Abstract
Recently, significant developments were introduced within the vehicular domain, making the modern vehicle a network of a multitude of embedded systems communicating with each other, while adhering to safety-critical and secure systems specifications. Many technologies have been integrated within modern vehicles to give them the capability to interact with the outside world. These advances have significantly enlarged the attack surface. We already have numerous instances of successful penetration of vehicular networks both from inside the vehicle and from the outside. To face these attacks, many intrusion prevention and detection mechanisms were implemented inside a vehicular system. Nonetheless, even if all security mitigation is adopted, an attack still can happen. In critical-safety environments, such as the vehicle, the response to the attack is as essential as detecting the attack itself. Although Intrusion Response Systems (IRSs) have been adopted in other domains to add an extra layer of security, there is a lack of such systems in the vehicular field. In this work, we investigate the challenges and identify the requirements for integrating such a mechanism within the vehicle system. Besides, we present an IRS framework, which meets the identified requirements. Also, we discuss the integration of IRS through the vehicle system development and the different aspects which support such a process. Finally, we use the automated obstacle avoidance system to explain how we could develop intrusion response strategies and to measure the overhead of such security system.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Avizienis, A., Laprie, J.C., Randell, B., Landwehr, C.: Basic concepts and taxonomy of dependable and secure computing. IEEE Trans. Dependable Secure Comput. 1(1), 11–33 (2004)
Balepin, I., Maltsev, S., Rowe, J., Levitt, K.: Using specification-based intrusion detection for automated response. In: Vigna, G., Kruegel, C., Jonsson, E. (eds.) RAID 2003. LNCS, vol. 2820, pp. 136–154. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-45248-5_8
Bergmiller, P.: Towards Functional Safety in Drive-by-Wire Vehicles. Ph.D. thesis (2014)
Blaze, M., Feigenbaum, J., Ioannidis, J., Keromytis, A.D.: The keynote trust-management system version 2. RFC 2704 (1999)
Broy, M.: Challenges in automotive software engineering. In: Proceedings of the 28th International Conference on Software Engineering, pp. 33–42. ACM (2006)
Carroll, J.V.: Vulnerability assessment of the US transportation infrastructure that relies on the global positioning system. J. Navig. 56(2), 185–193 (2003)
Checkoway, S., et al.: Comprehensive experimental analyses of automotive attack surfaces. In: USENIX Security Symposium (2011)
Debar, H., Curry, D., Feinstein, B.: The intrusion detection message exchange format (idmef). Technical Report (2007)
Debar, H., Thomas, Y., Cuppens, F., Cuppens-Boulahia, N.: Enabling automated threat response through the use of a dynamic security policy. J. Comput. Virol. 3(3), 195–210 (2007)
Edge, K.S., Dalton, G.C., Raines, R.A., Mills, R.F.: Using attack and protection trees to analyze threats and defenses to homeland security. In: MILCOM 2006-2006 IEEE Military Communications Conference, pp. 1–7. IEEE (2006)
Fallstrand, D., Lindström, V.: Applicability analysis of intrusion detection and prevention in automotive systems. Master’s thesis, 53 (2015)
Fallstrand, D., Lindström, V.: Applicability analysis of intrusion detection and prevention in automotive systems. Master’s Thesis in Computer Systems and Networks on the Chalmers University of Technology Goteborg (2015)
Foo, B., Glause, M.W., Howard, G.M., Wu, Y.S., Bagchi, S., Spafford, E.H.: Intrusion response systems: a survey. In: Qian, Y., Joshi, J.,Tipper, D., Krishnamurthy, P. (Eds.), Information Assurance: Dependability and Security in Networked Systems, pp. 377–412 (2008)
Foo, B., Wu, Y.S., Mao, Y.C., Bagchi, S., Spafford, E.: Adepts: adaptive intrusion response using attack graphs in an e-commerce environment. In: 2005 International Conference on Dependable Systems and Networks (DSN’2005), pp. 508–517. IEEE (2005)
Francillon, A., Danev, B., Capkun, S.: Relay attacks on passive keyless entry and start systems in modern cars. In: Proceedings of the Network and Distributed System Security Symposium (NDSS). Eidgenössische Technische Hochschule Zürich, Department of Computer Science (2011)
Hamad, M., Hammadeh, Z.A., Saidi, S., Prevelakis, V., Ernst, R.: Prediction of abnormal temporal behavior in real-time systems. In: Proceedings of the 33rd Annual ACM Symposium on Applied Computing, pp. 359–367. ACM (2018)
Hamad, M., Nolte, M., Prevelakis, V.: Towards comprehensive threat modeling for vehicles. In: The 1st Workshop on Security and Dependability of Critical Embedded Real-Time Systems, p. 31 (2016)
Hamad, M., Nolte, M., Prevelakis, V.: A framework for policy based secure intra vehicle communication. In: 2017 IEEE Vehicular Networking Conference (VNC). IEEE (2017)
Hamad, M., Schlatow, J., Prevelakis, V., Ernst, R.: A communication framework for distributed access control in microkernel-based systems. In: 12th Annual Workshop on Operating Systems Platforms for Embedded Real-Time Applications (OSPERT16), pp. 11–16, July 2016
Hamad, M., Tsantekidis, M., Prevelakis, V.: Red-zone: towards an intrusion response framework for intra-vehicle system. In: The 5th International Conference on Vehicle Technology and Intelligent Transport Systems (VEHITS). Crete, Greece, May 2019
Hoppe, T., Kiltz, S., Dittmann, J.: Adaptive dynamic reaction to automotive it security incidents using multimedia car environment. In: 2008 The Fourth International Conference on Information Assurance and Security, ISIAS’2008, pp. 295–298. IEEE (2008)
Hoppe, T., Kiltz, S., Dittmann, J.: Applying intrusion detection to automotive it-early insights and remaining challenges. J. Inf. Assurance Secur. (JIAS) 4(6), 226–235 (2009)
Inayat, Z., Gani, A., Anuar, N.B., Khan, M.K., Anwar, S.: Intrusion response systems: foundations, design, and challenges. J. Netw. Comput. Appl. 62, 53–74 (2016)
Ishtiaq Roufa, R.M., et al.: Security and privacy vulnerabilities of in-car wireless networks: a tire pressure monitoring system case study. In: 19th USENIX Security Symposium (2011)
nformation technology - Security techniques - Methodology for IT security evaluation. Standard, International Organization for Standardization, August 2008
Kanoun, W., Samarji, L., Cuppens-Boulahia, N., Dubus, S., Cuppens, F.: Towards a temporal response taxonomy. In: Di Pietro, R., Herranz, J., Damiani, E., State, R. (eds.) Data Privacy Management and Autonomous Spontaneous Security, pp. 318–331. Springer, Berlin, Heidelberg (2013)
Kemmerer, R.A., Vigna, G.: Intrusion detection: a brief history and overview. Computer 35(4), supl27-supl30 (2002)
Koscher, K., et al.: Experimental security analysis of a modern automobile. In: 2010 IEEE Symposium on Security and Privacy (SP), pp. 447–462. IEEE (2010)
Larson, U.E., Nilsson, D.K., Jonsson, E.: An approach to specification-based attack detection for in-vehicle networks. In: 2008 IEEE Intelligent Vehicles Symposium, pp. 220–225. IEEE (2008)
Le Lann, G.: The ariane 5 flight 501 failure-a case study in system engineering for computing systems. Ph.D. thesis, INRIA (1996)
Lewandowski, S.M., Van Hook, D.J., O’Leary, G.C., Haines, J.W., Rossey, L.M.: Sara: survivable autonomic response architecture. In: Proceedings DARPA Information Survivability Conference and Exposition II. DISCEX’2001, vol. 1, pp. 77–88. IEEE (2001)
Locasto, M.E., Wang, K., Keromytis, A.D., Stolfo, S.J.: Flips: hybrid adaptive intrusion prevention. In: International Workshop on Recent Advances in Intrusion Detection, pp. 82–101. Springer (2005)
Markit, I.: Vehicles getting older: average age of light cars and trucks in U.S. rises again in 2016 to 11.6 years, IHS markit says, November 2016. https://news.ihsmarkit.com/press-release/automotive/vehicles-getting-older-average-age-light-cars-and-trucks-us-rises-again-201
Miller, C., Valasek, C.: Remote exploitation of an unaltered passenger vehicle (2015)
Moestl, M., Ernst, R.: Cross-layer dependency analysis for safety-critical systems design. In: Proceedings ARCS 2015-The 28th International Conference on Architecture of Computing Systems, pp. 1–7. VDE (2015)
Nadeem, A., Howarth, M.P.: An intrusion detection & adaptive response mechanism for manets. Ad Hoc Netw. 13, 368–380 (2014)
Nighswander, T., Ledvina, B., Diamond, J., Brumley, R., Brumley, D.: GPS software attacks. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security, pp. 450–461. ACM (2012)
Nilsson, D.K., Larson, U.E., Picasso, F., Jonsson, E.: A first simulation of attacks in the automotive network communications protocol FlexRay. In: Proceedings of the International Workshop on Computational Intelligence in Security for Information Systems CISIS’2008, pp. 84–91. Springer (2009)
NLC: Successful connection on the model s internal ethernet network, April 2014. https://teslamotorsclub.com/tmc/threads/successful-connection-on-the-model-s-internal-ethernet-network.28185/
Ryutov, T., Neuman, C., Dongho, K., Li, Z.: Integrated access control and intrusion detection for web servers. IEEE Trans. Parallel Distrib. Syst. 14(9), 841–850 (2003)
Schneier, B.: Attack Trees - Modeling security threats. Dr. Dobb’s Journal, December 1999
Schweppe, H.: Security and privacy in automotive on-board networks. Ph.D. thesis (2012)
Shameli-Sendi, A., Ezzati-Jivan, N., Jabbarifar, M., Dagenais, M.: Intrusion response systems: survey and taxonomy. Int. J. Comput. Sci. Netw. Secur 12(1), 1–14 (2012)
Stakhanova, N., Basu, S., Wong, J.: A taxonomy of intrusion response systems. Int. J. Inf. Comput. Secur. 1(1–2), 169–184 (2007)
Strasburg, C., Stakhanova, N., Basu, S., Wong, J.S.: A framework for cost sensitive assessment of intrusion response selection. In: 2009 33rd Annual IEEE International Computer Software and Applications Conference, COMPSAC’2009, vol. 1, pp. 355–360. IEEE (2009)
Takahashi, J., Aragane, Y., Miyazawa, T., Fuji, H., Yamashita, H., Hayakawa, K., Ukai, S., Hayakawa, H.: Automotive attacks and countermeasures on lin-bus. J. Inf. Process. 25, 220–228 (2017)
Thompson, C.: A hacker figured out a way to almost completely control GM cars with onstar, July 2015. https://www.businessinsider.com/hackers-device-can-take-over-gm-cars-with-onstar-system-2015-7?IR=T
Toth, T., Kruegel, C.: Evaluating the impact of automated intrusion response mechanisms. IEEE (2002)
Tryfonas, T., Gritzalis, D., Kokolakis, S.: A qualitative approach to information availability. In: Qing, S., Eloff, J.H.P. (eds.) SEC 2000. ITIFIP, vol. 47, pp. 37–47. Springer, Boston, MA (2000). https://doi.org/10.1007/978-0-387-35515-3_5
Vöelp, M., Esteves-Verissimo, P.: Intrusion-tolerant autonomous driving. In: 2018 IEEE 21st International Symposium on Real-Time Distributed Computing (ISORC), pp. 130–133, May 2018. DOI: https://doi.org/10.1109/ISORC.2018.00026
Acknowledgment
This work is partially supported by the European Commission through the following H2020 projects: THREAT-ARREST under Grant Agreement No. 786890, I-BiDaaS under Grant Agreement No. 780787, CONCORDIA under Grant Agreement No. 830927 and SmartShip under Grant Agreement No 823916.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this paper
Cite this paper
Hamad, M., Tsantekidis, M., Prevelakis, V. (2021). Intrusion Response System for Vehicles: Challenges and Vision. In: Helfert, M., Klein, C., Donnellan, B., Gusikhin, O. (eds) Smart Cities, Green Technologies and Intelligent Transport Systems. SMARTGREENS VEHITS 2019 2019. Communications in Computer and Information Science, vol 1217. Springer, Cham. https://doi.org/10.1007/978-3-030-68028-2_15
Download citation
DOI: https://doi.org/10.1007/978-3-030-68028-2_15
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-68027-5
Online ISBN: 978-3-030-68028-2
eBook Packages: Computer ScienceComputer Science (R0)