Mitigating Emerging Cyber Security Threats Using Artificial Intelligence
Last week, I taught a cybersecurity course at the University of Oxford case. I created a case study for my class based on an excellent recent paper: Deep Learning-Based Autonomous Driving Systems: A Survey of Attacks and Defences (link below)
This paper is unique because it discussed emerging cyber security threats and their mitigation using artificial intelligence in context of advanced autonomous
driving systems (ADSs). I felt that this is significant because typically the problem domain of AI and cybersecurity is mostly an Anomaly detection or a Signature detection problem. Also, most of the times, cybersecurity professionals use specific tools such as splunk or darktrace(which we cover in our course) – but these threats and their mitigations are very new. Hence, they need exploring from first principles/research. Thus, we can cover newer threats such as adversarial attacks(making modifications to input data to force machine-learning algorithms to behave in ways they’re not supposed to). By considering a complex and emerging problem domain like ADASS we can discuss many more emerging problems which we have yet to encounter at scale.
A deep learning-based ADS is normally composed of three functional layers, including a sensing layer, a perception layer and a decision layer, as well as an additional cloud
The sensing layer: comprises heterogeneous sensors such as GPS, camera, LiDAR, radar and ultrasonic sensors are used to collect real-time ambient information including the current position and spatial-temporal data (e.g. time series image frames).
The perception layer contains deep learning models to analyze the data collected by the sensing layer and then extract useful environmental information from the raw data for further process.
The decision layer acts as a decision-making unit to output instructions concerning the change of speed and steering angle based on the extracted information from
the perception layer.
The perception layer includes functions like Localization, Road object detection and semantic segmentation which uses a variety of deep learning algorithms. The cloud service provides compute intensive resources such as preroute planning and enhance the perception of the surrounding environment. The decision layer includes functions like Path planning and object trajectory prediction; Vehicle control via deep reinforcement learning;
These are depicted below
Based on this, the paper explores the below
ATTACKS IN ADSS
- Physical attacks on sensors
- Jamming attack, Spoofing attack
- Cyberattacks on cloud services
- Adversarial attacks on deep learning models in perception and decision layers
- Defence against physical sensor attacks
- Defence for cloud services
- Defence against adversarial evasion attacks( Proactive defences, Reactive defence)
- Defence against adversarial poisoning attacks
POTENTIAL ATTACKS IN FUTURE
- Adversarial attacks on the whole ADS
- Semantic adversarial attacks
- Reverse-engineering attacks
STRATEGIES FOR ROBUSTNESS IMPROVEMENT
- Hardware redundancy
- Model robustness training
- Model testing and verification
- Adversarial attacks detection in real time
The threats are as below
The paper link is