Annual Computer Security Applications Conference 2021
DOI: 10.1145/3485832.3488016
|View full text |Cite
|
Sign up to set email alerts
|

They See Me Rollin’: Inherent Vulnerability of the Rolling Shutter in CMOS Image Sensors

Abstract: In this paper, we describe how the electronic rolling shutter in CMOS image sensors can be exploited using a bright, modulated light source (e.g., an inexpensive, off-the-shelf laser), to inject finegrained image disruptions. We demonstrate the attack on seven different CMOS cameras, ranging from cheap IoT to semi-professional surveillance cameras, to highlight the wide applicability of the rolling shutter attack. We model the fundamental factors affecting a rolling shutter attack in an uncontrolled setting. W… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1
1

Citation Types

0
6
0

Year Published

2022
2022
2024
2024

Publication Types

Select...
7
2

Relationship

0
9

Authors

Journals

citations
Cited by 16 publications
(16 citation statements)
references
References 44 publications
0
6
0
Order By: Relevance
“…The attack is remote and does not require any firmware access or information about the images captured by the camera in the victim CAV. However, we assume the attacker has access to, or can purchase, a similar camera, and can empirically study and infer the properties of the camera as in previous work [14], [58]. We assume that the attacker has knowledge of the traffic sign recognition model used by the victim CAV and has black-box access to it as an oracle (for example, by reverse-engineering the vehicle communication [59]).…”
Section: Threat Model and Attacker Capabilitiesmentioning
confidence: 99%
“…The attack is remote and does not require any firmware access or information about the images captured by the camera in the victim CAV. However, we assume the attacker has access to, or can purchase, a similar camera, and can empirically study and infer the properties of the camera as in previous work [14], [58]. We assume that the attacker has knowledge of the traffic sign recognition model used by the victim CAV and has black-box access to it as an oracle (for example, by reverse-engineering the vehicle communication [59]).…”
Section: Threat Model and Attacker Capabilitiesmentioning
confidence: 99%
“…Prior works use such attack vector to project malicious light spots in the camera image such that it can misguide the camera localization [67] or object detection [67,72]. Moreover, some prior works also use it to cause camera effects such as lens flare [58] and rolling shutter effect [68] in order to fool the object detection. • Acoustic signal has been shown to disrupt or control the outputs of Inertial Measurement Units (IMUs) [99,100].…”
Section: Sensor Attack Vectorsmentioning
confidence: 99%
“…This is the most restrictive setting where the attacker cannot access any of the internals in the AD vehicle. Prior works that belong to this category are either transferbased attacks [66,69], which generate attack inputs based on local white-box models, or the ones that do not require any model-level knowledge in attack generation [68,81].…”
Section: Sensor Attack Vectorsmentioning
confidence: 99%
“…Targeted Component Component-level System-level Lu et al [27] object detection ✓ Eykholt et al [12] object detection ✓ Chen et al [7] object detection ✓ Zhao et al [48] object detection ✓ Xiao et al [44] object detection ✓ Zhang et al [47] object detection ✓ Nassi et al [30] object detection ✓ ✓ Man et al [28] object detection ✓ Hong et al [17] object detection ✓ Huang et al [19] object detection ✓ Wu et al [43] object detection ✓ Xu et al [45] object detection ✓ Hu et al [18] object detection ✓ Hamdi et al [16] object detection ✓ Ji et al [21] object detection ✓ Lovisotto et al [26] object detection ✓ Köhler et al [23] object detection ✓ Wang et al [40] object detection ✓ Zolfi et al [51] object detection ✓ Wang et al [41] object detection ✓ Zhu et al [50] object detection ✓ Wang et al [42] Traffic light detection ✓ Tang et al [39] Traffic light detection ✓ those in Table I), a component-level success rate of up to 98% can still be not enough to affect object tracking results. Thus, we believe that such current general lack of systemlevel evaluation is a critical scientific methodology-level gap that should be addressed as soon as possible.…”
Section: Papermentioning
confidence: 99%