The world’s leading publication for data science, AI, and ML professionals.

Generative Adversarial Networks (GAN) Serve Safety and Cybersecurity

A new AI approach to improving the safety and cybersecurity of self-driving cars

Photo by Tara Winstead from Pexels
Photo by Tara Winstead from Pexels

Unknown unknowns are a significant safety dilemma for an autonomous vehicle. The question is how to determine which driving scenarios have not yet been considered in the entire development process. Validation of self-driving cars demands identifying and testing unknown scenarios as much as possible. We must answer the same question in developing Cybersecurity for autonomous vehicles. There are always possible unknown attacks that need to be considered and addressed in the early phase of the project. However, security development activities intend offline analysis, design, implementation, and validation. Predicting possible attacks in the future is not yet state of the art in safety and security development. Applying AI approaches to predict potential future attacks or failure is the best solution.

Generative Adversarial Networks (GAN), an area of machine learning, is a new method to protect the system from attacks and build safer systems. GAN can learn to generate new samples from the input data set, compare them with the labeled real-world data, and decide whether they are realistic or fake. GAN consists of two neural networks, a generator, and a discriminator. GAN is a generative approach used in many applications, such as the generation of human faces or cartoon characters and many other photographic applications.

This method can also generate fake information, images, etc., which is not acceptable by society but inevitable. Cybersecurity measures should be at least one step ahead of cyberattacks to differentiate between real or fake information, images or videos.

Generator versus Discriminator

A generator is responsible for generating new samples, and a discriminator has a classification role in comparing generated samples with the labeled real-world data. Both generator and discriminator models must optimize the classification rate at training time. The discriminator model minimizes the classification error rate, and the generator model maximizes the classification error rate.

Training data sets are known to both the generator and the discriminator and are real-world data, but the generator’s output contains real and fake data. It must be classified by the discriminator using a semi-supervised approach. Data scientists train two models simultaneously. If the classification in the discriminator has failed, the parameters of the generator model should be updated using backpropagation. Both generator and discriminator models optimize the same parameter but oppositely based on the zero-sum concept.

GAN approach to ensuring safety and security in self-driving car technology

Hacking unmanned vehicles are more critical than the vehicle where the driver is present in the car. Depending on the type of attack, attackers can modify vehicle navigation, reactions, collect specific sensor data, etc. Learning from existing attacks is a very similar concept in the GAN approach. The generator creates new possible attacks based on attacks already observed.

GAN can generate realistic traffic scenarios to improve system validation or robust system behavior. We can apply GAN to produce more reliable products using sensor modeling.

In this article, I do not differentiate between Safety and security, as both can lead to a hazard that has to be assessed by developers. The difference between security and safety is the attacker’s intent. Security and safety have more in common than differences.

GAN proposed as a cybersecurity or safety measure in the following use cases:

Image processing:

The generation of synthetic data by GAN aids in the validation of image processing modules applied for object classification or user authentication. The same also applies to the image data captured by the camera. The generator can produce many real images that are difficult to find or simulate in a real-world environment. For example, using a deep learning classification algorithm can misclassify a speed limit sign with a different speed limit, as described in the European Commission’s Autonomous Vehicle Testing and Certification Report. This report proposes a GAN approach for eliminating adversarial perturbations.

Scenario-based validation:

Autonomous vehicles require a new validation approach for many reasons, for example, the unavailability of the driver to take responsibility as a fallback solution in the car for safety and security reasons. Another purpose is the lack of knowledge about unknown scenarios at design and validation time. Identifying such worst-case scenarios is a significant challenge for the self-driving car validation team to ensure that all critical situations have already been analyzed and adequately respond to the hazard. As described in this paper, GAN can generate new and realistic trajectories. The GAN approach adapted from the image domain to a time domain to create valid trajectories.

Improvement of the robustness:

We need more sensors in fully autonomous vehicles than an assistance function in the car, such as the lane assist in a partially automated vehicle. Therefore an autonomous vehicle is more affected by cyber attacks. We should guarantee the robustness of a system under safety and security aspects in the event of an attack. This paper described a GAN approach to improve system robustness. This approach used incorrect data to violate the safety goal of maintaining a safe distance from other road users. An autonomous vehicle validates the distance variation using the GAN approach, and a reinforcement learning algorithm decides to keep the proper distance to the other road users.

Sensor modeling:

Verifying and validating sensors for autonomous vehicles using real-world data is a complex task. The simulation of possible scenarios is mandatory for validating a self-driving car. This paper discusses the application of the GAN approach in sensor production. This method of sensor modeling creates production sensor errors intentionally to find the long-term correlations.

How to keep data reliable

Any data is a source of an attack scenario. The distinction between real-world and fake data is easier to manage with the GAN approach. An advanced generative model that has already learned to generate data with a low classification error rate can generate fake data to deceive any system and check whether the target system is robust enough against synthetic attacks.

GAN could be a tool to argue for assessors about the resilience of systems against cyberattacks. A process not only for identified attack scenarios but also for possible future attack scenarios that criminals do not yet use. This approach is a new trend that will soon significantly impact safety and security standards and development activities. As the GAN approach evolves, we also support attackers and equip them with a new weapon. We have to find a solution to stay at least one step ahead of cyber attackers.

Many derivatives of GAN such as CGAN (Conditional GAN), WGAN (Wasserstein GAN) and LSTM-GAN (Long Short-Term Memory GAN), and several others that are based on generative and discriminative models are available and all can address and solve safety and security issues. A generative process like GAN is a valuable tool for engineers developing applications where data augmentation helps improve the function’s quality, availability, and efficiency.

Get an email whenever Behzad Benam publishes.


Related Articles