Takami Sato, Ningfei Wang (University of California, Irvine), Yueqiang Cheng (NIO Security Research), Qi Alfred Chen (University of California, Irvine)
Automated Lane Centering (ALC) is one of the most popular autonomous driving (AD) technologies available in many commodity vehicles. ALC can reduce the human driver’s efforts by taking over their steering work. However, recent research alerts that ALC can be vulnerable to off-road attacks that lead victim vehicles out of their driving lane. To be secure against off-road attacks, this paper explores the potential defense capability of low-quality localization and publicly available maps against off-road attacks against autonomous driving. We design the first map-fusion-based off-road attack detection approach, LaneGuard, LaneGuard detects off-road attacks based on the difference between the observed road shape and the driver-predefined route shape. We evaluate LaneGuar on large-scale real-world driving traces consisting of 80 attack scenarios and 11,558 benign scenarios. We find that LaneGuard can achieve an attack detection rate of 89% with a 12% false positive rate. In real-world highway driving experiments, LaneGuard exhibits no false positives while maintaining a near-zero false negative rate against simulated attacks.