Data Poisoning Attacks in Intelligent Transportation Systems: A Survey

Feilong Wang,Xin Wang,Xuegang Ban
2024-07-06
Abstract:Emerging technologies drive the ongoing transformation of Intelligent Transportation Systems (ITS). This transformation has given rise to cybersecurity concerns, among which data poisoning attack emerges as a new threat as ITS increasingly relies on data. In data poisoning attacks, attackers inject malicious perturbations into datasets, potentially leading to inaccurate results in offline learning and real-time decision-making processes. This paper concentrates on data poisoning attack models against ITS. We identify the main ITS data sources vulnerable to poisoning attacks and application scenarios that enable staging such attacks. A general framework is developed following rigorous study process from cybersecurity but also considering specific ITS application needs. Data poisoning attacks against ITS are reviewed and categorized following the framework. We then discuss the current limitations of these attack models and the future research directions. Our work can serve as a guideline to better understand the threat of data poisoning attacks against ITS applications, while also giving a perspective on the future development of trustworthy ITS.
Cryptography and Security,Machine Learning
What problem does this paper attempt to address?
The problem that this paper attempts to solve is the security threats brought by Data Poisoning Attacks (DPAs) in Intelligent Transportation Systems (ITS). With the development of emerging technologies, ITS is increasingly relying on data - driven models and algorithms, which makes it more vulnerable to various cyber - attacks. In particular, data poisoning attacks, by injecting malicious perturbations into the training data set, may lead to inaccurate results in offline learning and real - time decision - making processes, thus having a serious impact on the normal operation of the transportation system. ### Main problems of the paper: 1. **Threats of data poisoning attacks**: How to identify and classify data poisoning attacks against ITS? Which key data sources and application scenarios may these attacks affect? 2. **Limitations of existing research**: What are the deficiencies in the current research on data poisoning attacks in ITS? What open questions and challenges need to be further explored? 3. **Future research directions**: In order to enhance the security and credibility of ITS, what aspects should future research focus on? ### Specific content: - **Vulnerability of data sources**: The paper analyzes in detail the vulnerability of three main data sources in ITS (individual user data, V2X communication data, and infrastructure data) when facing data poisoning attacks. - **Classification of attack models**: Based on the attack target, the attacker's knowledge, ability, and strategy, the existing data poisoning attack models are classified and summarized. - **Risk assessment framework**: A comprehensive framework is proposed to evaluate and synthesize the existing data poisoning attack models, especially considering the unique requirements of ITS applications, such as risk assessment and system impact. - **Future research directions**: The limitations of the existing attack models are discussed, and the directions for future research are proposed, including more in - depth risk assessment methods and techniques. ### Conclusion: Through a systematic review and classification of data poisoning attacks, the paper provides guidance for understanding the security threats in ITS, emphasizes the importance of enhancing the security awareness of data - driven ITS applications, and provides a theoretical basis for developing effective defense measures and improving the robustness of the system.