Collaborative perception, which greatly enhances the sensing capability of connected and autonomous vehicles (CAVs) by incorporating data from external resources, also brings forth potential security risks. CAVs' driving decisions rely on remote untrusted data, making them susceptible to attacks carried out by malicious participants in the collaborative perception system. However, security analysis and countermeasures for such threats are absent. To understand the impact of the vulnerability, we break the ground by proposing various real-time data fabrication attacks in which the attacker delivers crafted malicious data to victims in order to perturb their perception results, leading to hard brakes or increased collision risks. Our attacks demonstrate a high success rate of over 86\% on high-fidelity simulated scenarios and are realizable in real-world experiments. To mitigate the vulnerability, we present a systematic anomaly detection approach that enables benign vehicles to jointly reveal malicious fabrication. It detects 91.5% of attacks with a false positive rate of 3% in simulated scenarios and significantly mitigates attack impacts in real-world scenarios.

翻译：协作式感知通过整合外部数据源增强网联自动驾驶车辆（CAVs）的感知能力，同时也引入了潜在的安全风险。CAVs的驾驶决策依赖于不可信的远程数据，使其易受协作感知系统中恶意参与者发起的攻击。然而，针对此类威胁的安全分析与防御措施尚属空白。为深入理解该漏洞的影响，我们率先提出了多种实时数据伪造攻击方法——攻击者向目标车辆发送经篡改的恶意数据，扰乱其感知结果，导致车辆紧急制动或增加碰撞风险。该攻击在高保真仿真场景中的成功率超过86%，并在真实世界实验中验证了其可行性。为缓解这一漏洞，我们提出了一种系统性异常检测方法，使良性车辆能够联合揭露恶意伪造行为。仿真场景中，该方法可检测91.5%的攻击，误报率仅为3%，并在真实场景中显著降低了攻击影响。