Adversarially Trained Dynamic Ensemble: A Moving Target Defense Strategy for Robust Semantic Segmentation in Autonomous Vehicles

<p dir="ltr">Semantic segmentation is critical for autonomous driving, enabling vehicles to interpret their surroundings and make safe decisions. However, adversarial attacks, such as pixel-level perturbations and adversarial patches, pose significant challenges by exploiting vulnerabilities in segmentation models. To address these threats, we propose Adversarially Trained Dynamic Ensemble Moving Target Defense (ATDE-MTD), a novel defense strategy that combines adversarial training with dynamic model selection based on MTD. ATDE-MTD leverages a diverse pool of child models trained on adversarial samples, dynamically selecting the most confident model for each input to enhance the robustness and introduce unpredictability against attacks. Experimental results on open-source datasets demonstrate that ATDE-MTD significantly improves robustness against adversarial patch and pixel-level attacks while maintaining high performance on clean data. This work offers a robust and adaptive solution for defending semantic segmentation models in autonomous driving applications.</p>