Collaborative Perception (CP) has shown a promising technique for autonomous driving, where multiple connected and autonomous vehicles (CAVs) share their perception information to enhance the overall perception performance and expand the perception range. However, in CP, ego CAV needs to receive messages from its collaborators, which makes it easy to be attacked by malicious agents. For example, a malicious agent can send harmful information to the ego CAV to mislead it. To address this critical issue, we propose a novel method, CP-Guard, a tailored defense mechanism for CP that can be deployed by each agent to accurately detect and eliminate malicious agents in its collaboration network. Our key idea is to enable CP to reach a consensus rather than a conflict against the ego CAV's perception results. Based on this idea, we first develop a probability-agnostic sample consensus (PASAC) method to effectively sample a subset of the collaborators and verify the consensus without prior probabilities of malicious agents. Furthermore, we define a collaborative consistency loss (CCLoss) to capture the discrepancy between the ego CAV and its collaborators, which is used as a verification criterion for consensus. Finally, we conduct extensive experiments in collaborative bird's eye view (BEV) tasks and our results demonstrate the effectiveness of our CP-Guard. Code is available at https://github.com/CP-Security/CP-Guard

翻译：协同感知（CP）已成为自动驾驶领域一项前景广阔的技术，其中多辆网联自动驾驶车辆（CAV）通过共享感知信息来提升整体感知性能并扩展感知范围。然而在CP中，本车CAV需要接收来自协作方的信息，这使其易受恶意智能体攻击。例如，恶意智能体可向本车CAV发送有害信息以误导其决策。为应对这一关键问题，我们提出一种创新方法CP-Guard——一种专为CP设计的防御机制，可部署于每个智能体以精准检测并剔除其协作网络中的恶意智能体。我们的核心思想是使CP系统达成共识而非与本车CAV的感知结果产生冲突。基于此思想，我们首先提出概率无关样本共识（PASAC）方法，该方法能有效采样协作方子集并在无恶意智能体先验概率的情况下验证共识。此外，我们定义了协同一致性损失（CCLoss）来量化本车CAV与其协作方之间的差异，并将其作为共识验证准则。最后，我们在协同鸟瞰图（BEV）任务中进行了大量实验，结果表明CP-Guard具有显著有效性。代码发布于https://github.com/CP-Security/CP-Guard