FURI | Spring 2019

The Reinforcement Learning Trojan Horse: Data Poisoning in Autonomous Driving Simulations

Security icon, disabled. A blue padlock, locked.

The objective of this research is to identify the presence of a specific, but potentially catastrophic, mathematical characteristic within a key machine learning aspect of the control system of autonomous vehicles. The conclusions of the study point to the presence of a mechanism in which a malicious adversary could include a seemingly undetectable backdoor into the controller of the autonomous car, enabling them to hack it at a strategic time. The identification of this threat enables autonomous car makers to hold off on the deployment of their fleet until a solution is identified. Future work entails optimizing the mechanism for injecting the backdoor, as well as developing a solution.

Student researcher

Benjamin Danek

Benjamin Perner Danek

Computer science

Hometown: Cupertino, California, United States

Graduation date: Spring 2021