Trojan Attack and Defense for Deep Learning-Based Navigation Systems of Unmanned Aerial Vehicles

Author(s):

Mohammed Mynuddin Sultan Uddin Khan Reza Ahmari Luis Landivar Mahmoud Nabil Mahmoud Abdollah Homaifar

Journal

Institute of Electrical and Electronics Engineers (IEEE)

Abstract

As unmanned aerial vehicles (UAVs) become increasingly integrated across various domains, both military and civilian, safeguarding the security of their navigation systems becomes paramount. In the contemporary age, the prominence of cybersecurity for UAVs has grown due to a rising number of cyberattacks on these systems. Notably, over the past decade, several significant cybersecurity breaches have impacted UAVs due to inadequate vulnerability assessments and security measures. Deep learning (DL)-based algorithms show immense potential for enabling autonomous UAV navigation. However, these algorithms are susceptible to malicious attacks, such as DL-based Trojan attacks, which can compromise the integrity and reliability of UAV navigation systems. This paper addresses potential vulnerabilities in DL-based UAV navigation systems and emphasizes the importance of securing these systems against DL-based Trojan attacks. We design various trigger patterns for collision and steering angle of the DroNet model incorporating adversarial inputs to test the robustness of the deep learning algorithm used for UAV navigation. By simulating potential attacks and studying their effects, we aim to highlight the weaknesses and potential entry points for malicious interference. We assess the effectiveness of Trojan attacks on the DroNet model using poisoned collision and steering angle datasets. Subsequently, we regulate the intensity of the designed triggers and evaluate the performance of the DroNet architecture. Additionally, we propose mitigation strategies to enhance the robustness and security of navigation systems against these attacks. To identify the likelihood of the trained model being trojaned or not, we have developed a Trojan detector and created distinct DroNet Trojan Model Datasets for this purpose. That the DroNet model is vulnerable to DL-based Trojan attacks, as evidenced by the successful manipulation of collision and steering angle predictions. The Trojan detector effectively identifies potential compromises within the model, highlighting the necessity for enhanced security measures. © 2024 The Authors.

Concluding remarks

This experiment underscores the critical need to address the security of real-world applications involving deep learning-based autonomous navigation systems for unmanned aerial vehicles (UAVs), given their susceptibility to attacks. We developed and evaluated Trojan attacks on deep learningbased UAVs, along with an effective detection technique. To create our Trojan dataset, we utilized various trigger patches and combined them with different test datasets to assess the attack success rate. Specifically, we conducted these experiments on the DroNet architecture, which serves as an autonomous navigation system for UAVs. Initially, we trained the DroNet model using Trojan datasets, causing a significant performance drop of 35.6% for the collision dataset. For the steering angle dataset, we measured the root mean square error, which showed a substantial increase of 363.3%. Additionally, we investigated the trojan attack success rate across different pixel intensity values, revealing a clear pattern of decreasing model accuracy and increasing attack success rate with higher pixel intensities. Finally, we introduced a detection technique capable of effectively identifying Trojan models. We evaluated its performance across datasets with varying trigger intensities (ranging from 20% to 100%), including the DroNet_Troj Dataset. Notably, our proposed defense method consistently outperformed, achieving a remarkable 97.34% accuracy on the DroNet_Troj dataset. These analyses have shed light on UAV vulnerabilities that have significant implications for security and privacy concerns.

Reference details

DOI

10.1109/ACCESS.2024.3419800

Resource type

Journal Article

Year of Publication

2024

ISSN Number

2169-3536

Publication Area

Dual-use cybersecurity

Date Published

2024

URL

https://ieeexplore.ieee.org/ie…

How to cite this reference:

Mynuddin, M., Khan, S. U., Ahmari, R., Landivar, L., Mahmoud, M. N., & Homaifar, A. (2024). Trojan Attack and Defense for Deep Learning-Based Navigation Systems of Unmanned Aerial Vehicles. Institute of Electrical and Electronics Engineers (IEEE). https://doi.org/10.1109/ACCESS.2024.3419800 (Original work published 2024)