fakeWeather: Adversarial Attacks for Deep Neural Networks Emulating Weather Conditions on the Camera Lens of Autonomous Systems

TL;DR

This paper introduces fakeWeather, a novel adversarial attack emulating natural weather effects like rain and snow to deceive deep neural networks, highlighting a new security threat for autonomous systems.

Contribution

It models atmospheric weather effects as adversarial perturbations to deceive DNNs, revealing a new vulnerability related to natural-looking attacks.

Findings

Significant accuracy drops in DNNs under fakeWeather attacks

Effective emulation of weather effects as adversarial masks

Highlighting security risks for autonomous systems

Abstract

Recently, Deep Neural Networks (DNNs) have achieved remarkable performances in many applications, while several studies have enhanced their vulnerabilities to malicious attacks. In this paper, we emulate the effects of natural weather conditions to introduce plausible perturbations that mislead the DNNs. By observing the effects of such atmospheric perturbations on the camera lenses, we model the patterns to create different masks that fake the effects of rain, snow, and hail. Even though the perturbations introduced by our attacks are visible, their presence remains unnoticed due to their association with natural events, which can be especially catastrophic for fully-autonomous and unmanned vehicles. We test our proposed fakeWeather attacks on multiple Convolutional Neural Network and Capsule Network models, and report noticeable accuracy drops in the presence of such adversarial perturbations. Our work introduces a new security threat for DNNs, which is especially severe for safety-critical applications and autonomous systems.