A comprehensive survey of V2X cybersecurity mechanisms and future research paths

Recent advancements in vehicle-to-everything (V2X) communication have notably improved existing transport systems by enabling increased connectivity and driving autonomy levels. The remarkable benefits of V2X connectivity come inadvertently with challenges which involve security vulnerabilities and breaches. Addressing security concerns is essential for seamless and safe operation of mission-critical V2X use cases. This paper surveys current literature on V2X security and provides a systematic and comprehensive review of the most relevant security enhancements to date. An in-depth classification of V2X attacks is first performed according to key security and privacy requirements. Our methodology resumes with a taxonomy of security mechanisms based on their proactive/reactive defensive approach, which helps identify strengths and limitations of state-of-the-art countermeasures for V2X attacks. In addition, this paper delves into the potential of emerging security approaches leveraging artificial intelligence tools to meet security objectives. Promising data-driven solutions tailored to tackle security, privacy and trust issues are thoroughly discussed along with new threat vectors introduced inevitably by these enablers. The lessons learned from the detailed review of existing works are also compiled and highlighted. We conclude this survey with a structured synthesis of open challenges and future research directions to foster contributions in this prominent field.This work is supported by the H2020-INSPIRE-5Gplus project (under Grant agreement No. 871808), the ”Ministerio de Asuntos Económicos y Transformacion Digital” and the European Union-NextGenerationEU in the frameworks of the ”Plan de Recuperación, Transformación y Resiliencia” and of the ”Mecanismo de Recuperación y Resiliencia” under references TSI-063000-2021-39/40/41, and the CHIST-ERA-17-BDSI-003 FIREMAN project funded by the Spanish National Foundation (Grant PCI2019-103780).Peer ReviewedPostprint (published version

Synoptic analysis techniques for intrusion detection in wireless networks

Current system administrators are missing intrusion alerts hidden by large numbers of false positives. Rather than accumulation more data to identify true alerts, we propose an intrusion detection tool that e?ectively uses select data to provide a picture of ?network health?. Our hypothesis is that by utilizing the data available at both the node and cooperative network levels we can create a synoptic picture of the network providing indications of many intrusions or other network issues. Our major contribution is to provide a revolutionary way to analyze node and network data for patterns, dependence, and e?ects that indicate network issues. We collect node and network data, combine and manipulate it, and tease out information about the state of the network. We present a method based on utilizing the number of packets sent, number of packets received, node reliability, route reliability, and entropy to develop a synoptic picture of the network health in the presence of a sinkhole and a HELLO Flood attacker. This method conserves network throughput and node energy by requiring no additional control messages to be sent between the nodes unless an attacker is suspected. We intend to show that, although the concept of an intrusion detection system is not revolutionary, the method in which we analyze the data for clues about network intrusion and performance is highly innovative

Performance of management solutions and cooperation approaches for vehicular delay-tolerant networks

A wide range of daily-life applications supported by vehicular networks attracted the interest, not only from the research community, but also from governments and the automotive industry. For example, they can be used to enable services that assist drivers on the roads (e.g., road safety, traffic monitoring), to spread commercial and entertainment contents (e.g., publicity), or to enable communications on remote or rural regions where it is not possible to have a common network infrastructure. Nonetheless, the unique properties of vehicular networks raise several challenges that greatly impact the deployment of these networks. Most of the challenges faced by vehicular networks arise from the highly dynamic network topology, which leads to short and sporadic contact opportunities, disruption, variable node density, and intermittent connectivity. This situation makes data dissemination an interesting research topic within the vehicular networking area, which is addressed by this study. The work described along this thesis is motivated by the need to propose new solutions to deal with data dissemination problems in vehicular networking focusing on vehicular delay-tolerant networks (VDTNs). To guarantee the success of data dissemination in vehicular networks scenarios it is important to ensure that network nodes cooperate with each other. However, it is not possible to ensure a fully cooperative scenario. This situation makes vehicular networks suitable to the presence of selfish and misbehavior nodes, which may result in a significant decrease of the overall network performance. Thus, cooperative nodes may suffer from the overwhelming load of services from other nodes, which comprises their performance. Trying to solve some of these problems, this thesis presents several proposals and studies on the impact of cooperation, monitoring, and management strategies on the network performance of the VDTN architecture. The main goal of these proposals is to enhance the network performance. In particular, cooperation and management approaches are exploited to improve and optimize the use of network resources. It is demonstrated the performance gains attainable in a VDTN through both types of approaches, not only in terms of bundle delivery probability, but also in terms of wasted resources. The results and achievements observed on this research work are intended to contribute to the advance of the state-of-the-art on methods and strategies for overcome the challenges that arise from the unique characteristics and conceptual design of vehicular networks.O vasto número de aplicações e cenários suportados pelas redes veiculares faz com que estas atraiam o interesse não só da comunidade científica, mas também dos governos e da indústria automóvel. A título de exemplo, estas podem ser usadas para a implementação de serviços e aplicações que podem ajudar os condutores dos veículos a tomar decisões nas estradas, para a disseminação de conteúdos publicitários, ou ainda, para permitir que existam comunicações em zonas rurais ou remotas onde não é possível ter uma infraestrutura de rede convencional. Contudo, as propriedades únicas das redes veiculares fazem com que seja necessário ultrapassar um conjunto de desafios que têm grande impacto na sua aplicabilidade. A maioria dos desafios que as redes veiculares enfrentam advêm da grande mobilidade dos veículos e da topologia de rede que está em constante mutação. Esta situação faz com que este tipo de rede seja suscetível de disrupção, que as oportunidades de contacto sejam escassas e de curta duração, e que a ligação seja intermitente. Fruto destas adversidades, a disseminação dos dados torna-se um tópico de investigação bastante promissor na área das redes veiculares e por esta mesma razão é abordada neste trabalho de investigação. O trabalho descrito nesta tese é motivado pela necessidade de propor novas abordagens para lidar com os problemas inerentes à disseminação dos dados em ambientes veiculares. Para garantir o sucesso da disseminação dos dados em ambientes veiculares é importante que este tipo de redes garanta a cooperação entre os nós da rede. Contudo, neste tipo de ambientes não é possível garantir um cenário totalmente cooperativo. Este cenário faz com que as redes veiculares sejam suscetíveis à presença de nós não cooperativos que comprometem seriamente o desempenho global da rede. Por outro lado, os nós cooperativos podem ver o seu desempenho comprometido por causa da sobrecarga de serviços que poderão suportar. Para tentar resolver alguns destes problemas, esta tese apresenta várias propostas e estudos sobre o impacto de estratégias de cooperação, monitorização e gestão de rede no desempenho das redes veiculares com ligações intermitentes (Vehicular Delay-Tolerant Networks - VDTNs). O objetivo das propostas apresentadas nesta tese é melhorar o desempenho global da rede. Em particular, as estratégias de cooperação e gestão de rede são exploradas para melhorar e optimizar o uso dos recursos da rede. Ficou demonstrado que o uso deste tipo de estratégias e metodologias contribui para um aumento significativo do desempenho da rede, não só em termos de agregados de pacotes (“bundles”) entregues, mas também na diminuição do volume de recursos desperdiçados. Os resultados observados neste trabalho procuram contribuir para o avanço do estado da arte em métodos e estratégias que visam ultrapassar alguns dos desafios que advêm das propriedades e desenho conceptual das redes veiculares

Anomaly detection in smart city wireless sensor networks

Aquesta tesi proposa una plataforma de detecció d’intrusions per a revelar atacs a les xarxes de sensors sense fils (WSN, per les sigles en anglès) de les ciutats intel·ligents (smart cities). La plataforma està dissenyada tenint en compte les necessitats dels administradors de la ciutat intel·ligent, els quals necessiten accés a una arquitectura centralitzada que pugui gestionar alarmes de seguretat en un sistema altament heterogeni i distribuït. En aquesta tesi s’identifiquen els diversos passos necessaris des de la recollida de dades fins a l’execució de les tècniques de detecció d’intrusions i s’avalua que el procés sigui escalable i capaç de gestionar dades típiques de ciutats intel·ligents. A més, es comparen diversos algorismes de detecció d’anomalies i s’observa que els mètodes de vectors de suport d’una mateixa classe (one-class support vector machines) resulten la tècnica multivariant més adequada per a descobrir atacs tenint en compte les necessitats d’aquest context. Finalment, es proposa un esquema per a ajudar els administradors a identificar els tipus d’atacs rebuts a partir de les alarmes disparades.Esta tesis propone una plataforma de detección de intrusiones para revelar ataques en las redes de sensores inalámbricas (WSN, por las siglas en inglés) de las ciudades inteligentes (smart cities). La plataforma está diseñada teniendo en cuenta la necesidad de los administradores de la ciudad inteligente, los cuales necesitan acceso a una arquitectura centralizada que pueda gestionar alarmas de seguridad en un sistema altamente heterogéneo y distribuido. En esta tesis se identifican los varios pasos necesarios desde la recolección de datos hasta la ejecución de las técnicas de detección de intrusiones y se evalúa que el proceso sea escalable y capaz de gestionar datos típicos de ciudades inteligentes. Además, se comparan varios algoritmos de detección de anomalías y se observa que las máquinas de vectores de soporte de una misma clase (one-class support vector machines) resultan la técnica multivariante más adecuada para descubrir ataques teniendo en cuenta las necesidades de este contexto. Finalmente, se propone un esquema para ayudar a los administradores a identificar los tipos de ataques recibidos a partir de las alarmas disparadas.This thesis proposes an intrusion detection platform which reveals attacks in smart city wireless sensor networks (WSN). The platform is designed taking into account the needs of smart city administrators, who need access to a centralized architecture that can manage security alarms in a highly heterogeneous and distributed system. In this thesis, we identify the various necessary steps from gathering WSN data to running the detection techniques and we evaluate whether the procedure is scalable and capable of handling typical smart city data. Moreover, we compare several anomaly detection algorithms and we observe that one-class support vector machines constitute the most suitable multivariate technique to reveal attacks, taking into account the requirements in this context. Finally, we propose a classification schema to assist administrators in identifying the types of attacks compromising their networks

Networks, Communication, and Computing Vol. 2

Networks, communications, and computing have become ubiquitous and inseparable parts of everyday life. This book is based on a Special Issue of the Algorithms journal, and it is devoted to the exploration of the many-faceted relationship of networks, communications, and computing. The included papers explore the current state-of-the-art research in these areas, with a particular interest in the interactions among the fields

A Novel Cooperative Intrusion Detection System for Mobile Ad Hoc Networks

Mobile ad hoc networks (MANETs) have experienced rapid growth in their use for various military, medical, and commercial scenarios. This is due to their dynamic nature that enables the deployment of such networks, in any target environment, without the need for a pre-existing infrastructure. On the other hand, the unique characteristics of MANETs, such as the lack of central networking points, limited wireless range, and constrained resources, have made the quest for securing such networks a challenging task. A large number of studies have focused on intrusion detection systems (IDSs) as a solid line of defense against various attacks targeting the vulnerable nature of MANETs. Since cooperation between nodes is mandatory to detect complex attacks in real time, various solutions have been proposed to provide cooperative IDSs (CIDSs) in efforts to improve detection efficiency. However, all of these solutions suffer from high rates of false alarms, and they violate the constrained-bandwidth nature of MANETs. To overcome these two problems, this research presented a novel CIDS utilizing the concept of social communities and the Dempster-Shafer theory (DST) of evidence. The concept of social communities was intended to establish reliable cooperative detection reporting while consuming minimal bandwidth. On the other hand, DST targeted decreasing false accusations through honoring partial/lack of evidence obtained solely from reliable sources. Experimental evaluation of the proposed CIDS resulted in consistently high detection rates, low false alarms rates, and low bandwidth consumption. The results of this research demonstrated the viability of applying the social communities concept combined with DST in achieving high detection accuracy and minimized bandwidth consumption throughout the detection process

Security in Internet of Things: networked smart objects.

Internet of Things (IoT) is an innovative paradigm approaching both industries and humans every-day life. It refers to the networked interconnection of every-day objects, which are equipped with ubiquitous intelligence. It not only aims at increasing the ubiquity of the Internet, but also at leading towards a highly distributed network of devices communicating with human beings as well as with other devices. Thanks to rapid advances in underlying technologies, IoT is opening valuable opportunities for a large number of novel applications, that promise to improve the quality of humans lives, facilitating the exchange of services. In this scenario, security represents a crucial aspect to be addressed, due to the high level of heterogeneity of the involved devices and to the sensibility of the managed information. Moreover, a system architecture should be established, before the IoT is fully operable in an efficient, scalable and interoperable manner. The main goal of this PhD thesis concerns the design and the implementation of a secure and distributed middleware platform tailored to IoT application domains. The effectiveness of the proposed solution is evaluated by means of a prototype and real case studies

Federated Robust Embedded Systems: Concepts and Challenges

The development within the area of embedded systems (ESs) is moving rapidly, not least due to falling costs of computation and communication equipment. It is believed that increased communication opportunities will lead to the future ESs no longer being parts of isolated products, but rather parts of larger communities or federations of ESs, within which information is exchanged for the benefit of all participants. This vision is asserted by a number of interrelated research topics, such as the internet of things, cyber-physical systems, systems of systems, and multi-agent systems. In this work, the focus is primarily on ESs, with their specific real-time and safety requirements. While the vision of interconnected ESs is quite promising, it also brings great challenges to the development of future systems in an efficient, safe, and reliable way. In this work, a pre-study has been carried out in order to gain a better understanding about common concepts and challenges that naturally arise in federations of ESs. The work was organized around a series of workshops, with contributions from both academic participants and industrial partners with a strong experience in ES development. During the workshops, a portfolio of possible ES federation scenarios was collected, and a number of application examples were discussed more thoroughly on different abstraction levels, starting from screening the nature of interactions on the federation level and proceeding down to the implementation details within each ES. These discussions led to a better understanding of what can be expected in the future federated ESs. In this report, the discussed applications are summarized, together with their characteristics, challenges, and necessary solution elements, providing a ground for the future research within the area of communicating ESs