarial road patches have successfully induced perception of lane lines with arbitrary form, presenting an avenue for rogue control of vehicle behavior. In this paper, we propose a modular lane verification system that can catch such threats before the autonomous driving system is misled while remaining agnostic to the particular lane detection model. Our experiments show that implementing the system with a simple convolutional neural network (CNN) can defend against a wide gamut of attacks on lane detection models. With a 10% impact to inference time, we can detect 96% of bounded non-adaptive attacks, 90% of bounded adaptive attacks, and 98% of patch attacks while preserving accurate identification at least 95% of true lanes, indicating that our proposed verification system is effective at mitigating lane detection security risks with minimal overhead.