machine learning

Split-Second Phantom Images Fool Autopilots

Split-Second Phantom Images Fool Autopilots

Researchers are tricking autopilots by inserting split-second images into roadside billboards.

Researchers at Israel’s Ben Gurion University of the Negev … previously revealed that they could use split-second light projections on roads to successfully trick Tesla’s driver-assistance systems into automatically stopping without warning when its camera sees spoofed images of road signs or pedestrians. In new research, they’ve found they can pull off the same trick with just a few frames of a road sign injected on a billboard’s video. And they warn that if hackers hijacked an internet-connected billboard to carry out the trick, it could be used to cause traffic jams or even road accidents while leaving little evidence behind.


In this latest set of experiments, the researchers injected frames of a phantom stop sign on digital billboards, simulating what they describe as a scenario in which someone hacked into a roadside billboard to alter its video. They also upgraded to Tesla’s most recent version of Autopilot known as HW3. They found that they could again trick a Tesla or cause the same Mobileye device to give the driver mistaken alerts with just a few frames of altered video.

The researchers found that an image that appeared for 0.42 seconds would reliably trick the Tesla, while one that appeared for just an eighth of a second would fool the Mobileye device. They also experimented with finding spots in a video frame that would attract the least notice from a human eye, going so far as to develop their own algorithm for identifying key blocks of pixels in an image so that a half-second phantom road sign could be slipped into the “uninteresting” portions.

The paper:

Abstract: In this paper, we investigate “split-second phantom attacks,” a scientific gap that causes two commercial advanced driver-assistance systems (ADASs), Telsa Model X (HW 2.5 and HW 3) and Mobileye 630, to treat a depthless object that appears for a few milliseconds as a real obstacle/object. We discuss the challenge that split-second phantom attacks create for ADASs. We demonstrate how attackers can apply split-second phantom attacks remotely by embedding phantom road signs into an advertisement presented on a digital billboard which causes Tesla’s autopilot to suddenly stop the car in the middle of a road and Mobileye 630 to issue false notifications. We also demonstrate how attackers can use a projector in order to cause Tesla’s autopilot to apply the brakes in response to a phantom of a pedestrian that was projected on the road and Mobileye 630 to issue false notifications in response to a projected road sign. To counter this threat, we propose a countermeasure which can determine whether a detected object is a phantom or real using just the camera sensor. The countermeasure (GhostBusters) uses a “committee of experts” approach and combines the results obtained from four lightweight deep convolutional neural networks that assess the authenticity of an object based on the object’s light, context, surface, and depth. We demonstrate our countermeasure’s effectiveness (it obtains a TPR of 0.994 with an FPR of zero) and test its robustness to adversarial machine learning attacks.

Sidebar photo of Bruce Schneier by Joe MacInnis.

I created my own deepfake—it took two weeks and cost $552

Compliance services

Awareness is key

There are many statutory, regulatory and elective compliance standards. ITSecurity.Org have worked with all of the security related standards and can deliver cost-effectively, flexibly according to business requirements. Choose the specific compliance requirement below for more information on how we can deliver for you.


The Information Security Management Systems Standards (ISMS).


The more detailed Information Security Management Systems Standards (ISMS).


The EU requirements for privacy and data protection.


The standard for Business Continuity.


Standard for merchants taking electronic payments.

Data Protection Act 1998/2018

The UK statutory requirements for Data Protection.

Delivery throughout the compliance life cycle

To keep operations running smoothly, you need to be compliant in every aspect of your business. We help business owners understand how to be compliant and empower their employees to follow and understand the most up-to-date rules and regulations. We’re here to guide you every step of the way.


Accessible documentation including policies, standards, procedures, guidelines and training.

Defined Processes

Tailored processes aligned with your business and internal practices.

Security audits

Audit preparation and support to ensure your business passes compliance requirements.

Bespoke training

Specialised training for your business, targeting all areas regardless of role.

Run a better business

One of the most important aspects around Data Protection is training personnel to be compliant and remain compliant. people are often the weakest link with 35% of all incidents caused through personnel whether deliberately or accidentally. This is why it is so important to your organisation to ensure that your personnel receive the compliance training that they need.


It all comes down to retaining knowledge. We give businesses training in the ever-changing world of compliance. Helping you stay up to date and address changes before they become problems.

  • Wide range of resources specific to your organisation: documentation, videos, photos, images, PowerPoint slides and quizzes are just a few ways we can help. 
  • We can turn all your resource into an engaging educational training product.
  • Integration into your Learning Management System (LMS) using our Moodle publishing platform or your training can be hosted on our training platform.

Transform the way you manage your business

With us, you can skip the headache and be confident that your business is compliant. We take the pressure off of you and guide you through the compliance life-cycle one step at a time.

data protection officer

We have a proven track record of successful delivery with a wide range of clients.

  • Across different industries and all size organisations, meeting specific business objectives and goals.
  • Methodologies, tools, processes and documents off-the-shelf to save you cost, time and effort in achieving your compliance requirements.
  • Experienced consultants that have successfully delivered in challenging environments.
  • Delivering only what you need, saving costs, time and effort.

We have a proven track record of successful delivery with a wide range of clients.

  • Delivery across all, or part of, the compliance life-cycle.
  • Delivery of bespoke requirements.
  • Friendly and accessible engagement.
  • Entirely focused on delivering according to your business objectives.

Our approach

We are flexible and modular. This means that we can flex and size according to your business requirements.



We understand your business objectives and engage with the stakeholders and customers that have a vested interest in compliance and can help with successful delivery.



Having understood your business objectives we are in a position to present what success looks like. We take on-board comments and modify as a result. The outcome is a strategy and plan for successful delivery.



We then can present the working methodologies, tools, processes, documents and training to implement your compliance requirements.


Auditing and Monitor

We can now support you in the final audit being available to present the audit on your behalf or to lend assistance.

As a result of the audit, any further improvements can be quickly and easily implemented.

Other services
Contact us

Archaeologists found 143 more images among the Nazca Lines

Archaeologists have rediscovered 143 more enormous drawings called geoglyphs etched on the rocky ground of Peru’s Nazca Desert, with one of the finds coming courtesy of a machine-learning algorithm. The new images emphasize how much ancient art lies on the 450 square kilometer (280 square mile) Nazca Desert and how much of it archaeologists still need to find and document. Masato Sakai, an archaeologist from Yamagata University in Japan, and his colleagues say mapping the Nazca Lines could yield clues about their purpose.

No, it’s not an alien

It’s almost poetic that the first Nazca geoglyph spotted by AI apparently depicts a human—or at least something that looks humanoid. The five-meter-long figure shows up very faintly in aerial photos; if you don’t know it’s there, you’d probably miss it. With a little digital image enhancement, though, the geoglyph is a solid figure in a tall headdress holding a stick. Two thousand years after the fact, archaeologists aren’t yet sure what the stick is for; it could be a weapon or something used in a ritual. For that matter, the figure could turn out to be a god or a spirit, rather than a person.

IBM’s Watson Machine Learning Community Edition learned what Nazca geoglyphs looked like by analyzing aerial photos of the ones archaeologists have already documented. Then Sakai and his colleagues handed the algorithm a massive set of high-resolution aerial photos of the desert floor. It searched for features—shapes, patterns of light and dark contrast, and others—that looked like those of the geoglyphs it had seen before. The algorithm pointed out several shapes that might be geoglyphs, and Sakai and his colleagues chose one—the person in the headdress—to investigate in person.

Aerial and satellite photos make it easier to search vast swaths of the desert for geoglyphs. But those images add up to a daunting mountain of data, and combing through that mountain is a slow process for humans. Sakai and his colleagues hope AI can speed up the process of mapping the Nazca Lines. Although the headdress-wearer is an impressive find, the future of AI in the Nazca Desert depends on how often the algorithm incorrectly identifies a site and how many real glyphs it misses. That’s information that Sakai and his colleagues haven’t shared yet. But this isn’t the first time that machine learning has been used in archaeology, so there’s good reason to be optimistic about its prospects.

Location, location, location

One hundred and forty-two more geoglyph discoveries are the product of many seasons of fieldwork and countless hours spent poring over aerial photos. They include enormous geometric designs, along with stylized alpacas or llamas, birds, cats, fish, foxes, monkeys, snakes, and humans. The largest stretches across 500 meters (330 feet) of desert, while the smallest covers just five meters (16 feet).

The new finds could help archaeologists figure out what at least some of the Nazca’s spectacular landscape-scale artwork was actually for. Between 1,000 and 2,000 years ago, the Nazca people created hundreds of shapes by scraping dark red pebbles away from the desert’s surface to expose the lighter soil beneath. The images of animals, plants, and geometric shapes each stretch dozens or hundreds of meters across the desert floor, and some require a bird’s-eye view to fully appreciate. Archaeologists knew about just 30 of these geoglyphs when the Nazca Lines became a UNESCO World Heritage Site in 1994, but since then, the number has risen to over 900.

Sakai and his colleagues suggest that some of the smaller figures, like the person in the headdress, may once have been signposts or travel markers. The headdress-wearer is part of a whole category of geoglyphs that tend to turn up along paths and on slopes, where passersby on foot can clearly see them from the right vantage point. Like the headdress-wearer, these geoglyphs are mostly animals and people, with solid, filled-in shapes instead of outlines, and they’re usually less than 50 meters (165 feet) long.

The larger geoglyphs, on the other hand, tend to be geometric designs or huge outlines of animals on the desert floor. Most of them are so big—up to 100 meters (330 feet) wide—that people on foot would have trouble seeing the entire shape all at once.

The ground inside and around several of the huge shapes is littered with ancient potsherds, dating between 100 BCE and 100 CE. Sakai and his colleagues suggest that the huge shapes on the ground may have marked places for rituals and gatherings.

To test that idea, Sakai and his colleagues need more information about how the geoglyphs are arranged on the desert landscape. For one thing, if the small, filled-in figures turn up in places that don’t make sense for travel markers, then the researchers will need to rethink that explanation. To get the information they need, the archaeologists plan to keep surveying the Nazca Desert on foot, mapping the ancient geoglyphs.

But they’ll also turn to another AI for help. Another IBM platform called PAIRS will use a decade’s worth of survey data to create a map of every known geoglyph on the Nazca Desert, then search for patterns in their distribution.

Mapping the geoglyphs may also help protect them in the long run. In order to preserve the geoglyphs, authorities first need to know where they all are and which ones are most at risk from vandalism and the growth of nearby cities.

Listing image by Sakai et al. 2019