A Randomized Filtering Strategy Against Inference Attacks on Active Steering Control Systems

You are here

Top Reasons to Join SPS Today!

1. IEEE Signal Processing Magazine
2. Signal Processing Digital Library*
3. Inside Signal Processing Newsletter
4. SPS Resource Center
5. Career advancement & recognition
6. Discounts on conferences and publications
7. Professional networking
8. Communities for students, young professionals, and women
9. Volunteer opportunities
10. Coming soon! PDH/CEU credits
Click here to learn more.

A Randomized Filtering Strategy Against Inference Attacks on Active Steering Control Systems

Ehsan Nekouei; Mohammad Pirani; Henrik Sandberg; Karl H. Johansson

In this paper, we develop a framework against inference attacks aimed at inferring the values of the controller gains of an active steering control system (ASCS). We first show that an adversary with access to the shared information by a vehicle, via a vehicular ad hoc network (VANET), can reliably infer the values of the controller gains of an ASCS. This vulnerability may expose the driver as well as the manufacturer of the ASCS to severe financial and safety risks. To protect controller gains of an ASCS against inference attacks, we propose a randomized filtering framework wherein the lateral velocity and yaw rate states of a vehicle are processed by a filter consisting of two components: a nonlinear mapping and a randomizer. The randomizer randomly generates a pair of pseudo gains which are different from the true gains of the ASCS. The nonlinear mapping performs a nonlinear transformation on the lateral velocity and yaw rate states. The nonlinear transformation is in the form of a dynamical system with a feedforward-feedback structure which allows real-time and causal implementation of the proposed privacy filter. The output of the filter is then shared via the VANET. The optimal design of randomizer is studied under a privacy constraint that determines the protection level of controller gains against inference attacks, and is in terms of mutual information. It is shown that the optimal randomizer is the solution of a convex optimization problem. By characterizing the distribution of the output of the filter, it is shown that the statistical distribution of the filter’s output depends on the pseudo gains rather than the true gains. Using information-theoretic inequalities, we analyze the inference ability of an adversary in estimating the control gains based on the output of the filter. Our analysis shows that the performance of any estimator in recovering the controller gains of an ASCS based on the output of the filter is limited by the privacy constraint. The...

SPS on Twitter

  • The SPS Webinar Series continues of 29 March when Dr. Mauricio Delbracio presents "A Walk Through Image Deblurring:… https://t.co/H1dNvuFgRv
  • COMING SOON: Join us on 9 March when Mr. Sayantan Dutta presents "Novel Prospects of Image Restoration Inspired by… https://t.co/LVYqeWEmLg
  • Happy from SPS! Thank you for doing your part towards furnishing a fairer, more equitable world for your c… https://t.co/63tIxNQQaR
  • There's still time to register your team for the 2023 IEEE Signal Processing Cup! Visit our website and register no… https://t.co/lgOQUjNPbe
  • There is still time to join the 5-Minute Video Clip Contest! Visit our website to learn more and submit your videos… https://t.co/aVUNYfTEF2

SPS Videos

Signal Processing in Home Assistants


Multimedia Forensics

Careers in Signal Processing             


Under the Radar