Cyber-physical Adversarial Attacks and Countermeasures for Deep Learning Vision Systems on Critical Infrastructures

E. Kafali
K. Zafirouli
K. Karageorgos
T. Semertzidis
P. Daras
Cyber-Physical Threat Intelligence for Critical Infrastructures Security: Securing Critical Infrastructures in Air Transport, Water, Gas, Healthcare, Finance and Industry, edited by J. Soldatos, I. Praca, A. Jovanovic, Boston-Delft: now publishers, 2021.


Advanced smart equipment and intelligent deep learning systems are nowadays used with great success in numerous applications. Among them they have also introduced in the operational environments of critical infrastructures. Deep learning (DL) models significantly outperform most of the "old school" machine learning methods or automate activities that until now relied on humans. DL-based Computer Vision systems are among the most popular ones for industrial applications that range from the actual security and surveillance of the site to the operation of workshops, such as robot assisted assemblies or vision-based quality control. However, DL models may be vulnerable to cyber or physical attacks that are difficult to detect or mitigate if not designed properly. These so call adversarial attacks and their countermeasures are now a novel research field that needs consideration by all DL-based systems and especially by those used in critical infrastructures. This book chapter is focusing on the presentation and analysis of deep learning-based computer vision models, their possible adversarial attacks and countermeasures.