Thomas Rosenstatter
ABSTRACT
Vehicles have become connected in many ways. They communicate with the cloud and will use Vehicle-to-Everything (V2X) communication to exchange warning messages and perform cooperative actions such as platooning. Vehicles have already been attacked and will become even more attractive targets due to their increasing connectivity, the amount of data they produce and their importance to our society. It is therefore crucial to provide cyber security measures to prevent and limit the impact of attacks.
As it is problematic for a vehicle to reliably assess its own state when it is compromised, we investigate how vehicle trust can be used to identify compromised vehicles and how fleet-wide attacks can be detected at an early stage using cloud data. In our proposed V2C Anomaly Detection framework, peer vehicles assess each other based on their perceived behavior in traffic and V2X-enabled interactions, and upload these assessments to the cloud for analysis. This framework consists of four modules. For each module we define functional demands, interfaces and evaluate solutions proposed in literature allowing manufacturers and fleet owners to choose appropriate techniques. We detail attack scenarios where this type of framework is particularly useful in detecting and identifying potential attacks and failing software and hardware. Furthermore, we describe what basic vehicle data the cloud analysis can be based upon.
- Ryan P. Adams and David. J. C. MacKay. 2007. Bayesian Online Changepoint Detection. arxiv:0710.3742 [stat.ML]Google Scholar
- Samaneh Aminikhanghahi and Diane J. Cook. 2017. A survey of methods for time series change point detection. Knowledge and Information Systems 51, 2 (2017), 339–367. https://doi.org/10.1007/s10115-016-0987-zGoogle ScholarDigital Library
- Michèle Basseville and Igor V. Nikiforov. 1993. Detection of abrupt changes: theory and application. Vol. 104. Prentice Hall, Englewood Cliffs, NJ.Google Scholar
- Norbert Bißmeyer, Sebastian Mauthofer, Kpatcha M. Bayarou, and Frank Kargl. 2012. Assessment of node trustworthiness in VANETs using data plausibility checks with particle filters. In Vehicular Networking Conference (VNC). IEEE, Seoul, South Korea, 78–85. https://doi.org/10.1109/VNC.2012.6407448Google ScholarCross Ref
- Anna L. Buczak and Erhan Guven. 2016. A Survey of Data Mining and Machine Learning Methods for Cyber Security Intrusion Detection. IEEE Communications Surveys Tutorials 18, 2 (2016), 1153–1176. https://doi.org/10.1109/COMST.2015.2494502Google ScholarDigital Library
- Stephen Checkoway, Damon McCoy, Brian Kantor, Danny Anderson, Hovav Shacham, 2011. Comprehensive Experimental Analyses of Automotive Attack Surfaces. In USENIX Security Symposium. USENIX, San Francisco, CA, 77–92.Google Scholar
- Thomas M. Chen and Varadharajan Venkataramanan. 2005. Dempster-Shafer theory for intrusion detection in ad hoc networks. IEEE Internet Computing 9, 6 (2005), 35–41. https://doi.org/10.1109/MIC.2005.123Google ScholarDigital Library
- Arturo Davila and Mario Nombela. 2012. Platooning - Safe and Eco-Friendly Mobility.SAE Technical Paper 2012-01-0488, Article 2012-01-0488 (2012), 5 pages.Google Scholar
- Hervé Debar, Marc Dacier, and Andreas Wespi. 1999. Towards a taxonomy of intrusion-detection systems. Computer Networks 31, 8 (1999), 805 – 822. https://doi.org/10.1016/S1389-1286(98)00017-6Google ScholarCross Ref
- Marcos Duarte. 2020. detecta: A Python module to detect events in data. https://github.com/demotu/detecta. visited on 2020-11-12.Google Scholar
- Richard G. Engoulou, Martine Bellaiche, Talal Halabi, and Samuel Pierre. 2019. A Decentralized Reputation Management System for Securing the Internet of Vehicles. In International Conference on Computing, Networking and Communications (ICNC). IEEE, Honolulu, HI, 900–904. https://doi.org/10.1109/ICCNC.2019.8685551Google ScholarCross Ref
- ETSI. 2014. Basic Set of Applications; Part 2: Specification of Cooperative Awareness Basic Service. Intelligent Transport Systems (ITS) – Vehicular Communications EN 302 637-2 V1.3.2. ETSI.Google Scholar
- Usama Fayyad, Gregory Piatetsky-Shapiro, and Padhraic Smyth. 1996. From Data Mining to Knowledge Discovery in Databases. AI Magazine 17, 3 (Mar. 1996), 37. https://doi.org/10.1609/aimag.v17i3.1230Google ScholarDigital Library
- The European Union Agency for Network and Information Security (ENISA). 2019. Good Practices for Security of Smart Cars. Technical Report. ENISA.Google Scholar
- International Organization for Standardization (ISO). 2020. ISO 14229:2020 Road vehicles – Unified diagnostic services (UDS). Standard. ISO.Google Scholar
- Pierre Granjon. 2013. The CuSum algorithm-a small review. Technical Report hal-00914697. GIPSA-lab.Google Scholar
- Pinyao Guo, Hunmin Kim, Le Guan, Minghui Zhu, and Peng Liu. 2018. VCIDS: Collaborative Intrusion Detection of Sensor and Actuator Attacks on Connected Vehicles. In Security and Privacy in Communication Networks, X. Lin, A. Ghorbani, K. Ren, S. Zhu, and A. Zhang (Eds.). Springer International Publishing, Cham, 377–396.Google Scholar
- Talal Halabi and Mohammad Zulkernine. 2019. Trust-Based Cooperative Game Model for Secure Collaboration in the Internet of Vehicles. In International Conference on Communications (ICC). IEEE, Shanghai, China, 1–6. https://doi.org/10.1109/ICC.2019.8762069Google Scholar
- Ezz E. Hemdan and D. H. Manjaiah. 2018. Cybercrimes Investigation and Intrusion Detection in Internet of Things Based on Data Science Methods. Springer International Publishing, Cham, 39–62. https://doi.org/10.1007/978-3-319-70688-7_2Google Scholar
- Rasheed Hussain, Jooyoung Lee, and Sherali Zeadally. 2020. Trust in VANET: A Survey of Current Solutions and Future Research Opportunities. IEEE Transactions on Intelligent Transportation Systems (2020), 1–19.Google Scholar
- Myeongsu Kang. 2019. Machine Learning: Anomaly Detection. Wiley-IEEE Press, Hoboken, NJ, Chapter 6, 131–162. https://doi.org/10.1002/9781119515326.ch6Google Scholar
- Chaker A. Kerrache, Carlos T. Calafate, Nasreddine Lagraa, Juan-Carlos Cano, and Pietro Manzoni. 2016. Hierarchical adaptive trust establishment solution for vehicular networks. In 27th Annual International Symposium on Personal, Indoor, and Mobile Radio Communications (PIMRC). IEEE, Valencia, Spain, 1–6. https://doi.org/10.1109/PIMRC.2016.7794617Google ScholarDigital Library
- Johannes Kulick. 2020. Bayesian Changepoint Detection – Python Implementation. https://github.com/hildensia/bayesian_changepoint_detection visited on 2020-11-12.Google Scholar
- Fei T. Liu, Kai M. Ting, and Zhi-Hua Zhou. 2008. Isolation Forest. In Eighth International Conference on Data Mining. IEEE, Pisa, Italy, 413–422. https://doi.org/10.1109/ICDM.2008.17Google ScholarDigital Library
- Javier Martínez Torres, Carla Iglesias Comesaña, and Paulino J. García-Nieto. 2019. Review: machine learning techniques applied to cybersecurity. International Journal of Machine Learning and Cybernetics 10, 10 (01 Oct 2019), 2823–2836. https://doi.org/10.1007/s13042-018-00906-1Google ScholarCross Ref
- Charlie Miller and Chris Valasek. 2015. Remote exploitation of an unaltered passenger vehicle. Black Hat USA (2015), 91.Google Scholar
- Michael Müter, André Groll, and Felix C. Freiling. 2010. A structured approach to anomaly detection for in-vehicle networks. In Sixth International Conference on Information Assurance and Security. IEEE, Atlanta, GA, 92–98. https://doi.org/10.1109/ISIAS.2010.5604050Google ScholarCross Ref
- Tarak Nandy, Rafidah M. Noor, Mohd Yamani Idna Bin Idris, and Sananda Bhattacharyya. 2020. T-BCIDS: Trust-Based Collaborative Intrusion Detection System for VANET. In 2020 National Conference on Emerging Trends on Sustainable Technology and Engineering Applications (NCETSTEA). Durgapur, India, 1–5. https://doi.org/10.1109/NCETSTEA48365.2020.9119934Google Scholar
- Nasser Nowdehi, Wissam Aoudi, Magnus Almgren, and Tomas Olovsson. 2019. CASAD: CAN-Aware Stealthy-Attack Detection for In-Vehicle Networks. (2019). arxiv:1909.08407 [cs.CR]Google Scholar
- Ewan S Page. 1954. Continuous inspection schemes. Biometrika 41, 1/2 (1954), 100–115.Google ScholarCross Ref
- Xiaofei Qu, Lin Yang, Kai Guo, Linru Ma, Meng Sun, 2019. A survey on the Development of Self-Organizing Maps for Unsupervised Intrusion Detection. Mobile Networks and Applications (02 Oct 2019). https://doi.org/10.1007/s11036-019-01353-0Google ScholarDigital Library
- Thomas Rosenstatter and Cristofer Englund. 2018. Modelling the Level of Trust in a Cooperative Automated Vehicle Control System. IEEE Transactions on Intelligent Transportation Systems 19, 4(2018), 1237–1247. https://doi.org/10.1109/TITS.2017.2749962Google ScholarCross Ref
- Steffen Sanwald, Liron Kaneti, Marc Stöttinger, and Martin Böhner. 2020. Secure Boot Revisited: Challenges for Secure Implementations in the Automotive Domain. SAE Int. J. Transp. Cyber. & Privacy 2, 2 (aug 2020), 69–81. https://doi.org/10.4271/11-02-02-0008Google ScholarCross Ref
- Glenn Shafer. 1992. Dempster-shafer theory. Encyclopedia of artificial intelligence 1 (1992), 330–331.Google Scholar
- Erfan A. Shams, Ahmet Rizaner, and Ali H. Ulusoy. 2018. Trust aware support vector machine intrusion detection and prevention system in vehicular ad hoc networks. Computers & Security 78(2018), 245–254. https://doi.org/10.1016/j.cose.2018.06.008Google ScholarCross Ref
- Md A. Siddiqui, Jack W. Stokes, Christian Seifert, Evan Argyle, Robert McCann, 2019. Detecting Cyber Attacks Using Anomaly Detection with Explanations and Expert Feedback. In International Conference on Acoustics, Speech and Signal Processing (ICASSP). IEEE, Brighton, United Kingdom, 2872–2876. https://doi.org/10.1109/ICASSP.2019.8683212Google Scholar
- Chawin Sitawarin, Arjun N. Bhagoji, Arsalan Mosenia, Mung Chiang, and Prateek Mittal. 2018. DARTS: Deceiving Autonomous Cars with Toxic Signs. arxiv:1802.06430 [cs.CR]Google Scholar
- Seyed A. Soleymani, Abdul H. Abdullah, Mahdi Zareei, Mohammad H. Anisi, Cesar Vargas-Rosales, 2017. A Secure Trust Model Based on Fuzzy Logic in Vehicular Ad Hoc Networks With Fog Computing. IEEE Access 5(2017), 15619–15629. https://doi.org/10.1109/ACCESS.2017.2733225Google ScholarCross Ref
- Minrui Yan, Jiahao Li, and Guy Harpak. 2020. Security Research Report on Mercedes-Benz Cars. Black Hat USA (2020), 38. https://www.blackhat.com/us-20/briefings/schedule/index.html#security-research-on-mercedes-benz-from-hardware-to-car-control-20746Google Scholar
- Chunhua Zhang, Kangqiang Chen, Xin Zeng, and Xiaoping Xue. 2018. Misbehavior Detection Based on Support Vector Machine and Dempster-Shafer Theory of Evidence in VANETs. IEEE Access 6(2018), 59860–59870. https://doi.org/10.1109/ACCESS.2018.2875678Google ScholarCross Ref
Recommendations
Secure service discovery protocol for intelligent transport systems: proof of correctness
DIVANet '11: Proceedings of the first ACM international symposium on Design and analysis of intelligent vehicular networks and applicationsIntelligent Transportation Systems (ITS) have attracted many researchers that invested a lot of effort to develop many applications mainly for vehicular systems. Existing and investigated applications in vehicular systems are classified in two folds: ...
Towards a Distraction-free Waze
HotMobile '19: Proceedings of the 20th International Workshop on Mobile Computing Systems and ApplicationsReal-time traffic monitoring has had widespread success via crowd-sourced GPS data. While drivers benefit from this low-level, low-latency road information, any high-level traffic data such as road closures and accidents currently have very high latency ...
Live Synthesis of Vehicle-Sourced Data Over 4G LTE
MSWiM '17: Proceedings of the 20th ACM International Conference on Modelling, Analysis and Simulation of Wireless and Mobile SystemsAccurate, up-to-date maps of transient traffic and hazards are invaluable to drivers, city managers, and the emerging class of self-driving vehicles. We present LiveMap, a scalable, automated system for acquiring, curating, and disseminating detailed, ...
Comments