A Multilayered Security Infrastructure for Connected Vehicles -- First Lessons from the Field
- URL: http://arxiv.org/abs/2310.10336v1
- Date: Mon, 16 Oct 2023 12:22:29 GMT
- Title: A Multilayered Security Infrastructure for Connected Vehicles -- First Lessons from the Field
- Authors: Timo Häckel, Philipp Meyer, Lukas Stahlbock, Falk Langer, Sebastian A. Eckhardt, Franz Korf, Thomas C. Schmidt,
- Abstract summary: We present an integrated security infrastructure comprising network protection, monitoring, incident management, and counteractions.
Our vehicle implements a Software-Defined Networking Ethernet backbone to restrict communication routes.
Our findings indicate attack mitigation times in the vehicle from 257 ms to 328 ms and from 2,168 ms to 2,713 ms traversing the cloud.
- Score: 0.36646002427839136
- License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
- Abstract: Connected vehicles are vulnerable to manipulation and a broad attack surface can be used to intrude in-vehicle networks from anywhere on earth. In this work, we present an integrated security infrastructure comprising network protection, monitoring, incident management, and counteractions, which we built into a prototype based on a production car. Our vehicle implements a Software-Defined Networking Ethernet backbone to restrict communication routes, network anomaly detection to make misbehavior evident, virtual controller functions to enable agile countermeasures, and an automotive cloud defense center to analyse and manage incidents on vehicle fleets. We present first measurements and lessons learned from operating the prototype: many network attacks can be prevented through software-defined access control in the backbone; anomaly detection can reliably detect misbehavior but needs to improve on false positive rate; controller virtualization needs tailored frameworks to meet in-car requirements; and cloud defence enables fleet management and advanced countermeasures. Our findings indicate attack mitigation times in the vehicle from 257 ms to 328 ms and from 2,168 ms to 2,713 ms traversing the cloud.
Related papers
- AntibotV: A Multilevel Behaviour-based Framework for Botnets Detection in Vehicular Networks [1.3701366534590498]
We propose AntibotV, a multilevel behaviour-based framework for vehicular botnets detection in vehicular networks.
The proposed framework combines two main modules for attack detection, the first one monitors the vehicle's activity at the network level, whereas the second one monitors the in-vehicle activity.
The experimental results showed that the proposed framework outperforms existing solutions, it achieves a detection rate higher than 97% and a false positive rate lower than 0.14%.
arXiv Detail & Related papers (2024-07-03T21:07:49Z) - A Survey and Comparative Analysis of Security Properties of CAN Authentication Protocols [92.81385447582882]
The Controller Area Network (CAN) bus leaves in-vehicle communications inherently non-secure.
This paper reviews and compares the 15 most prominent authentication protocols for the CAN bus.
We evaluate protocols based on essential operational criteria that contribute to ease of implementation.
arXiv Detail & Related papers (2024-01-19T14:52:04Z) - Detecting stealthy cyberattacks on adaptive cruise control vehicles: A
machine learning approach [5.036807309572884]
More insidious attacks, which only slightly alter driving behavior, can result in network-wide increases in congestion, fuel consumption, and even crash risk without being easily detected.
We present a traffic model framework for three types of potential cyberattacks: malicious manipulation of vehicle control commands, false data injection attacks on sensor measurements, and denial-of-service (DoS) attacks.
A novel generative adversarial network (GAN)-based anomaly detection model is proposed for real-time identification of such attacks using vehicle trajectory data.
arXiv Detail & Related papers (2023-10-26T01:22:10Z) - Towards a Near-real-time Protocol Tunneling Detector based on Machine Learning Techniques [0.0]
We present a protocol tunneling detector prototype which inspects, in near real time, a company's network traffic using machine learning techniques.
The detector monitors unencrypted network flows and extracts features to detect possible occurring attacks and anomalies.
Results show 97.1% overall accuracy and an F1-score equals to 95.6%.
arXiv Detail & Related papers (2023-09-22T09:08:43Z) - Convergence of Communications, Control, and Machine Learning for Secure
and Autonomous Vehicle Navigation [78.60496411542549]
Connected and autonomous vehicles (CAVs) can reduce human errors in traffic accidents, increase road efficiency, and execute various tasks. Reaping these benefits requires CAVs to autonomously navigate to target destinations.
This article proposes solutions using the convergence of communication theory, control theory, and machine learning to enable effective and secure CAV navigation.
arXiv Detail & Related papers (2023-07-05T21:38:36Z) - When Authentication Is Not Enough: On the Security of Behavioral-Based Driver Authentication Systems [53.2306792009435]
We develop two lightweight driver authentication systems based on Random Forest and Recurrent Neural Network architectures.
We are the first to propose attacks against these systems by developing two novel evasion attacks, SMARTCAN and GANCAN.
Through our contributions, we aid practitioners in safely adopting these systems, help reduce car thefts, and enhance driver security.
arXiv Detail & Related papers (2023-06-09T14:33:26Z) - Infrastructure-based End-to-End Learning and Prevention of Driver
Failure [68.0478623315416]
FailureNet is a recurrent neural network trained end-to-end on trajectories of both nominal and reckless drivers in a scaled miniature city.
It can accurately identify control failures, upstream perception errors, and speeding drivers, distinguishing them from nominal driving.
Compared to speed or frequency-based predictors, FailureNet's recurrent neural network structure provides improved predictive power, yielding upwards of 84% accuracy when deployed on hardware.
arXiv Detail & Related papers (2023-03-21T22:55:51Z) - Reinforcement Learning based Cyberattack Model for Adaptive Traffic
Signal Controller in Connected Transportation Systems [61.39400591328625]
In a connected transportation system, adaptive traffic signal controllers (ATSC) utilize real-time vehicle trajectory data received from vehicles to regulate green time.
This wirelessly connected ATSC increases cyber-attack surfaces and increases their vulnerability to various cyber-attack modes.
One such mode is a'sybil' attack in which an attacker creates fake vehicles in the network.
An RL agent is trained to learn an optimal rate of sybil vehicle injection to create congestion for an approach(s)
arXiv Detail & Related papers (2022-10-31T20:12:17Z) - Anomaly Detection in Intra-Vehicle Networks [0.0]
Modern vehicles are connected to a range of networks, including intra-vehicle networks and external networks.
With the loopholes in the existing traditional protocols, cyber-attacks on the vehicle network are rising drastically.
This paper discusses the security issues of the CAN bus protocol and proposes an Intrusion Detection System (IDS) that detects known attacks.
arXiv Detail & Related papers (2022-05-07T03:38:26Z) - CAN-LOC: Spoofing Detection and Physical Intrusion Localization on an
In-Vehicle CAN Bus Based on Deep Features of Voltage Signals [48.813942331065206]
We propose a security hardening system for in-vehicle networks.
The proposed system includes two mechanisms that process deep features extracted from voltage signals measured on the CAN bus.
arXiv Detail & Related papers (2021-06-15T06:12:33Z) - An Adversarial Attack Defending System for Securing In-Vehicle Networks [6.288673794889309]
We propose an Adversarial Attack Defending System (AADS) for securing an in-vehicle network.
Our experimental results demonstrate that adversaries can easily attack the LSTM-based detection model with a success rate of over 98%.
arXiv Detail & Related papers (2020-08-25T21:23:49Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.