{"created":"2025-01-19T01:45:11.777634+00:00","updated":"2025-03-06T05:32:02.760443+00:00","metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00240800","sets":["6164:6165:6462:11854"]},"path":["11854"],"owner":"11","recid":"240800","title":["自動運転システムのセキュリティ評価プラットフォーム Overpass による敵対的攻撃の E2E 評価"],"pubdate":{"attribute_name":"PubDate","attribute_value":"2024-10-15"},"_buckets":{"deposit":"6453c950-49b6-4c0b-a604-9c5c69596e2c"},"_deposit":{"id":"240800","pid":{"type":"depid","value":"240800","revision_id":0},"owners":[11],"status":"published","created_by":11},"item_title":"自動運転システムのセキュリティ評価プラットフォーム Overpass による敵対的攻撃の E2E 評価","author_link":["661370","661371","661372","661373","661374","661375","661376","661377","661378","661379","661380","661381","661382","661383"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"自動運転システムのセキュリティ評価プラットフォーム Overpass による敵対的攻撃の E2E 評価","subitem_title_language":"ja"},{"subitem_title":"Overpass: End-to-End Evaluation of Adversarial Attacks with an Autonomous Driving Security Assessment Platform","subitem_title_language":"en"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"自動運転，セキュリティ，標識認識，E2E 評価","subitem_subject_scheme":"Other"}]},"item_type_id":"18","publish_date":"2024-10-15","item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"item_18_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"早稲田大学／デロイト トーマツ サイバー合同会社"},{"subitem_text_value":"デロイト トーマツ サイバー合同会社"},{"subitem_text_value":"早稲田大学"},{"subitem_text_value":"早稲田大学"},{"subitem_text_value":"早稲田大学"},{"subitem_text_value":"デロイト トーマツ サイバー合同会社"},{"subitem_text_value":"早稲田大学／NICT／理研AIP"}]},"item_18_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"Waseda University / Deloitte Tohmatsu Cyber LLC","subitem_text_language":"en"},{"subitem_text_value":"Deloitte Tohmatsu Cyber LLC","subitem_text_language":"en"},{"subitem_text_value":"Waseda University","subitem_text_language":"en"},{"subitem_text_value":"Waseda University","subitem_text_language":"en"},{"subitem_text_value":"Waseda University","subitem_text_language":"en"},{"subitem_text_value":"Deloitte Tohmatsu Cyber LLC","subitem_text_language":"en"},{"subitem_text_value":"Waseda University/NICT/RIKEN AIP","subitem_text_language":"en"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/240800/files/IPSJ-CSS2024054.pdf","label":"IPSJ-CSS2024054.pdf"},"date":[{"dateType":"Available","dateValue":"2026-10-15"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJ-CSS2024054.pdf","filesize":[{"value":"1.7 MB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"660","billingrole":"5"},{"tax":["include_tax"],"price":"330","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"30"},{"tax":["include_tax"],"price":"0","billingrole":"46"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"6a512b10-4a3d-48fb-a3e9-0df897318292","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2024 by the Information Processing Society of Japan"}]},"item_18_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"野本, 一輝"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"福永, 拓海"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"鶴岡, 豪"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"小林, 竜之輔"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"田中, 優奈"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"神薗, 雅紀"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"森, 達哉"}],"nameIdentifiers":[{}]}]},"item_18_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Kazuki, Nomoto","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Takumi, Fukunaga","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Go, Tsuruoka","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Ryunosuke, Kobayashi","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Yuna, Tanaka","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Masaki, Kamizono","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Tatsuya, Mori","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_5794","resourcetype":"conference paper"}]},"item_18_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"自動運転システムは，Adversarial Example (AE) 攻撃に脆弱であることが知られている．多くの既存研究では，自動運転システムのセンシングから認識，経路計画，制御に至るまでのエンドツーエンド (E2E) の評価が十分に行われておらず，攻撃のリスクを正確に評価できていない．この理由として，自動運転システムの E2E 評価を実現するプラットフォームが整備されていないことが挙げられる．本稿では，自動運転システムのセキュリティ評価プラットフォーム Overpass を提案し，AE 攻撃が自動運転システムに与える影響について，E2E 評価を行った．その結果，既存研究で行われてきた物体検出器単体に対する評価のみでは，AE 攻撃が行われたときの自動運転車両のリスクを正しく評価することはできず，車両やシステムの様々なパラメータを考慮した網羅的な評価の重要性を明らかにした．具体的には，物体検出器単体への攻撃成功率が 80% 以下のとき，AE 攻撃は E2E での自動運転車両の挙動に影響を与えないことが確認された．また，検出頻度が低いとき，物体検出器の攻撃成功率が低い状況においても，E2E での攻撃成功率が高くなることが明らかとなった．","subitem_description_type":"Other"}]},"item_18_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"Autonomous driving systems have been demonstrated to be vulnerable to Adversarial Example (AE) attacks; however, existing research often lacks comprehensive end-to-end (E2E) evaluations.In this paper, we propose a security evaluation platform Overpass and conduct an E2E assessment to examine the impact of AE attacks on autonomous driving systems. Our findings indicate that evaluations focused solely on object detectors fail to accurately assess the associated risks. It revealed the importance of comprehensive evaluations that take into account various vehicle and system parameters.  Specifically, our results reveal that even when the attack success rate against the object detector is below 80%, AE attacks may not significantly impact the E2E behavior of the autonomous vehicle. Furthermore, it was observed that lower detection frequencies can lead to a higher E2E attack success rate, even when the attack success rate against the object detector is low.","subitem_description_type":"Other"}]},"item_18_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"400","bibliographic_titles":[{"bibliographic_title":"コンピュータセキュリティシンポジウム2024論文集"}],"bibliographicPageStart":"393","bibliographicIssueDates":{"bibliographicIssueDate":"2024-10-15","bibliographicIssueDateType":"Issued"}}]},"relation_version_is_last":true,"weko_creator_id":"11"},"id":240800,"links":{}}