Analysis of cyber risk and associated concentration of research (ACR)² in the security of vehicular edge clouds

Intelligent Transportation Systems (ITS) is a rapidly growing research space with many issues and challenges. One of the major concerns is to successfully integrate connected technologies, such as cloud infrastructure and edge cloud, into ITS. Security has been identified as one of the greatest challenges for the ITS, and security measures require consideration from design to implementation. This work focuses on providing an analysis of cyber risk and associated concentration of research (ACR2). The introduction of ACR2 approach can be used to consider research challenges in VEC and open up further investigation into those threats that are important but under-researched. That is, the approach can identify very high or high risk areas that have a low research concentration. In this way, this research can lay the foundations for the development of further work in securing the future of ITS

Security and Privacy Issues in Wireless Mesh Networks: A Survey

This book chapter identifies various security threats in wireless mesh network (WMN). Keeping in mind the critical requirement of security and user privacy in WMNs, this chapter provides a comprehensive overview of various possible attacks on different layers of the communication protocol stack for WMNs and their corresponding defense mechanisms. First, it identifies the security vulnerabilities in the physical, link, network, transport, application layers. Furthermore, various possible attacks on the key management protocols, user authentication and access control protocols, and user privacy preservation protocols are presented. After enumerating various possible attacks, the chapter provides a detailed discussion on various existing security mechanisms and protocols to defend against and wherever possible prevent the possible attacks. Comparative analyses are also presented on the security schemes with regards to the cryptographic schemes used, key management strategies deployed, use of any trusted third party, computation and communication overhead involved etc. The chapter then presents a brief discussion on various trust management approaches for WMNs since trust and reputation-based schemes are increasingly becoming popular for enforcing security in wireless networks. A number of open problems in security and privacy issues for WMNs are subsequently discussed before the chapter is finally concluded.Comment: 62 pages, 12 figures, 6 tables. This chapter is an extension of the author's previous submission in arXiv submission: arXiv:1102.1226. There are some text overlaps with the previous submissio

Deep Learning-Based Intrusion Detection Methods for Computer Networks and Privacy-Preserving Authentication Method for Vehicular Ad Hoc Networks

The incidence of computer network intrusions has significantly increased over the last decade, partially attributed to a thriving underground cyber-crime economy and the widespread availability of advanced tools for launching such attacks. To counter these attacks, researchers in both academia and industry have turned to machine learning (ML) techniques to develop Intrusion Detection Systems (IDSes) for computer networks. However, many of the datasets use to train ML classifiers for detecting intrusions are not balanced, with some classes having fewer samples than others. This can result in ML classifiers producing suboptimal results. In this dissertation, we address this issue and present better ML based solutions for intrusion detection. Our contributions in this direction can be summarized as follows: Balancing Data Using Synthetic Data to detect intrusions in Computer Networks: In the past, researchers addressed the issue of imbalanced data in datasets by using over-sampling and under-sampling techniques. In this study, we go beyond such traditional methods and utilize a synthetic data generation method called Con- ditional Generative Adversarial Network (CTGAN) to balance the datasets and in- vestigate its impact on the performance of widely used ML classifiers. To the best of our knowledge, no one else has used CTGAN to generate synthetic samples for balancing intrusion detection datasets. We use two widely used publicly available datasets and conduct extensive experiments and show that ML classifiers trained on these datasets balanced with synthetic samples generated by CTGAN have higher prediction accuracy and Matthew Correlation Coefficient (MCC) scores than those trained on imbalanced datasets by 8% and 13%, respectively. Deep Learning approach for intrusion detection using focal loss function: To overcome the data imbalance problem for intrusion detection, we leverage the specialized loss function, called focal loss, that automatically down-weighs easy ex- amples and focuses on the hard negatives by facilitating dynamically scaled-gradient updates for training ML models effectively. We implement our approach using two well-known Deep Learning (DL) neural network architectures. Compared to training DL models using cross-entropy loss function, our approach (training DL models using focal loss function) improved accuracy, precision, F1 score, and MCC score by 24%, 39%, 39%, and 60% respectively. Efficient Deep Learning approach to detect Intrusions using Few-shot Learning: To address the issue of imbalance the datasets and develop a highly effective IDS, we utilize the concept of few-shot learning. We present a Few-Shot and Self-Supervised learning framework, called FS3, for detecting intrusions in IoT networks. FS3 works in three phases. Our approach involves first pretraining an encoder on a large-scale external dataset in a selfsupervised manner. We then employ few-shot learning (FSL), which seeks to replicate the encoder’s ability to learn new patterns from only a few training examples. During the encoder training us- ing a small number of samples, we train them contrastively, utilizing the triplet loss function. The third phase introduces a novel K-Nearest neighbor algorithm that sub- samples the majority class instances to further reduce imbalance and improve overall performance. Our proposed framework FS3, utilizing only 20% of labeled data, out- performs fully supervised state-of-the-art models by up to 42.39% and 43.95% with respect to the metrics precision and F1 score, respectively. The rapid evolution of the automotive industry and advancements in wireless com- munication technologies will result in the widespread deployment of Vehicular ad hoc networks (VANETs). However, despite the network’s potential to enable intelligent and autonomous driving, it also introduces various attack vectors that can jeopardize its security. In this dissertation, we present efficient privacy-preserving authenticated message dissemination scheme in VANETs. Conditional Privacy-preserving Authentication and Message Dissemination Scheme using Timestamp based Pseudonyms: To authenticate a message sent by a vehicle using its pseudonym, a certificate of the pseudonym signed by the central authority is generally utilized. If a vehicle is found to be malicious, certificates associated with all the pseudonyms assigned to it must be revoked. Certificate revocation lists (CRLs) should be shared with all entities that will be corresponding with the vehicle. As each vehicle has a large pool of pseudonyms allocated to it, the CRL can quickly grow in size as the number of revoked vehicles increases. This results in high storage overheads for storing the CRL, and significant authentication overheads as the receivers must check their CRL for each message received to verify its pseudonym. To address this issue, we present a timestamp-based pseudonym allocation scheme that reduces the storage overhead and authentication overhead by streamlining the CRL management process

Automated and intelligent hacking detection system

Dissertação de mestrado integrado em Informatics EngineeringThe Controller Area Network (CAN) is the backbone of automotive networking, connecting many Electronic ControlUnits (ECUs) that control virtually every vehicle function from fuel injection to parking sensors. It possesses,however, no security functionality such as message encryption or authentication by default. Attackers can easily inject or modify packets in the network, causing vehicle malfunction and endangering the driver and passengers. There is an increasing number of ECUs in modern vehicles, primarily driven by the consumer’s expectation of more features and comfort in their vehicles as well as ever-stricter government regulations on efficiency and emissions. Combined with vehicle connectivity to the exterior via Bluetooth, Wi-Fi, or cellular, this raises the risk of attacks. Traditional networks, such as Internet Protocol (IP), typically have an Intrusion Detection System (IDS) analysing traffic and signalling when an attack occurs. The system here proposed is an adaptation of the traditional IDS into the CAN bus using a One Class Support Vector Machine (OCSVM) trained with live, attack-free traffic. The system is capable of reliably detecting a variety of attacks, both known and unknown, without needing to understand payload syntax, which is largely proprietary and vehicle/model dependent. This allows it to be installed in any vehicle in a plug-and-play fashion while maintaining a large degree of accuracy with very few false positives.A Controller Area Network (CAN) é a principal tecnologia de comunicação interna automóvel, ligando muitas Electronic Control Units (ECUs) que controlam virtualmente todas as funções do veículo desde injeção de combustível até aos sensores de estacionamento. No entanto, não possui por defeito funcionalidades de segurança como cifragem ou autenticação. É possível aos atacantes facilmente injetarem ou modificarem pacotes na rede causando estragos e colocando em perigo tanto o condutor como os passageiros. Existe um número cada vez maior de ECUs nos veículos modernos, impulsionado principalmente pelas expectativas do consumidores quanto ao aumento do conforto nos seus veículos, e pelos cada vez mais exigentes regulamentos de eficiência e emissões. Isto, associada à conexão ao exterior através de tecnologias como o Bluetooth, Wi-Fi, ou redes móveis, aumenta o risco de ataques. Redes tradicionais, como a rede Internet Protocol (IP), tipicamente possuem um Intrusion Detection Systems (IDSs) que analiza o tráfego e assinala a presença de um ataque. O sistema aqui proposto é uma adaptação do IDS tradicional à rede CAN utilizando uma One Class Support Vector Machine (OCSVM) treinada com tráfego real e livre de ataques. O sistema é capaz de detetar com fiabilidade uma variedade de ataques, tanto conhecidos como desconhecidos, sem a necessidade de entender a sintaxe do campo de dados das mensagens, que é maioritariamente proprietária. Isto permite ao sistema ser instalado em qualquer veículo num modo plug-and-play enquanto mantém um elevado nível de desempenho com muito poucos falsos positivos

How Physicality Enables Trust: A New Era of Trust-Centered Cyberphysical Systems

Multi-agent cyberphysical systems enable new capabilities in efficiency, resilience, and security. The unique characteristics of these systems prompt a reevaluation of their security concepts, including their vulnerabilities, and mechanisms to mitigate these vulnerabilities. This survey paper examines how advancement in wireless networking, coupled with the sensing and computing in cyberphysical systems, can foster novel security capabilities. This study delves into three main themes related to securing multi-agent cyberphysical systems. First, we discuss the threats that are particularly relevant to multi-agent cyberphysical systems given the potential lack of trust between agents. Second, we present prospects for sensing, contextual awareness, and authentication, enabling the inference and measurement of ``inter-agent trust" for these systems. Third, we elaborate on the application of quantifiable trust notions to enable ``resilient coordination," where ``resilient" signifies sustained functionality amid attacks on multiagent cyberphysical systems. We refer to the capability of cyberphysical systems to self-organize, and coordinate to achieve a task as autonomy. This survey unveils the cyberphysical character of future interconnected systems as a pivotal catalyst for realizing robust, trust-centered autonomy in tomorrow's world

Analysis of Behavioral Characteristics of Jammers to Detect Malicious Nodes in Mobile ADHOC Networks

Wireless ADHOC Networks are used to establish a wireless connection between two computing devices without the need for a Wi-Fi access point or router. This network is decentralized and uses omnidirectional communication media, which makes it more vulnerable to certain types of attacks compared to wired networks. Jamming attacks, a subset of denial-of-service (DoS) attacks, involve malicious nodes that intentionally interfere with the network, blocking legitimate communication. To address this issue, the proposed method analyzes various characteristics of nodes, such as packets sent, received, and dropped, at each node. Using the packet delivery ratio and packet drop ratio, the method detects jamming nodes from normal nodes, improving network performance. The network is simulated in NS2 environment

Machine learning and blockchain technologies for cybersecurity in connected vehicles

Future connected and autonomous vehicles (CAVs) must be secured againstcyberattacks for their everyday functions on the road so that safety of passengersand vehicles can be ensured. This article presents a holistic review of cybersecurityattacks on sensors and threats regardingmulti-modal sensor fusion. A compre-hensive review of cyberattacks on intra-vehicle and inter-vehicle communicationsis presented afterward. Besides the analysis of conventional cybersecurity threatsand countermeasures for CAV systems,a detailed review of modern machinelearning, federated learning, and blockchain approach is also conducted to safe-guard CAVs. Machine learning and data mining-aided intrusion detection systemsand other countermeasures dealing with these challenges are elaborated at theend of the related section. In the last section, research challenges and future direc-tions are identified