Wireless vehicular communications for automatic incident detection and recovery

Incident detection is the process by which an incident is brought to the attention of traffic operators in order to design and activate a response plan. To minimize the detection time is crucial to mitigate the incident severity for victims as well to reduce the risk of secondary crashes. Automated incident information dissemination and traffic conditions is useful to alert in-route drivers to decide alternative routes on unexpected traffic congestion and may be also used for the incident recovery process, namely to optimize the response plan including the “nearest” rescue teams, thereby shortening their response times. Wireless vehicular communications, notably the emergent IEEE 802.11p protocol, is the enabling technology providing timely, dependable and secure properties that are essential for the devised target application. However, there are still some open issues with vehicular communications that require further research efforts. This paper presents an overview of the state of the art in wireless vehicular communications and describes the field operational tests proposed within the scope of the upcoming FP7 project ICSI - Intelligent Cooperative Sensing for Improved traffic efficiency

Introducing Safety and Security Co-engineering Related Research Orientations in the Field of Automotive Security

Since modern vehicles are connected and their transport processes are strongly supported by different automated functions, malicious external interventions can impair safety integrity. Therefore, it seems to be reasonable in the future to introduce safety and security co-engineering approaches in the automotive industry. With regard to the performed evaluation, three main promising research orientations have been identified. Automotive safety and security related development of co-engineering methodology and validation framework are of key importance from the viewpoint of autonomous transportation. Accordingly, a scenario based, integrated evaluation of automotive safety and security would be closely fit to the concept of SOTIF and the SoS approach. Beyond this, the communication and network security of "vehicle to everything" channels have to also be in the focus of automotive researches. Additionally, the development of automotive anomaly detection systems, especially focusing on the complex SoS operation processes will be a highly important research orientation

A Structured Approach to Securing the Connected Car

<p>Vehicles of today have become increasingly dependent on software to handle their functionalities. Updating and maintaining the software in vehicles has therefore become a costly process for the automotive industry. By introducing wireless communications to vehicles, vehicular maintenance can greatly be improved and many other new applications can also be brought to the vehicles. However, the vehicle was not designed with security in mind. Since the vehicle is safety-critical, it is vital that such new remote services do not violate the safety and security requirements of the vehicle. Thus, this thesis presents a general approach to securing the connected car and the usefulness of the approach is demonstrated in a vehicular diagnostics scenario.</p> <p>The thesis comes in two main parts. In the first part, we address security mechanisms for the connected car. First, a survey of current mechanisms to secure the in-vehicle networks is made. Then, a description of possible communication methods with vehicles is given and a taxonomy of current entities involved in such communication is presented. The taxonomy is organised in actors, vehicle-to-X communications, network paths, and dependability and security attributes. The usefulness of the taxonomy is demonstrated by two examples.</p> <p>In the second part, we address security with respect to vehicular diagnostics. First, an overall security analysis of the interaction between the connected car and the repair shop is conducted. We find that the most imminent risk in the repair shop is the loss of authentication keys. The loss of such keys allows masquerading attacks against vehicles. To address this problem, we propose a Kerberos-inspired protocol for authentication and authorisation of the diagnostics equipment and a trusted third party is introduced.</p> <p>To conclude, this thesis shows the value of adopting a structured approach to securing the connected car. The approach has been shown to be useful for identifying threats and countermeasures and thus help improving security.</p

Security aspects of the in-vehicle network in the connected car

In this paper, we briefly survey the research with respect to the security of the connected car, and in particular its in-vehicle network. The aim is to highlight the current state of the research; which are the problems found, and what solutions have been suggested. We have structured our investigation by categorizing the research into the following five categories: problems in the in-vehicle network, architectural security features, intrusion detection systems, honeypots, and threats and attacks. We conclude that even though quite some effort has already been expended in the area, most of it has been directed towards problem definition and not so much towards security solutions. We also highlight a few areas that we believe are of immediate concern

Implementacja pułapki typu Honeypot dla bezprzewodowej sieci komunikacji międzypojazdowej

Mestrado em Engenharia Electrónica e TelecomunicaçõesEsta dissertação descreve um estudo de viabilidade para a implementação de um software do tipo pote-de-mel (honeypot) para comunicações veículares Ad-Hoc sem fios baseadas no protocolo WAVE (Wireless Access in Vehicular Environment). Um honeypot é uma ferramenta desenhada para simular falsas redes de computadores, monitorá-los, e capturar todos os eventuais comportamentos maliciosos tais como ataques e tentativas de intrusão. O estudo da solução proposta começa com uma pesquisa de trabalho relacionado e com o estudo dos fundamentos e protocolos das comunicações veículares sem fios, nomeadamente os protocolos IEEE 802.11p e IEEE 1609.2. De seguida é feito um levantamento dos principais problemas de segurança no âmbito das comunicações veículares sem fios e procede-se a uma descrição detalhada da tecnologia de honeypots e é escolhida uma ferramente que irá ser alvo de particular atenção ao longo desta dissertação, o HONEYD. Finalmente, e dado que esta dissertação tem um caracter iminententemente teórico, são descritas as modificações que serão necessárias para adaptar o HONEYD para comunicações veículares sem fios. Isto para o caso de comunicações veículo a veículo, onde é descrita a integração do HONEYD na unidade de bordo (OBU) e para o caso de ce comunicações veículo a infraestrutura de beira de estrada, onde é proposta uma solução para integração do HONEYD na road-side-unit (RSU).This dissertation is an attempt to implement the honeypot software into highly dynamic Vehicular Ad-hoc Network (VANET).This adhoc network is based on wireless communication between nodes according to the - WAVE (Wireless Access in Vehicular Environment) protocol. A honeypot is a tool designed to simulate fake local computer networks, monitor them, and capture all malicious behavior aimed towards them. This dissertation is in the scope of Intelligent Transportation Systems (ITS) and it provides some contributions to development of security system and hence, road safety. Honeypot solution implemented in VANET would help improve security in the network by attracting, catching and analyzing all malicious attempts to break the security system. The study of proposed solution begins with research and introduction to the main principals of vehicular communication. It is accompanied with system and wireless communication technology description. Presentation of main security issues is also provided. Honeypot software is also presented by deep in-sight look into its types, functionality, architecture, advantages and disadvantages. Via the research the one type of recent available honeypot is chosen and then deeply scrutinized on the basis of implementation into Vehicular Ad-hoc Network. Finally, since this dissertation has theoretical character, to-be changes that should be carried out to implement fully the propose solution are provided. As this work is mainly focused on tailoring and proposing necessary changes to the TCP/IP honeypot software to meet the requirements of WAVE, the hardware tests in real environment as well as creating source code will not be done and are out of scope of this dissertation. Future work should be based on programming necessary modules and putting them into life.Poniższa praca magisterska jest próbą przystosowania programu typu honeypot do działania w mobilnych sieciach ad-hoc - VANET (Vehicular Ad-hoc Network). Sieć ta oparta jest na bezprzewodowej komunikacji pomiędzy pojazdami zgodnie ze standardem WAVE (Wireless Access in Vehicular Environment). Honeypot jest narzędziem służącym do symulowania topologii sieci komputerowej, monitorowania jej i wychwytywania wszelakich prób włamań do niej. Temat tej pracy magisterskiej mieści się w obszarze działalności stowarzyszenia ITS (Intelligent Transportation Systems). Będzie ona miała wpływ na polepszenie bezpieczeństwa w sieciach VANET i co za tym idzie bezpieczeństwa na drogach. Program honeypot wdrożony w sieciach VANET może w aktywny sposób przyczynić się do poprawienia bezpieczeństwa w sieci, poprzez przyciąganie, wychwytywanie i analizowanie wszelakich prób włamań. Praca ta zaczyna się przeglądem głównych zagadnień dotyczących bezprzewodowej komunikacji pomiędzy pojazdami w sieciach VANET. Szczególny nacisk jest kładziony na bezpieczeństwo w tych sieciach. Zaprezentowana jest również idea programu honeypot zarówno jak i jego rodzaje, funkcjonalność, architektura oraz wady i zalety. Poprzez analizę dostępnych programów służących jako honeypot, został wybrany jeden konkretny - honeyd i poddany dokładnej analizie pod kątem implementacji w sieciach VANET. Jako że ta praca magisterska ma charakter teoretyczny, jej wynikiem jest propozycja funkcjonalności i architektury urządzenia działającego jako honeypot w sieciach VANET. Zaproponowane są również zmiany którym powinien ulec software aby zapewnić pełną komunikację z nowym środowiskiem. Stworzenie kodu źródłowego odpowiadającego tym zmianom oraz testy na sprzęcie są pracą na przyszłość

NETWORKED MICROGRID OPTIMIZATION AND ENERGY MANAGEMENT

Military vehicles possess attributes consistent with a microgrid, containing electrical energy generation, storage, government furnished equipment (GFE), and the ability to share these capabilities via interconnection. Many military vehicles have significant energy storage capacity to satisfy silent watch requirements, making them particularly well-suited to share their energy storage capabilities with stationary microgrids for more efficient energy management. Further, the energy generation capacity and the fuel consumption rate of the vehicles are comparable to standard diesel generators, for certain scenarios, the use of the vehicles could result in more efficient operation. Energy management of a microgrid is an open area of research especially in generation constrained scenarios where shedding of low-priority loads may be required. Typical metrics used to assess the effectiveness of an energy management strategy or policy include fuel consumption, electrical storage energy requirements, or the net exergy destruction. When considering a military outpost consisting of a stationary microgrid and a set of vehicles, the metrics used for managing the network become more complex. For example, the metrics used to manage a vehicle’s onboard equipment while on patrol may include fuel consumption, the acoustic signature, and the heat signature. Now consider that the vehicles are parked at an outpost and participating in vehicle-to-grid power-sharing and control. The metrics used to manage the grid assets may now include fuel consumption, the electrical storage’s state of charge, frequency regulation, load prioritization, and load dispatching. The focus of this work is to develop energy management and control strategies that allow a set of diverse assets to be controlled, yielding optimal operation. The provided policies result in both short-term and long-term optimal control of the electrical generation assets. The contributions of this work were: (1) development of a methodology to generate a time-varying electrical load based on (1) a U.S. Army-relevant event schedule and (2) a set of meteorological conditions, resulting in a scenario rich environment suitable for modeling and control of hybrid AC/DC tactical military microgrids, (2) the development of a multi-tiered hierarchical control architecture, suitable for development of both short and long term optimal energy management strategies for hybrid electric microgrids, and (3) the development of blending strategies capable of blending a diverse set of heterogeneous assets with multiple competing objective functions. This work could be extended to include a more diverse set of energy generation assets, found within future energy networks

Wide spectrum attribution: Using deception for attribution intelligence in cyber attacks

Modern cyber attacks have evolved considerably. The skill level required to conduct a cyber attack is low. Computing power is cheap, targets are diverse and plentiful. Point-and-click crimeware kits are widely circulated in the underground economy, while source code for sophisticated malware such as Stuxnet is available for all to download and repurpose. Despite decades of research into defensive techniques, such as firewalls, intrusion detection systems, anti-virus, code auditing, etc, the quantity of successful cyber attacks continues to increase, as does the number of vulnerabilities identified. Measures to identify perpetrators, known as attribution, have existed for as long as there have been cyber attacks. The most actively researched technical attribution techniques involve the marking and logging of network packets. These techniques are performed by network devices along the packet journey, which most often requires modification of existing router hardware and/or software, or the inclusion of additional devices. These modifications require wide-scale infrastructure changes that are not only complex and costly, but invoke legal, ethical and governance issues. The usefulness of these techniques is also often questioned, as attack actors use multiple stepping stones, often innocent systems that have been compromised, to mask the true source. As such, this thesis identifies that no publicly known previous work has been deployed on a wide-scale basis in the Internet infrastructure. This research investigates the use of an often overlooked tool for attribution: cyber de- ception. The main contribution of this work is a significant advancement in the field of deception and honeypots as technical attribution techniques. Specifically, the design and implementation of two novel honeypot approaches; i) Deception Inside Credential Engine (DICE), that uses policy and honeytokens to identify adversaries returning from different origins and ii) Adaptive Honeynet Framework (AHFW), an introspection and adaptive honeynet framework that uses actor-dependent triggers to modify the honeynet envi- ronment, to engage the adversary, increasing the quantity and diversity of interactions. The two approaches are based on a systematic review of the technical attribution litera- ture that was used to derive a set of requirements for honeypots as technical attribution techniques. Both approaches lead the way for further research in this field

An Approach to using Honeypots in In-Vehicle Networks

An emerging trend among automobile manufacturers is to introduce wireless technology in the vehicles. By allowing wireless communication, real-time information exchange between vehicles as well as between infrastructure and vehicles becomes a reality. This communication allows for road condition reporting, decision making, and remote diagnostics and firmware updates over-the-air, creating a complex critical infrastructure involving vehicles, road-side equipment, and firmware issuers. Allowing external parties wireless access to the vehicle creates a potential entry-point for cyber attacks. Since the safety of the driver depends on correct vehicle operation it is of utmost importance that the in-vehicle network is sufficiently protected against attacks. If we can learn the attackers' preferences, techniques, and weaknesses in existing systems, we can use this information to design security solutions for the in-vehicle network. In this paper, we present and discuss the use of honeypots as a means of collecting such attacker information. We show how to design a vehicle honeypot, how to gather data from attackers, and discuss how to process and analyze the gathered data. Furthermore, we provide a discussion where we highlight important issues related to using honeypots in vehicles