APSEC 2024
Tue 3 - Fri 6 December 2024 China
Thu 5 Dec 2024 14:00 - 14:30 at Room 4 (Xianglin Ballroom) - Session (11) Chair(s): Deron Liang

Adversarial attacks play an important role in testing and enhancing the reliability of deep learning (DL) systems. Most existing attacks for DL-based autonomous driving systems (ADSs) demonstrate strong performance under the white-box setting but struggle with black-box transferability, while black-box attacks are more practical in real-world scenarios as they operate without full model access. Numerous transferability-enhancement techniques have been proposed in other fields (e.g., image classification), however, they remain unexplored for end-to-end (E2E) ADSs.

Our study fills the gap by conducting the first comprehensive empirical analysis of nine transferability-enhancement methods on E2E ADSs, covering two types: three input transformation enhancements and six attack objective enhancements. We evaluate their effectiveness on two datasets with four steering models. Our findings reveal that, out of nine enhancements, Resizing+Translation delivers the best black-box transferability, producing up to 9.39 degrees increase in MAE. Pred+Attn serves as the best objective enhancement, producing a maximum of 5.55 degrees (white-box) and 6.21 degrees (black-box) increase in MAE. Through attention heatmap visualizations, we discover that different models focus on similar regions when predicting, thereby enhancing the transferability of attention-based attacks.

In conclusion, our study provides valuable results and insights into the transferability-enhancement techniques for E2E ADSs, which also serve as a robust benchmark for further advancements in the autonomous driving field.

Thu 5 Dec

Displayed time zone: Beijing, Chongqing, Hong Kong, Urumqi change

14:00 - 15:30
Session (11)Technical Track / ERA - Early Research Achievements at Room 4 (Xianglin Ballroom)
Chair(s): Deron Liang National Central University
14:00
30m
Talk
Enhancing the Transferability of Adversarial Attacks for End-to-End Autonomous Driving Systems
Technical Track
Jingyu Zhang City University of Hong Kong, Jacky Keung City University of Hong Kong, Xiaoxue Ma City University of Hong Kong, Yihan Liao City University of Hong Kong, Yishu Li City University of Hong Kong, Yicheng Sun City University of Hong Kong
14:30
30m
Talk
Enhancing Reentrancy Vulnerability Detection and Repair with a Hybrid Model Framework
Technical Track
Mengliang Li Zhejiang University, Xiaoxue Ren Zhejiang University, Han Fu Zhejiang University, Zhuo Li State Street Technology(Zhejiang) Ltd, JianLing Sun Zhejiang University
15:00
20m
Talk
BugsInKube: A Collection of Reconciliation Bugs
ERA - Early Research Achievements
Kabilan Mahathevan University of Moratuwa, Sivakajan Sivaparan University of Moratuwa, Tharsha Sivapalarajah University of Moratuwa, Sunimal Rathnayake University of Moratuwa, Ridwan Salihin Shariffdeen National University of Singapore