Ipsita Koley,Sunandan Adhikary,Rohit Rohit,Soumyajit Dey

DOI: https://doi.org/10.48550/arXiv.2205.00769

2022-05-02

Cryptography and Security

Abstract:Recent developments in the smart mobility domain have transformed automobiles into networked transportation agents helping realize new age, large-scale intelligent transportation systems (ITS). The motivation behind such networked transportation is to improve road safety as well as traffic efficiency. In this setup, vehicles can share information about their speed and/or acceleration values among themselves and infrastructures can share traffic signal data with them. This enables the connected vehicles (CVs) to stay informed about their surroundings while moving. However, the inter-vehicle communication channels significantly broaden the attack surface. The inter-vehicle network enables an attacker to remotely launch attacks. An attacker can create collision as well as hamper performance by reducing the traffic efficiency. Thus, security vulnerabilities must be taken into consideration in the early phase of the development cycle of CVs. To the best of our knowledge, there exists no such automated simulation tool using which engineers can verify the performance of CV prototypes in the presence of an attacker. In this work, we present an automated tool flow that facilitates false data injection attack synthesis and simulation on customizable platoon structure and vehicle dynamics. This tool can be used to simulate as well as design and verify control-theoretic light-weight attack detection and mitigation algorithms for CVs.

Zeinab El-Rewini,Karthikeyan Sadatsharan,Daisy Flora Selvaraj,Siby Jose Plathottam,Prakash Ranganathan

DOI: https://doi.org/10.1016/j.vehcom.2019.100214

IF: 6.7

2020-06-01

Vehicular Communications

Abstract:As modern vehicles are capable to connect to an external infrastructure and Vehicle-to-Everything (V2X) communication technologies mature, the necessity to secure communications becomes apparent. There is a very real risk that today's vehicles are subjected to cyber-attacks that target vehicular communications. This paper proposes a three-layer framework (sensing, communication and control) through which automotive security threats can be better understood. The sensing layer is made up of vehicle dynamics and environmental sensors, which are vulnerable to eavesdropping, jamming, and spoofing attacks. The communication layer is comprised of both in-vehicle and V2X communications and is susceptible to eavesdropping, spoofing, man-in-the-middle, and sybil attacks. At the top of the hierarchy is the control layer, which enables autonomous vehicular functionality, including the automation of a vehicle's speed, braking, and steering. Attacks targeting the sensing and communication layers can propagate upward and affect the functionality and can compromise the security of the control layer. This paper provides the state-of-the-art review on attacks and threats relevant to the communication layer and presents countermeasures.

telecommunications,transportation science & technology

lei xue,yangyang liu,tianqi li,kaifa zhao,jianfeng li,le yu,xiapu luo,yajin zhou,guofei gu

2022-01-01

Abstract:Modern vehicles are equipped with many ECUs (Electronic Control Unit) that are connected to the IVN (In-Vehicle Network) for controlling the vehicles. Meanwhile, various interfaces of vehicles, such as OBD-II port, T-Box, sensors, and telematics, implement the interaction between the IVN and external environment. Although rich value-added functionalities can be provided through these interfaces, such as diagnostics and OTA (Over The Air) updates, the adversary may also inject malicious data into IVN, thus causing severe safety issues. Even worse, existing defense approaches mainly focus on detecting the injection attacks launched from IVN, such as malicious/compromised ECUs, by analyzing CAN frames, and cannot defend against the higher layer MIAs (Message Injection Attacks) that can cause abnormal vehicle dynamics. In this paper, we propose a new state-aware abnormal message injection attack defense approach, named SAID. It detects the abnormal data to be injected into IVN by considering the data semantics and the vehicle dynamics and prevents the MIAs launched from devices connected to the vehicles, such as the compromised diagnostic tools and T-boxes. We develop a prototype of SAID for defending against MIAs and evaluate it using both real road data and simulation data. The experimental results show that SAID can defend against more than 99% of the network and service layer attack traffic and all state layer MIAs, effectively enforcing the safety of vehicles.

Zoleikha Abdollahi,R. Biroon,P. Pisu

DOI: https://doi.org/10.23919/ACC45564.2020.9147977

2020-07-01

Abstract:Connected vehicles as a promising concept of Intelligent Transportation System (ITS), are a potential solution to address some of the existing challenges of emission, traffic congestion as well as fuel consumption. To achieve these goals, connectivity among vehicles through the wireless communication network is essential. However, vehicular communication networks endure from reliability and security issues. Cyber-attacks with purposes of disrupting the performance of the connected vehicles, lead to catastrophic collision and traffic congestion. In this study, we consider a platoon of connected vehicles equipped with Cooperative Adaptive Cruise Control (CACC) which are subjected to a specific type of cyber-attack namely "False Data Injection" attack. We developed a novel method to model the attack with ghost vehicles injected into the connected vehicles network to disrupt the performance of the whole system. To aid the analysis, we use a Partial Differential Equation (PDE) model. Furthermore, we present a PDE model-based diagnostics scheme capable of detecting the false data injection attack and isolating the injection point of the attack in the platoon system. The proposed scheme is designed based on a PDE observer with measured velocity and acceleration feedback. Lyapunov stability theory has been utilized to verify the analytically convergence of the observer under no attack scenario. Eventually, the effectiveness of the proposed algorithm is evaluated with simulation study.

Computer Science,Environmental Science,Engineering

Chunheng Zhao,Jasprit Singh Gill,Pierluigi Pisu,Gurcan Comert

DOI: https://doi.org/10.1109/tits.2021.3090361

IF: 8.5

2021-01-01

IEEE Transactions on Intelligent Transportation Systems

Abstract:In recent years, developments in vehicle-to-everything communication (V2X) have steadily increased in applications such as platooning and collision avoidance. V2X provides vehicles with long-range information regarding traffic congestion and routing, but also short and mid-range information allowing cooperative adaptive cruise control, automatic collision warnings, and others. Despite being potentially beneficial in several aspects, such interdependence poses a set of specific challenges from safety and reliability standpoint due to the possibility of cyber-attacks aimed at influencing the behavior of the vehicles. In this paper, a Cloud-based approach, a sandboxing framework is presented to detect the false data injection attack on connected and automated vehicles (CAVs). The sandboxing concept comes from computer security and it is adopted in a control framework as a way to isolate and evaluate the data exchanged by the CAVs affecting the vehicle control system. Numerical experiments are conducted to show the effectiveness of the approach using microscopic traffic simulation. Simulation results show that our proposed methodology is able to detect the false data injection attack existing in the V2X communication and identify the attacker in real-time less than 0.2 s.

engineering, electrical & electronic,transportation science & technology, civil

Achref Haddaji,Samiha Ayed,Lamia Chaari Fourati

DOI: https://doi.org/10.1016/j.adhoc.2024.103481

IF: 4.816

2024-05-01

Ad Hoc Networks

Abstract:The Internet of Vehicles (IoV) has garnered significant popularity thanks to rapid technological advancements and the widespread availability of the Internet. IoV encompasses vehicles with multiple electronic control units (ECUs) interconnected via advanced intra-vehicle networks. These networks play a crucial role in managing various vehicle functions, with the Controller Area Network (CAN) being of particular significance. However, the increased adoption of intelligent vehicles has also led to a rise in cyberattacks in the intra-vehicular network. These existing vulnerabilities pose significant security and user safety challenges. Extensive efforts have been dedicated to enhancing intra-vehicular network security. Yet, there are open concerns with limited progress made by academic and industry experts on effectively detecting CAN bus attacks. These concerns are essential to ensure intelligent vehicles’ overall security and safety. It requires collaboration between academia, industry, and the development of innovative solutions to fortify vehicular networks against evolving cyber threats. Current intra-vehicular security systems need more robustness and need to consider intelligent methodologies in their proposed works. To overcome all these limitations, This paper introduces a novel intrusion detection framework for in-vehicle networks based on integrating federated learning with transfer learning, improving the detection capabilities of individual vehicles within the network. Our framework employs a trusted authority for secure communication, a cloud server for model distribution and aggregation, and leverages the CAN bus for data collection and training. It guarantees that vehicles start with standardized baseline models and refine them through transfer learning, resulting in a collective intelligence-based final IDS engine for ongoing improvement. We used the Maximum Mean Discrepancy (MMD) to select data from the source domain similar to the target domain. The selected data is more likely to contain patterns and features useful for detecting intrusions in the target domain, leading to better generalization and detection capabilities.

computer science, information systems,telecommunications

Dheeraj Basavaraj,Shahab Tayeb

DOI: https://doi.org/10.3390/jsan11010006

2022-01-10

Journal of Sensor and Actuator Networks

Abstract:With the emergence of networked devices, from the Internet of Things (IoT) nodes and cellular phones to vehicles connected to the Internet, there has been an ever-growing expansion of attack surfaces in the Internet of Vehicles (IoV). In the past decade, there has been a rapid growth in the automotive industry as network-enabled and electronic devices are now integral parts of vehicular ecosystems. These include the development of automobile technologies, namely, Connected and Autonomous Vehicles (CAV) and electric vehicles. Attacks on IoV may lead to malfunctioning of Electronic Control Unit (ECU), brakes, control steering issues, and door lock issues that can be fatal in CAV. To mitigate these risks, there is need for a lightweight model to identify attacks on vehicular systems. In this article, an efficient model of an Intrusion Detection System (IDS) is developed to detect anomalies in the vehicular system. The dataset used in this study is an In-Vehicle Network (IVN) communication protocol, i.e., Control Area Network (CAN) dataset generated in a real-time environment. The model classifies different types of attacks on vehicles into reconnaissance, Denial of Service (DoS), and fuzzing attacks. Experimentation with performance metrics of accuracy, precision, recall, and F-1 score are compared across a variety of classification models. The results demonstrate that the proposed model outperforms other classification models.

Mhafuzul Islam,Mashrur Chowdhury,Hongda Li,Hongxin Hu

DOI: https://doi.org/10.48550/arXiv.1711.10651

2017-11-29

Networking and Internet Architecture

Abstract:A connected vehicle (CV) environment is composed of a diverse data collection, data communication and dissemination, and computing infrastructure systems that are vulnerable to the same cyberattacks as all traditional computing environments. Cyberattacks can jeopardize the expected safety, mobility, energy, and environmental benefits from connected vehicle applications. As cyberattacks can lead to severe traffic incidents, it has become one of the primary concerns in connected vehicle applications. In this paper, we investigate the impact of cyberattacks on the vehicle-to-infrastructure (V2I) network from a V2I application point of view. Then, we develop a novel V2I cybersecurity architecture, named CVGuard, which can detect and prevent cyberattacks on the V2I environment. In designing CVGuard, key challenges, such as scalability, resiliency and future usability were considered. A case study using a distributed denial of service (DDoS) on a V2I application, i.e., the Stop Sign Gap Assist (SSGA) application, shows that CVGuard was effective in mitigating the adverse effects created by a DDoS attack. In our case study, because of the DDoS attack, conflicts between the minor and major road vehicles occurred in an unsignalized intersection, which could have caused potential crashes. A reduction of conflicts between vehicles occurred because CVGuard was in operation. The reduction of conflicts was compared based on the number of conflicts before and after the implementation and operation of the CVGuard security platform. Analysis revealed that the strategies adopted by the CVGuard were successful in reducing the inter-vehicle conflicts by 60% where a DDoS attack compromised the SSGA application at an unsignalized intersection.

Twan Keijzer,Fabian Jarmolowitz,Riccardo M.G. Ferrari

DOI: https://doi.org/10.48550/arXiv.2104.03801

2021-04-08

Abstract:Road intersections are widely recognized as a lead cause for accidents and traffic delays. In a future scenario with a significant adoption of Cooperative Autonomous Vehicles, solutions based on fully automatic, signage-less Intersection Control would become viable. Such a solution, however, requires communication between vehicles and, possibly, the infrastructure over wireless networks. This increases the attack surface available to a malicious actor, which could lead to dangerous situations. In this paper, we address the safety of Intersection Control algorithms, and design a Sliding-Mode-Observer based solution capable of detecting and estimating false data injection attacks affecting vehicles' communication. With respect to previous literature, a novel detection logic with improved detection performances is presented. Simulation results are provided to show the effectiveness of the proposed approach.

Systems and Control

H M Sabbir Ahmad,Ehsan Sabouni,Akua Dickson,Wei Xiao,Christos G. Cassandras,Wenchao Li

2024-03-25

Abstract:We address the security of a network of Connected and Automated Vehicles (CAVs) cooperating to safely navigate through a conflict area (e.g., traffic intersections, merging roadways, roundabouts). Previous studies have shown that such a network can be targeted by adversarial attacks causing traffic jams or safety violations ending in collisions. We focus on attacks targeting the V2X communication network used to share vehicle data and consider as well uncertainties due to noise in sensor measurements and communication channels. To combat these, motivated by recent work on the safe control of CAVs, we propose a trust-aware robust event-triggered decentralized control and coordination framework that can provably guarantee safety. We maintain a trust metric for each vehicle in the network computed based on their behavior and used to balance the tradeoff between conservativeness (when deeming every vehicle as untrustworthy) and guaranteed safety and security. It is important to highlight that our framework is invariant to the specific choice of the trust framework. Based on this framework, we propose an attack detection and mitigation scheme which has twofold benefits: (i) the trust framework is immune to false positives, and (ii) it provably guarantees safety against false positive cases. We use extensive simulations (in SUMO and CARLA) to validate the theoretical guarantees and demonstrate the efficacy of our proposed scheme to detect and mitigate adversarial attacks.

Systems and Control

Shian Wang,Mingfeng Shang,Raphael Stern

2024-01-12

Abstract:While automated vehicles (AVs) are expected to revolutionize future transportation systems, emerging AV technologies open a door for malicious actors to compromise intelligent vehicles. As the first generation of AVs, adaptive cruise control (ACC) vehicles are vulnerable to cyberattacks. While recent effort has been made to understanding the impact of attacks on transportation systems, little work has been done to systematically model and characterize the malicious nature of candidate attacks. In this study, we develop a general framework for modeling and synthesizing two types of candidate attacks on ACC vehicles, namely direct attacks on vehicle control commands and false data injection attacks on sensor measurement, with explicit characterization of their adverse effects. Based on linear stability analysis of car-following dynamics, we derive a series of analytical conditions characterizing the malicious nature of potential attacks. This ensures a higher degree of realism in modeling attacks with adverse effects, as opposed to simply considering attacks as constants or random variables. Notably, the conditions derived provide an effective method for strategically synthesizing an array of candidate attacks on ACC vehicles. We conduct extensive simulation to examine the impacts of intelligently designed attacks on microscopic car-following dynamics and macroscopic traffic flow. Numerical results illustrate the mechanism of candidate attacks, offering useful insights into understanding the vulnerability of future transportation systems. The methodology developed allows for further study of the widespread impact of strategically designed attacks on traffic cybersecurity, and is expected to inspire the development of efficient attack detection techniques and advanced vehicle controls.

Dynamical Systems,Systems and Control

Shian Wang

2024-01-13

Abstract:While emerging adaptive cruise control (ACC) technologies are making their way into more vehicles, they also expose a vulnerability to potential malicious cyberattacks. Previous research has typically focused on constant or stochastic attacks without explicitly addressing their malicious and covert characteristics. As a result, these attacks may inadvertently benefit the compromised vehicles, inconsistent with real-world scenarios. In contrast, we establish an analytical framework to model and synthesize a range of candidate attacks, offering a physical interpretation from the attacker's standpoint. Specifically, we introduce a mathematical framework that describes mixed traffic scenarios, comprising ACC vehicles and human-driven vehicles (HDVs), grounded in car-following dynamics. Within this framework, we synthesize and integrate a class of false data injection attacks into ACC sensor measurements, influencing traffic flow dynamics. As a first-of-its-kind study, this work provides an analytical characterization of attacks, emphasizing their malicious and stealthy attributes while explicitly accounting for vehicle driving behavior, thereby yielding a set of candidate attacks with physical interpretability. To demonstrate the modeling process, we perform a series of numerical simulations to holistically assess the effects of attacks on car-following dynamics, traffic efficiency, and vehicular fuel consumption. The primary findings indicate that strategically synthesized candidate attacks can cause significant disruptions to the traffic flow while altering the driving behavior of ACC vehicles in a subtle fashion to remain stealthy, which is supported by a series of analytical results.

Systems and Control,Dynamical Systems

Tianci Yang,Carlos Murguia,Dragan Nesic,Chau Yuen

2023-06-19

Abstract:By sharing local sensor information via Vehicle-to-Vehicle (V2V) wireless communication networks, Cooperative Adaptive Cruise Control (CACC) is a technology that enables Connected and Automated Vehicles (CAVs) to drive autonomously on the highway in closely-coupled platoons. The use of CACC technologies increases safety and the traffic throughput, and decreases fuel consumption and CO2 emissions. However, CAVs heavily rely on embedded software, hardware, and communication networks that make them vulnerable to a range of cyberattacks. Cyberattacks to a particular CAV compromise the entire platoon as CACC schemes propagate corrupted data to neighboring vehicles potentially leading to traffic delays and collisions. Physics-based monitors can be used to detect the presence of False Data Injection (FDI) attacks to CAV sensors; however, unavoidable system disturbances and modelling uncertainty often translates to conservative detection results. Given enough system knowledge, adversaries are still able to launch a range of attacks that can surpass the detection scheme by hiding within the system disturbances and uncertainty -- we refer to this class of attacks as \textit{stealthy FDI attacks}. Stealthy attacks are hard to deal with as they affect the platoon dynamics without being noticed. In this manuscript, we propose a co-design methodology (built around a series convex programs) to synthesize distributed attack monitors and $H_{\infty}$ CACC controllers that minimize the joint effect of stealthy FDI attacks and system disturbances on the platoon dynamics while guaranteeing a prescribed platooning performance (in terms of tracking and string stability). Computer simulations are provided to illustrate the performance of out tools.

Systems and Control

Zulqarnain H Khattak,Brian L Smith,Michael D Fontaine

DOI: https://doi.org/10.1016/j.aap.2020.105861

Abstract:Connected and automated vehicles (CAVs) offer a huge potential to improve the operations and safety of transportation systems. However, the use of smart devices and communications in CAVs introduce new risks. CAVs would leverage vehicle to vehicle (V2V) and vehicle to infrastructure (V2I) communication, thus providing additional system access points compared to traditional systems. Automation makes these systems more vulnerable and increases the consequences of cyberattacks. This study utilizes an infrastructure-based communication platform consisting of cooperative adaptive cruise control and lane control advisories developed by the authors to perform cyber risk assessment of CAVs. The study emulates three types of cyberattacks (message falsification, dedicated denial of service, and spoofing attacks) in a representative traffic environment consisting of multiple CAV platoons and lane change events to analyze the safety and stability impacts of the cyberattacks. Simulation experiments using VISSIM reveals that traffic stream and CAV string is unstable under all three types of cyberattacks. The worst case is represented by the message falsification attack. Increases in volatility are observed over a no attack case, with variations increasing by an average of 43%-51% along with an increase of over 3000 crash conflicts. Similarly, lane change crash conflicts are observed to be more severe compared to rear end crash conflicts, showing a higher probability of severe injuries. Further, the case of slight cyberattack on a single CAV also creates significant disruption in the traffic stream. Analysis of variance (ANOVA) reveals the statistical significance of the results. These results pave the way for future design of secure systems from a monitoring perspective.

Sanchita Ghosh,Nutan Saha,Tanushree Roy

2024-09-21

Abstract:Under a changing driving environment, a Connected Autonomous Vehicle (CAV) platoon relies strongly on the acquisition of accurate traffic information from neighboring vehicles as well as reliable commands from a centralized supervisory controller through the communication network. Even though such modalities are imperative to ensure the safe and efficient driving performance of CAVs, they led to multiple security challenges. Thus, a cyberattack on this network can corrupt vehicle-to-vehicle (V2V) and vehicle-to-infrastructure (V2I) communication, which can lead to unsafe or undesired driving scenarios. Hence, in this paper, we propose a cyberattack detection-isolation algorithm comprised of a unified V2V and V2I cyberattack detection scheme along with a V2I isolation scheme for CAVs under changing driving conditions. The proposed algorithm is constructed using a bank of residual generators with Lyapunov function-based performance guarantees, such as disturbance-to-state stability, robustness, and sensitivity. Finally, we showcase the efficacy of our proposed algorithm through extensive Monte-Carlo simulations using real-world highway and urban driving data. The results show that the proposed algorithm can enhance the cybersecurity of CAVs by detecting cyberattacks on CAV platoons and isolating infrastructure-level traffic manipulation.

Systems and Control

Timo Häckel,Philipp Meyer,Lukas Stahlbock,Falk Langer,Sebastian A. Eckhardt,Franz Korf,Thomas C. Schmidt

2023-10-16

Abstract:Connected vehicles are vulnerable to manipulation and a broad attack surface can be used to intrude in-vehicle networks from anywhere on earth. In this work, we present an integrated security infrastructure comprising network protection, monitoring, incident management, and counteractions, which we built into a prototype based on a production car. Our vehicle implements a Software-Defined Networking Ethernet backbone to restrict communication routes, network anomaly detection to make misbehavior evident, virtual controller functions to enable agile countermeasures, and an automotive cloud defense center to analyse and manage incidents on vehicle fleets. We present first measurements and lessons learned from operating the prototype: many network attacks can be prevented through software-defined access control in the backbone; anomaly detection can reliably detect misbehavior but needs to improve on false positive rate; controller virtualization needs tailored frameworks to meet in-car requirements; and cloud defence enables fleet management and advanced countermeasures. Our findings indicate attack mitigation times in the vehicle from 257 ms to 328 ms and from 2,168 ms to 2,713 ms traversing the cloud.

Cryptography and Security,Networking and Internet Architecture

Sadek Misto Kirdi,Nicola Scarano,Franco Oberti,Luca Mannella,Stefano Di Carlo,Alessandro Savino

2024-06-11

Abstract:Modern vehicles are increasingly vulnerable to attacks that exploit network infrastructures, particularly the Controller Area Network (CAN) networks. To effectively counter such threats using contemporary tools like Intrusion Detection Systems (IDSs) based on data analysis and classification, large datasets of CAN messages become imperative. This paper delves into the feasibility of generating synthetic datasets by harnessing the modeling capabilities of simulation frameworks such as Simulink coupled with a robust representation of attack models to present CARACAS, a vehicular model, including component control via CAN messages and attack injection capabilities. CARACAS showcases the efficacy of this methodology, including a Battery Electric Vehicle (BEV) model, and focuses on attacks targeting torque control in two distinct scenarios.

Cryptography and Security,Artificial Intelligence,Machine Learning

Shah Khalid Khan,Nirajan Shiwakoti,Peter Stasinopoulos,Yilun Chen,Matthew Warren

DOI: https://doi.org/10.1016/j.tranpol.2024.11.019

IF: 6.173

2024-01-01

Transport Policy

Abstract:Connected and Automated Vehicles (CAVs) cybersecurity is an inherently complex, multi-dimensional issue that goes beyond isolated hardware or software vulnerabilities, extending to human threats, network vulnerabilities, and broader system-level risks. Currently, no formal, comprehensive tool exists that integrates these diverse dimensions into a unified framework for CAV cybersecurity assessment. This study addresses this challenge by developing a System Dynamics (SD) model for strategic cybersecurity assessment that considers technological challenges, human threats, and public cybersecurity awareness during the CAV rollout. Specifically, the model incorporates a novel SD-based Stock-and-Flow Model (SFM) that maps six key parameters influencing cyberattacks at the system level. These parameters include CAV communication safety, user adoption rates, log file management, hacker capabilities, understanding of hacker motivations (criminology theory maturity), and public awareness of CAV cybersecurity.The SFM's structure and behaviour were rigorously tested and then used to analyse five plausible scenarios: i) Baseline (Technological Focus Only), ii) Understanding Hacker Motivations, iii) CAV User and OEM Education, iv) CAV Penetration Rate Increase, and v) CAV Penetration Rate Increase with Human Behavior Analysis. Four metrics are used to benchmark CAV cybersecurity: communication safety, probability of hacking attempts, probability of successful defence, and number of CAV adopters. The results indicate that while baseline technological advancements strengthen communication framework robustness, they may also create new vulnerabilities that hackers could exploit. Conversely, a deeper understanding of hacker motivations (Criminology Theory Maturity) effectively reduces hacking attempts. It fosters a more secure environment for early CAV adopters. Additionally, educating CAV users and OEM increases the probability of defending against cyberattacks. While CAV penetration increases the likelihood of hack defence due to a corresponding rise in attempts, there is a noticeable decrease in hacking attempts with CAV penetration when analysing human behaviour. These findings, when translated into policy instruments, can pave the way for a more optimised and resilient cyber-safe ITS.

Qi Li,Jinxin Zuo,Ruohan Cao,Yibo Zhang,Jianrui Chen,Qiang Liu,Jingjing Wang

DOI: https://doi.org/10.1109/mnet.2023.3333545

IF: 10.294

2023-01-01

IEEE Network

Abstract:With the rapid development of intelligent connected vehicles (ICVs), their intelligent, remote, and high-speed mobility characteristics have led to an expansion of their attack surface, and thus an increase in security requirements. Consequently, security research for ICVs has become a current research focus. However, existing security risk monitoring measures lack linkage with attack behavior, and security defense strategies cannot fully and promptly respond to security risk levels and system vulnerabilities. Therefore, this paper proposes a security evaluation framework for ICVs based on attack chains. The framework focuses on the mechanism and steps of attack generation, evaluates the current risk level and degree of harm in a targeted manner, and maps appropriate security management measures according to the degree of harm. This security evaluation model integrates various defense mechanisms and resolves the mismatch between existing ICV security defense measures and security situations. The effectiveness of this model has been validated through experiments, and potential research directions in the future are discussed and analyzed.

computer science, information systems,telecommunications,engineering, electrical & electronic, hardware & architecture

Fatimah Aloraini,Amir Javed,Omer Rana

DOI: https://doi.org/10.3390/s24123848

IF: 3.9

2024-06-15

Sensors

Abstract:Rapid advancements in connected and autonomous vehicles (CAVs) are fueled by breakthroughs in machine learning, yet they encounter significant risks from adversarial attacks. This study explores the vulnerabilities of machine learning-based intrusion detection systems (IDSs) within in-vehicle networks (IVNs) to adversarial attacks, shifting focus from the common research on manipulating CAV perception models. Considering the relatively simple nature of IVN data, we assess the susceptibility of IVN-based IDSs to manipulation—a crucial examination, as adversarial attacks typically exploit complexity. We propose an adversarial attack method using a substitute IDS trained with data from the onboard diagnostic port. In conducting these attacks under black-box conditions while adhering to realistic IVN traffic constraints, our method seeks to deceive the IDS into misclassifying both normal-to-malicious and malicious-to-normal cases. Evaluations on two IDS models—a baseline IDS and a state-of-the-art model, MTH-IDS—demonstrated substantial vulnerability, decreasing the F1 scores from 95% to 38% and from 97% to 79%, respectively. Notably, inducing false alarms proved particularly effective as an adversarial strategy, undermining user trust in the defense mechanism. Despite the simplicity of IVN-based IDSs, our findings reveal critical vulnerabilities that could threaten vehicle safety and necessitate careful consideration in the development of IVN-based IDSs and in formulating responses to the IDSs' alarms.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation