查看文章

The development of connected and autonomous vehicles (CAV s) relies heavily on deep learning technology, which has been widely applied to perform a variety of tasks in CAYs. On the other hand, deep learning faces some security concerns. Data poisoning attack, as one of the security threats, can compromise the deep learning models by injecting poisoned training samples. The poisoned models may make more false predictions, and may cause fatal accidents of CA V s in the worst case. Therefore, the principles of poisoning attacks are worth studying in order to propose counter measures. In this work, we propose a black-box and clean-label data poisoning attack method that uses hybrid particle swarm optimization with simulated annealing to generate perturbations for poisoning. The attacking method is evaluated by experiments on the deep learning models of traffic sign recognition systems on CA V s, and …