Designed to demonstrate security issues and convince manufacturers to safeguard their products, the MadRadar system can fool automotive radar sensors “into believing almost anything”, according to its creators at Duke University in North Carolina.
The technology can hide the approach of a real car, create a ‘phantom’ car, or even trick the radar into thinking a real car has quickly deviated from its actual course.
It can achieve these feats “in the blink of an eye”, the researchers said, with no prior knowledge about the specific settings of the victim’s radar. This makes it “the most troublesome threat to radar security to date”, they added.
“Without knowing much about the targeted car’s radar system, we can make a fake vehicle appear out of nowhere or make an actual vehicle disappear in real-world experiments,” said research leader Miroslav Pajic.
“We’re not building these systems to hurt anyone, we’re demonstrating the existing problems with current radar systems to show that we need to fundamentally change how we design them.”
Raising the possibility of criminals hijacking vehicles to make them deliberately crash, causing harm to occupants or allowing them to steal the vehicle, the MadRadar system sends rogue radar signals to targets.
In modern cars that feature assistive and autonomous driving systems, radar is typically used to detect moving vehicles in front of and around the vehicle. It also augments visual and laser-based systems that detect moving vehicles.
Because there are so many different cars using radar on a typical road, it is unlikely that any two vehicles will have the exact same operating parameters, even if they share a make and model. They might use slightly different operating frequencies or take measurements at slightly different intervals, for example. Because of this, previous demonstrations of radar-spoofing systems have needed to know the specific parameters being used.
“Think of it like trying to stop someone from listening to the radio,” said Pajic. “To block the signal or to hijack it with your own broadcast, you’d need to know what station they were listening to first.”
The Duke team’s new system can reportedly detect a car’s radar parameters in less than a quarter of a second. Once they have been discovered, the system can send out its own radar signals to fool the target’s radar.
In one demonstration, MadRadar sent signals to the target car to make it perceive a car that did not actually exist. This involved modifying the signal’s characteristics based on time and velocity, mimicking what a real contact would look like.
In a much more complicated example, the system fooled the target’s radar into thinking the opposite – that there was no passing car where one actually existed. It achieved this by adding ‘masking signals’ around the car’s location, creating a ‘bright spot’ that confused the radar system.
“You have to be judicious about adding signals to the radar system, because if you simply flooded the entire field of vision, it’d immediately know something was wrong,” said David Hunt, a PhD student working in Pajic’s lab.
In a third kind of attack, the researchers mixed the two approaches to make it seem as though an existing car had suddenly changed course.
The team recommended that carmakers try randomising a radar system’s operating parameters over time and add safeguards to the processing algorithms to spot similar attacks.
“Imagine adaptive cruise control, which uses radar, believing that the car in front of me was speeding up, causing your own car to speed up, when in reality it wasn’t changing speed at all,” said Pajic. “If this were done at night, by the time your car’s cameras figured it out you’d be in trouble.”
Each of the attack demonstrations were done on real-world radar systems in actual cars moving at typical road speeds.
This research was supported by the US Office of Naval Research, the US Air Force Office of Scientific Research, the US National Science Foundation, and the US National AI Institute for Edge Computing Leveraging Next Generation Wireless Networks.
The work will be published at the 2024 Network and Distributed System Security Symposium, taking place 26 February – 1 March in San Diego, California.
Want the best engineering stories delivered straight to your inbox? The Professional Engineering newsletter gives you vital updates on the most cutting-edge engineering and exciting new job opportunities. To sign up, click here.
Content published by Professional Engineering does not necessarily represent the views of the Institution of Mechanical Engineers.