Intrusion Detection System for Platooning Connected Autonomous Vehicles

The deployment of Connected Autonomous Vehicles (CAVs) in Vehicular Ad Hoc Networks (VANETs) requires secure wireless communication in order to ensure reliable connectivity and safety. However, this wireless communication is vulnerable to a variety of cyber atacks such as spoofing or jamming attacks. In this paper, we describe an Intrusion Detection System (IDS) based on Machine Learning (ML) techniques designed to detect both spoofing and jamming attacks in a CAV environment. The IDS would reduce the risk of traffic disruption and accident caused as a result of cyber-attacks. The detection engine of the presented IDS is based on the ML algorithms Random Forest (RF), k-Nearest Neighbour (k-NN) and One-Class Support Vector Machine (OCSVM), as well as data fusion techniques in a cross-layer approach. To the best of the authors’ knowledge, the proposed IDS is the first in literature that uses a cross-layer approach to detect both spoofing and jamming attacks against the communication of connected vehicles platooning. The evaluation results of the implemented IDS present a high accuracy of over 90% using training datasets containing both known and unknown attacks

Fast Sequence Component Analysis for Attack Detection in Synchrophasor Networks

Modern power systems have begun integrating synchrophasor technologies into part of daily operations. Given the amount of solutions offered and the maturity rate of application development it is not a matter of "if" but a matter of "when" in regards to these technologies becoming ubiquitous in control centers around the world. While the benefits are numerous, the functionality of operator-level applications can easily be nullified by injection of deceptive data signals disguised as genuine measurements. Such deceptive action is a common precursor to nefarious, often malicious activity. A correlation coefficient characterization and machine learning methodology are proposed to detect and identify injection of spoofed data signals. The proposed method utilizes statistical relationships intrinsic to power system parameters, which are quantified and presented. Several spoofing schemes have been developed to qualitatively and quantitatively demonstrate detection capabilities.Comment: 8 pages, 4 figures, submitted to IEEE Transaction

Satellite Navigation for the Age of Autonomy

Global Navigation Satellite Systems (GNSS) brought navigation to the masses. Coupled with smartphones, the blue dot in the palm of our hands has forever changed the way we interact with the world. Looking forward, cyber-physical systems such as self-driving cars and aerial mobility are pushing the limits of what localization technologies including GNSS can provide. This autonomous revolution requires a solution that supports safety-critical operation, centimeter positioning, and cyber-security for millions of users. To meet these demands, we propose a navigation service from Low Earth Orbiting (LEO) satellites which deliver precision in-part through faster motion, higher power signals for added robustness to interference, constellation autonomous integrity monitoring for integrity, and encryption / authentication for resistance to spoofing attacks. This paradigm is enabled by the 'New Space' movement, where highly capable satellites and components are now built on assembly lines and launch costs have decreased by more than tenfold. Such a ubiquitous positioning service enables a consistent and secure standard where trustworthy information can be validated and shared, extending the electronic horizon from sensor line of sight to an entire city. This enables the situational awareness needed for true safe operation to support autonomy at scale.Comment: 11 pages, 8 figures, 2020 IEEE/ION Position, Location and Navigation Symposium (PLANS

A review of cyber threats and defence approaches in emergency management

Emergency planners, first responders and relief workers increasingly rely on computational and communication systems that support all aspects of emergency management, from mitigation and preparedness to response and recovery. Failure of these systems, whether accidental or because of malicious action, can have severe implications for emergency management. Accidental failures have been extensively documented in the past and significant effort has been put into the development and introduction of more resilient technologies. At the same time researchers have been raising concerns about the potential of cyber attacks to cause physical disasters or to maximise the impact of one by intentionally impeding the work of the emergency services. Here, we provide a review of current research on the cyber threats to communication, sensing, information management and vehicular technologies used in emergency management. We emphasise on open issues for research, which are the cyber threats that have the potential to affect emergency management severely and for which solutions have not yet been proposed in the literature

Cross Domain IW Threats to SOF Maritime Missions: Implications for U.S. SOF

As cyber vulnerabilities proliferate with the expansion of connected devices, wherein security is often forsaken for ease of use, Special Operations Forces (SOF) cannot escape the obvious, massive risk that they are assuming by incorporating emerging technologies into their toolkits. This is especially true in the maritime sector where SOF operates nearshore in littoral zones. As SOF—in support to the U.S. Navy— increasingly operate in these contested maritime environments, they will gradually encounter more hostile actors looking to exploit digital vulnerabilities. As such, this monograph comes at a perfect time as the world becomes more interconnected but also more vulnerable

Undetectable GPS-Spoofing Attack on Time Series Phasor Measurement Unit Data

The Phasor Measurement Unit (PMU) is an important metering device for smart grid. Like any other Intelligent Electronic Device (IED), PMUs are prone to various types of cyberattacks. However, one form of attack is unique to the PMU, the GPS-spoofing attack, where the time and /or the one second pulse (1 PPS) that enables time synchronization are modified and the measurements are computed using the modified time reference. This article exploits the vulnerability of PMUs in their GPS time synchronization signal. At first, the paper proposes an undetectable gradual GPS-spoofing attack with small incremental angle deviation over time. The angle deviation changes power flow calculation through the branches of the grids, without alerting the System Operator (SO) during off-peak hour. The attacker keeps instigating slow incremental variation in power flow calculation caused by GPS-spoofing relentlessly over a long period of time, with a goal of causing the power flow calculation breach the MVA limit of the branch at peak-hour. The attack is applied by solving a convex optimization criterion at regular time interval, so that after a specific time period the attack vector incurs a significant change in the angle measurements transmitted by the PMU. Secondly, while the attack modifies the angle measurements with GPS-spoofing attack, it ensures the undetectibility of phase angle variation by keeping the attack vector less than attack detection threshold. The proposed attack model is tested with Weighted Least Squared Error (WLSE), Kalman Filtering, and Hankel-matrix based GPS-spoofing attack detection models. Finally, we have proposed a gradient of low-rank approximation of Hankel-matrix based detection method to detect such relentless small incremental GPS-spoofing attack