This work addresses the low success rate of conventional LiDAR spoofing attacks in feature-rich environments such as urban and indoor settings by proposing an efficient attack method based on dynamic point cloud injection. By integrating spatial shape design with temporally coordinated perturbation strategies, the approach exploits scan-matching principles to achieve precise deception of LiDAR SLAM systems. As the first study to demonstrate high-success-rate attacks in real-world complex scenarios, it also introduces ISD-SLAM, a lightweight defense mechanism that leverages inertial dead reckoning for anomaly detection without requiring additional hardware. Experimental results show that the proposed attack significantly enhances spoofing effectiveness, while ISD-SLAM effectively identifies various attacks—including D-SLAMSpoof—and substantially mitigates localization drift, thereby improving the safety of autonomous driving systems.

In this work, we introduce Dynamic SLAMSpoof (D-SLAMSpoof), a novel attack that compromises LiDAR SLAM even in feature-rich environments. The attack leverages LiDAR spoofing, which injects spurious measurements into LiDAR scans through external laser interference. By designing both spatial injection shapes and temporally coordinated dynamic injection patterns guided by scan-matching principles, D-SLAMSpoof significantly improves attack success rates in real-world, feature-rich environments such as urban areas and indoor spaces, where conventional LiDAR spoofing methods often fail. Furthermore, we propose a practical defense method, ISD-SLAM, that relies solely on inertial dead reckoning signals commonly available in autonomous systems. We demonstrate that ISD-SLAM accurately detects LiDAR spoofing attacks, including D-SLAMSpoof, and effectively mitigates the resulting position drift. Our findings expose inherent vulnerabilities in LiDAR-based SLAM and introduce the first practical defense against LiDAR-based SLAM spoofing using only standard onboard sensors, providing critical insights for improving the security and reliability of autonomous systems.