学术文献库

Recent works have shown that neural networks are vulnerable to carefully crafted adversarial examples (AE). By adding small perturbations to input images, AEs are able to make the victim model predicts incorrect outputs. Several research work in adversarial machine learning started to focus on the detection of AEs in autonomous driving. However, the existing studies either use preliminary assumption on outputs of detections or ignore the tracking system in the perception pipeline. In this paper, we firstly propose a novel distance metric for practical autonomous driving object detection outputs. Then, we bridge the gap between the current AE detection research and the real-world autonomous systems by providing a temporal detection algorithm, which takes the impact of tracking system into consideration. We perform evaluation on Berkeley Deep Drive (BDD) and CityScapes datasets to show how our approach outperforms existing single-frame-mAP based AE detections by increasing 17.76% accuracy of performance.