Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
125 tokens/sec
GPT-4o
53 tokens/sec
Gemini 2.5 Pro Pro
42 tokens/sec
o3 Pro
4 tokens/sec
GPT-4.1 Pro
47 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

Evaluating the Robustness of Off-Road Autonomous Driving Segmentation against Adversarial Attacks: A Dataset-Centric analysis (2402.02154v1)

Published 3 Feb 2024 in cs.CV and cs.LG

Abstract: This study investigates the vulnerability of semantic segmentation models to adversarial input perturbations, in the domain of off-road autonomous driving. Despite good performance in generic conditions, the state-of-the-art classifiers are often susceptible to (even) small perturbations, ultimately resulting in inaccurate predictions with high confidence. Prior research has directed their focus on making models more robust by modifying the architecture and training with noisy input images, but has not explored the influence of datasets in adversarial attacks. Our study aims to address this gap by examining the impact of non-robust features in off-road datasets and comparing the effects of adversarial attacks on different segmentation network architectures. To enable this, a robust dataset is created consisting of only robust features and training the networks on this robustified dataset. We present both qualitative and quantitative analysis of our findings, which have important implications on improving the robustness of machine learning models in off-road autonomous driving applications. Additionally, this work contributes to the safe navigation of autonomous robot Unimog U5023 in rough off-road unstructured environments by evaluating the robustness of segmentation outputs. The code is publicly available at https://github.com/rohtkumar/adversarial_attacks_ on_segmentation

Definition Search Book Streamline Icon: https://streamlinehq.com
References (30)
  1. Adversarial examples from computational constraints. arXiv:1805.10204 [stat.ML]
  2. Nicholas Carlini and David Wagner. 2017. Adversarial Examples Are Not Easily Detected: Bypassing Ten Detection Methods. arXiv:1705.07263 [cs.LG]
  3. Abhishek Chaurasia and Eugenio Culurciello. 2017. LinkNet: Exploiting encoder representations for efficient semantic segmentation. In 2017 IEEE Visual Communications and Image Processing (VCIP). IEEE, honolulu, 1–4. https://doi.org/10.1109/vcip.2017.8305148
  4. DeepLab: Semantic Image Segmentation with Deep Convolutional Nets, Atrous Convolution, and Fully Connected CRFs. arXiv:1606.00915 [cs.CV]
  5. The Cityscapes Dataset for Semantic Urban Scene Understanding. arXiv:1604.01685 [cs.CV]
  6. Adversarial vulnerability for any classifier. arXiv:1802.08686 [cs.LG]
  7. Vision meets robotics: The KITTI dataset. The International Journal of Robotics Research 32, 11 (2013), 1231–1237. https://doi.org/10.1177/0278364913491297 arXiv:https://doi.org/10.1177/0278364913491297
  8. Adversarial Spheres. arXiv:1801.02774 [cs.CV]
  9. Explaining and Harnessing Adversarial Examples. arXiv:1412.6572 [stat.ML]
  10. Adversarial Example Defenses: Ensembles of Weak Defenses are not Strong. arXiv:1706.04701 [cs.LG]
  11. Adversarial Attacks on Neural Network Policies. arXiv:1702.02284 [cs.LG]
  12. Adversarial Examples Are Not Bugs, They Are Features. arXiv:1905.02175 [stat.ML]
  13. Adversarial examples in the physical world. arXiv:1607.02533 [cs.CV]
  14. Hong Lee and Yong Ro. 2021. Adversarially Robust Multi-Sensor Fusion Model Training Via Random Feature Fusion For Semantic Segmentation. , 339-343 pages. https://doi.org/10.1109/ICIP42928.2021.9506748
  15. PnPNet: End-to-End Perception and Prediction with Tracking in the Loop. arXiv:2005.14711 [cs.CV]
  16. Fully Convolutional Networks for Semantic Segmentation. arXiv:1411.4038 [cs.CV]
  17. The Curse of Concentration in Robust Learning: Evasion and Poisoning Attacks from Concentration of Measure. arXiv:1809.03063 [cs.LG]
  18. Real-Time Semantic Mapping for Autonomous Off-Road Navigation. In Field and Service Robotics, Marco Hutter and Roland Siegwart (Eds.). Springer International Publishing, Cham, 335–350.
  19. U-Net: Convolutional Networks for Biomedical Image Segmentation. arXiv:1505.04597 [cs.CV]
  20. On the Real-World Adversarial Robustness of Real-Time Semantic Segmentation Models for Autonomous Driving. arXiv:2201.01850 [cs.CV]
  21. Adversarially Robust Generalization Requires More Data. arXiv:1804.11285 [cs.LG]
  22. Scalability in Perception for Autonomous Driving: Waymo Open Dataset. arXiv:1912.04838 [cs.CV]
  23. Intriguing properties of neural networks. arXiv:1312.6199 [cs.CV]
  24. Thomas Tanay and Lewis Griffin. 2016. A Boundary Tilting Persepective on the Phenomenon of Adversarial Examples. arXiv:1608.07690 [cs.LG]
  25. Adversarial Risk and the Dangers of Evaluating Against Weak Attacks. arXiv:1802.05666 [cs.LG]
  26. Deep Multispectral Semantic Scene Understanding of Forested Environments Using Multimodal Fusion. In 2016 International Symposium on Experimental Robotics. Springer International Publishing, Cham, 465–477. https://doi.org/10.1007/978-3-319-50115-4_41
  27. Patrick Wolf. 2022. Cognitive Processing in Behavior-Based Perception of Autonomous Off-Road Vehicles. Dr. Hut verlag, Kai.
  28. Patrick Wolf and Karsten Berns. 2021. Data-fusion for robust off-road perception considering data quality of uncertain sensors. In 2021 IEEE/RSJ International Conference on Intelligent Robots and Systems (IROS). 2021 IEEE/RSJ International Conference on Intelligent Robots and Systems (IROS), Prague, 6876–6883. https://doi.org/10.1109/IROS51168.2021.9636541
  29. Traction Optimization for Robust Navigation in Unstructured Environments Using Deep Neural Networks on the Example of the Off-Road Truck Unimog. In Intelligent Autonomous Systems 17, Ivan Petrovic, Emanuele Menegatti, and Ivan Marković (Eds.). Springer Nature Switzerland, Cham, 561–579.
  30. Certified Defences Against Adversarial Patch Attacks on Semantic Segmentation. arXiv:2209.05980 [cs.CV]
Citations (2)
View on Semantic Scholar

Summary

We haven't generated a summary for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Now