For autonomous vehicles (AVs) to be safe, their systems must not only be accurate but also secure — how do AVs defend against attacks? A group of researchers from the Donald Bren School of Information and Computer Sciences (ICS) is exploring this, looking in particular at GPS spoofing attacks. The group recently received the Distinguished Poster Presentation Award for new work at the Network and Distributed System Security (NDSS) Symposium, a top-tier academic conference in computer security.
The poster, “Security Analysis of Multi-Sensor Fusion based Localization in Autonomous Vehicles,” was presented by computer science Ph.D. student Junjie Shen. It is the result of his collaboration with fellow graduate student Jun Yeon Won, Shinan Liu of the University of Electronic Science and Technology of China, and UCI Computer Science Professors Alex Veidenbaum and Qi Alfred Chen.
“I was very surprised when I saw our names on the screen, since there were so many excellent works in the poster session,” says Shen. “I think the reason we got this award is largely due to the importance of the work.”
Their work analyzes the security property of the localization module in AVs. As Shen explains, “localization is the process the AV uses to estimate its current location, which serves as a basis for other components in the AV system such as obstacle perception and path planning.” According to Shen, current AV systems usually adopt a multi-sensor fusion (MSF) algorithm that can combine data from multiple sensors to provide localization estimates with centimeter-level accuracy.
“We leveraged a classic and practical sensor attack vector called GPS spoofing in our security analysis of the MSF,” says Shen. Their initial results show that GPS spoofing can cause estimate errors of up to 2 meters in 10 seconds, which he says is large enough for the vehicle to move into the “wrong traffic lane and make incorrect or even unsafe driving decisions.”
The researchers are currently working on the full paper for the project, which will include additional analyses and several defense recommendations for this type of attack.
— Shani Murray