Monocular Depth Estimation (MDE) plays a crucial role in vision-based Autonomous Driving (AD) systems. It utilizes a single-camera image to determine the depth of objects, facilitating driving decisions such as braking a few meters in front of a detected obstacle or changing lanes to avoid collision. In this paper, we investigate the security risks associated with monocular vision-based depth estimation algorithms utilized by AD systems. By exploiting the vulnerabilities of MDE and the principles of optical lenses, we introduce LensAttack, a physical attack that involves strategically placing optical lenses on the camera of an autonomous vehicle to manipulate the perceived object depths. LensAttack encompasses two attack formats: concave lens attack and convex lens attack, each utilizing different optical lenses to induce false depth perception. We begin by constructing a mathematical model of our attack, incorporating various attack parameters. Subsequently, we simulate the attack and evaluate its real-world performance in driving scenarios to demonstrate its effect on state-of-the-art MDE models. The results highlight the significant impact of LensAttack on the accuracy of depth estimation in AD systems.
翻译:单目深度估计在基于视觉的自动驾驶系统中扮演着关键角色。它利用单摄像头图像来确定物体的深度,从而辅助驾驶决策,例如在检测到障碍物前数米处刹车或变道以避免碰撞。本文研究了自动驾驶系统所采用的基于单目视觉的深度估计算法所面临的安全风险。通过利用MDE的脆弱性和光学透镜的原理,我们提出了LensAttack——一种物理攻击方法,通过在自动驾驶车辆的摄像头上策略性地放置光学透镜来操纵感知到的物体深度。LensAttack包含两种攻击形式:凹透镜攻击和凸透镜攻击,每种形式利用不同的光学透镜来诱发错误的深度感知。我们首先构建了攻击的数学模型,并纳入了多种攻击参数。随后,我们模拟了该攻击,并在实际驾驶场景中评估了其性能,以展示其对先进MDE模型的影响。结果突显了LensAttack对自动驾驶系统深度估计准确性的显著影响。