TY - GEN
T1 - BAdvertisement
T2 - 7th IEEE European Symposium on Security and Privacy Workshops, Euro S and PW 2022
AU - Nassi, Ben
AU - Shams, Jacob
AU - Netanel, Raz Ben
AU - Elovici, Yuval
N1 - Publisher Copyright: © 2022 IEEE.
PY - 2022/1/1
Y1 - 2022/1/1
N2 - In this paper, we present bAdvertisement, a novel attack method against advanced driver-assistance systems (ADASs). bAdvertisement is performed as a supply chain attack via a compromised computer in a printing house, by embedding a 'phantom' object in a print advertisement. When the compromised print advertisement is observed by an ADAS in a passing car, an undesired reaction is triggered from the ADAS. We analyze state-of-the-art object detectors and show that they do not take color or context into account in object detection. Our validation of these findings on Mobileye 630 PRO shows that this ADAS also fails to take color or context into account. Then, we show how an attacker can take advantage of these findings to execute an attack on a commercial ADAS, by embedding a phantom road sign in a print advertisement, which causes a car equipped with Mobileye 630 PRO to trigger a false notification to slow down. Finally, we discuss multiple countermeasures which can be deployed in order to mitigate the effect of our proposed attack.
AB - In this paper, we present bAdvertisement, a novel attack method against advanced driver-assistance systems (ADASs). bAdvertisement is performed as a supply chain attack via a compromised computer in a printing house, by embedding a 'phantom' object in a print advertisement. When the compromised print advertisement is observed by an ADAS in a passing car, an undesired reaction is triggered from the ADAS. We analyze state-of-the-art object detectors and show that they do not take color or context into account in object detection. Our validation of these findings on Mobileye 630 PRO shows that this ADAS also fails to take color or context into account. Then, we show how an attacker can take advantage of these findings to execute an attack on a commercial ADAS, by embedding a phantom road sign in a print advertisement, which causes a car equipped with Mobileye 630 PRO to trigger a false notification to slow down. Finally, we discuss multiple countermeasures which can be deployed in order to mitigate the effect of our proposed attack.
KW - Advanced Driver Assistance Systems
KW - Adversarial AI
KW - Supply Chain Attack
KW - Video Camera Spoofing
UR - http://www.scopus.com/inward/record.url?scp=85134178324&partnerID=8YFLogxK
U2 - 10.1109/EuroSPW55150.2022.00045
DO - 10.1109/EuroSPW55150.2022.00045
M3 - Conference contribution
T3 - Proceedings - 7th IEEE European Symposium on Security and Privacy Workshops, Euro S and PW 2022
SP - 376
EP - 383
BT - Proceedings - 7th IEEE European Symposium on Security and Privacy Workshops, Euro S and PW 2022
Y2 - 6 June 2022 through 10 June 2022
ER -