Collaborative Perception (CP) has been shown to be a promising technique for multi-agent autonomous driving and multi-agent robotic systems, where multiple agents share their perception information to enhance the overall perception performance and expand the perception range. However, in CP, an ego agent needs to receive messages from its collaborators, which makes it vulnerable to attacks from malicious agents. To address this critical issue, we propose a unified, probability-agnostic, and adaptive framework, namely, CP-uniGuard, which is a tailored defense mechanism for CP deployed by each agent to accurately detect and eliminate malicious agents in its collaboration network. Our key idea is to enable CP to reach a consensus rather than a conflict against an ego agent's perception results. Based on this idea, we first develop a probability-agnostic sample consensus (PASAC) method to effectively sample a subset of the collaborators and verify the consensus without prior probabilities of malicious agents. Furthermore, we define collaborative consistency loss (CCLoss) for object detection task and bird's eye view (BEV) segmentation task to capture the discrepancy between an ego agent and its collaborators, which is used as a verification criterion for consensus. In addition, we propose online adaptive threshold via dual sliding windows to dynamically adjust the threshold for consensus verification and ensure the reliability of the systems in dynamic environments. Finally, we conduct extensive experiments and demonstrate the effectiveness of our framework. Code is available at https://github.com/CP-Security/CP-uniGuard.
翻译:协同感知已被证明是多智能体自动驾驶与多智能体机器人系统中一项前景广阔的技术,其中多个智能体共享其感知信息,以提升整体感知性能并扩展感知范围。然而,在协同感知中,自智能体需要接收来自其协作者的信息,这使其易受恶意智能体的攻击。为应对这一关键问题,我们提出了一种统一、概率无关且自适应的框架,即 CP-uniGuard。该框架是每个智能体部署的、专为协同感知设计的防御机制,旨在准确检测并剔除其协作网络中的恶意智能体。我们的核心思想是促使协同感知达成共识,而非与自智能体的感知结果产生冲突。基于这一思想,我们首先开发了一种概率无关的样本共识方法,以有效采样协作者的一个子集,并在无需恶意智能体先验概率的情况下验证共识。此外,我们为物体检测任务和鸟瞰图分割任务定义了协同一致性损失,用以捕捉自智能体与其协作者之间的差异,并将其作为共识验证的准则。另外,我们提出了基于双滑动窗口的在线自适应阈值方法,以动态调整共识验证的阈值,确保系统在动态环境中的可靠性。最后,我们进行了大量实验,验证了我们框架的有效性。代码发布于 https://github.com/CP-Security/CP-uniGuard。