Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Understanding Impacts of Electromagnetic Signal Injection Attacks on Object Detection

Youqian Zhang, Chunxi Yang, Eugene Y. Fu, Qinhong Jiang, Chen Yan, Sze-Yiu Chau, Grace Ngai, Hong-Va Leong, Xiapu Luo, Wenyuan Xu

TL;DR

The paper investigates electromagnetic signal injection attacks (ESIA) on object detection in real-world scenes, building a portable ESIA device and collecting authentic under-attack data (AUT) alongside the GlitchHiker REP dataset for comparison. It evaluates three representative detectors—Faster R-CNN (two-stage), YOLOv8 (one-stage), and Co-DETR (transformer-based)—all pre-trained on COCO and then tested on attacked images, with fine-tuning on target data. The results show a consistent decline in detection performance ($mAP$) under ESIA across models; fine-tuning improves performance in non-attack conditions but does not fully counteract the attack, with Co-DETR generally the most robust and YOLOv8/Faster R-CNN more vulnerable. The study highlights hardware-level security concerns for safety-critical systems and emphasizes the need for defenses against ESIA, even for advanced transformer-based detectors.

Abstract

Object detection can localize and identify objects in images, and it is extensively employed in critical multimedia applications such as security surveillance and autonomous driving. Despite the success of existing object detection models, they are often evaluated in ideal scenarios where captured images guarantee the accurate and complete representation of the detecting scenes. However, images captured by image sensors may be affected by different factors in real applications, including cyber-physical attacks. In particular, attackers can exploit hardware properties within the systems to inject electromagnetic interference so as to manipulate the images. Such attacks can cause noisy or incomplete information about the captured scene, leading to incorrect detection results, potentially granting attackers malicious control over critical functions of the systems. This paper presents a research work that comprehensively quantifies and analyzes the impacts of such attacks on state-of-the-art object detection models in practice. It also sheds light on the underlying reasons for the incorrect detection outcomes.

Understanding Impacts of Electromagnetic Signal Injection Attacks on Object Detection

TL;DR

The paper investigates electromagnetic signal injection attacks (ESIA) on object detection in real-world scenes, building a portable ESIA device and collecting authentic under-attack data (AUT) alongside the GlitchHiker REP dataset for comparison. It evaluates three representative detectors—Faster R-CNN (two-stage), YOLOv8 (one-stage), and Co-DETR (transformer-based)—all pre-trained on COCO and then tested on attacked images, with fine-tuning on target data. The results show a consistent decline in detection performance () under ESIA across models; fine-tuning improves performance in non-attack conditions but does not fully counteract the attack, with Co-DETR generally the most robust and YOLOv8/Faster R-CNN more vulnerable. The study highlights hardware-level security concerns for safety-critical systems and emphasizes the need for defenses against ESIA, even for advanced transformer-based detectors.

Abstract

Object detection can localize and identify objects in images, and it is extensively employed in critical multimedia applications such as security surveillance and autonomous driving. Despite the success of existing object detection models, they are often evaluated in ideal scenarios where captured images guarantee the accurate and complete representation of the detecting scenes. However, images captured by image sensors may be affected by different factors in real applications, including cyber-physical attacks. In particular, attackers can exploit hardware properties within the systems to inject electromagnetic interference so as to manipulate the images. Such attacks can cause noisy or incomplete information about the captured scene, leading to incorrect detection results, potentially granting attackers malicious control over critical functions of the systems. This paper presents a research work that comprehensively quantifies and analyzes the impacts of such attacks on state-of-the-art object detection models in practice. It also sheds light on the underlying reasons for the incorrect detection outcomes.
Paper Structure (11 sections, 7 figures, 3 tables)

This paper contains 11 sections, 7 figures, 3 tables.

Table of Contents

  1. Introduction
  2. Experimental Attack Device
  3. Electromagnetic Signal Injection Attacks
  4. Colored Strips Across Images
  5. Attack Device Implementation
  6. Dataset
  7. Object Detection Models
  8. Experiment and Results
  9. Performance Metrics
  10. Results and Discussion
  11. Conclusion

Figures (7)

  • Figure 1: (a) An image sensor captures and converts the intensity of light into electrical signals, which are further transmitted to a CPU (and/or GPU) by cables for processing and object detection. Cyber-physical attacks often target on jamming the data transmission to cause perturbations onto images, leading to incorrect object detection. (b) An example under attack image.
  • Figure 2: Under attack, for example, the second row of pixels is lost, leading to a colored strip in the image.
  • Figure 3: An example attack process.
  • Figure 4: CoDETR failed to detect labeled truck
  • Figure 5: Detection Result Visualisation
  • ...and 2 more figures