What Would Trojans Do? Exploiting Partial-Information Vulnerabilities in Autonomous Vehicle Sensing

TL;DR

This paper investigates vulnerabilities in autonomous vehicle sensors to cyber attacks, demonstrating how partial-information attacks can compromise safety, and proposes a security-aware sensor fusion method to mitigate these threats.

Contribution

It introduces realistic attack models under partial information constraints and proposes a novel sensor fusion approach to enhance AV sensor security.

Findings

LiDAR-based attacks are more damaging than camera attacks due to sensor fusion reliance.

Proposed security-aware fusion methods significantly reduce attack success rates.

Sensor fusion with probabilistic monitoring improves resilience against sensor-targeted cyber attacks.

Abstract

Safety-critical sensors in autonomous vehicles (AVs) form an essential part of the vehicle's trusted computing base (TCB), yet they are highly susceptible to attacks. Alarmingly, Tier 1 manufacturers have already exposed vulnerabilities to attacks introducing Trojans that can stealthily alter sensor outputs. We analyze the feasible capability and safety-critical outcomes of an attack on sensing at a cyber level. To further address these threats, we design realistic attacks in AV simulators and real-world datasets under two practical constraints: attackers (1) possess only partial information and (2) are constrained by data structures that maintain sensor integrity.Examining the role of camera and LiDAR in multi-sensor AVs, we find that attacks targeting only the camera have minimal safety impact due to the sensor fusion system's strong reliance on 3D data from LiDAR. This reliance makes LiDAR-based attacks especially detrimental to safety. To mitigate the vulnerabilities, we introduce security-aware sensor fusion incorporating (1) a probabilistic data-asymmetry monitor and (2) a scalable track-to-track fusion of 3D LiDAR and monocular detections (T2T-3DLM). We demonstrate that these methods significantly diminish attack success rate.