Towards a Reliable Machine Learning Based Global Misbehavior Detection in C-ITS: Model Evaluation Approach

International audienceGlobal misbehavior detection in Cooperative Intelligent Transport Systems (C-ITS) is carried out by a central entity named Misbe-havior Authority (MA). The detection is based on local misbehavior detection information sent by Vehicle's On-Board Units (OBUs) and by RoadSide Units (RSUs) called Misbehavior Reports (MBRs) to the MA. By analyzing these Misbehavior Reports (MBRs), the MA is able to compute various misbehavior detection information. In this work, we propose and evaluate different Machine Learning (ML) based solutions for the internal detection process of the MA. We show through extensive simulation and several detection metrics the ability of solutions to precisely identify different misbehavior types

Speed Offset Attack Detection in Vehicular Ad-Hoc Networks (VANETs) Using Machine Learning

An integral component of the Intelligent Transportation System (ITS) is the emerging technology called Vehicular ad-hoc network (VANET). VANET allows Vehicle to Vehicle (V2V) and Vehicle to Infrastructure (V2I) communication wirelessly to improve road safety, traffic congestion, and information dissemination. Communication of vehicles in a VANET network is vulnerable to various attacks. Commonly used cryptographic techniques alone are insufficient to ensure and protect vehicle message integrity and authentication from insider attacks. In such cases, additional measures are necessary to ensure the correctness of the transmitted data. Each vehicle in the network periodically broadcasts a basic safety message (BSM) that contains essential status information about a vehicle, such as its position, speed, and heading to other vehicles and Road Side Units (RSU) to report its status. A speed offset attack is where an attacker (misbehaving vehicle) misleads the network by adding an offset value to its actual speed data in each BSM. Such attacks can result in traffic congestion and road accidents; therefore, it is essential to accurately detect and identify such attackers to ensure safety in the network. This research proposes a novel data-centric approach for detecting speed offset attacks using Machine Learning (ML) and Deep Learning (DL) algorithms. Vehicular Reference Misbehavior (VeReMi) Extension Dataset is used for this research. Preliminary results indicate that the proposed model can detect malicious nodes in the network quickly and accurately

Position Falsification Detection in VANET with Consecutive BSM Approach using Machine Learning Algorithm

Vehicular ad-hoc network (VANET) is an emerging technology for vehicle-to-vehicle communication vital for reducing road accidents and traffic congestion in an Intelligent Transportation System (ITS). VANET communication is vulnerable to various attacks and cryptographic techniques are used for message integrity and authentication of vehicles in order to ensure security and privacy for vehicular communications. However, if there is an inside attacker additional measures are necessary to ensure the correctness of the transmitted data. A basic safety message (BSM) is broadcasted by each vehicle in the network periodically to transmit its status. Position falsification is an attack where the attacker broadcasts a false BSM position, leading to congestion or even accidents. It becomes imperative to detect and identify the attacker to ensure safety in the network. Although many trust-based models are researched in the past, this research proposes a feasible and efficient data-centric approach to detect malicious behavior, using machine learning (ML) algorithms.The proposed Machine Learning based misbehavior detection system utilizes labelled dataset called Vehicular Reference Misbehavior Dataset (VeReMi). VeReMi dataset offers five different types of position falsification attacks with different vehicle and attacker densities. This ML-based model uses two consecutive BSM approach to detect these attacks. Model classification on the Road-side Unit detects and could revoke malicious nodes from the network, reducing computational overhead on vehicles

Self-reliant misbehavior detection in V2X networks

The safety and efficiency of vehicular communications rely on the correctness of the data exchanged between vehicles. Location spoofing is a proven and powerful attack against Vehicle-to-everything (V2X) communication systems that can cause traffic congestion and other safety hazards. Recent work also demonstrates practical spoofing attacks that can confuse intelligent transportation systems at road intersections. In this work, we propose two self-reliant schemes at the application layer and the physical layer to detect such misbehaviors. These schemes can be run independently by each vehicle and do not rely on the assumption that the majority of vehicles is honest. We first propose a scheme that uses application-layer plausibility checks as a feature vector for machine learning models. Our results show that this scheme improves the precision of the plausibility checks by over 20% by using them as feature vectors in KNN and SVM classifiers. We also show how to classify different types of known misbehaviors, once they are detected. We then propose three novel physical layer plausibility checks that leverage the received signal strength indicator (RSSI) of basic safety messages (BSMs). These plausibility checks have multi-step mechanisms to improve not only the detection rate, but also to decrease false positives. We comprehensively evaluate the performance of these plausibility checks using the VeReMi dataset (which we enhance along the way) for several types of attacks. We show that the best performing physical layer plausibility check among the three considered achieves an overall detection rate of 83.73% and a precision of 95.91%. The proposed application-layer and physical-layer plausibility checks provide a promising framework toward the deployment of on self-reliant misbehavior detection systems

A Misbehavior Authority System for Sybil Attack Detection in C-ITS

International audienceGlobal misbehavior detection is an important back-end mechanism in Cooperative Intelligent Transport Systems (C-ITS). It is based on the local misbehavior detection information sent by Vehicle's On-Board Units (OBUs) and by RoadSide Units (RSUs) called Misbehavior Reports (MBRs) to the Mis-behavior Authority (MA). By analyzing these reports, the MA provides more accurate and robust misbehavior detection results. Sybil attacks pose a significant threat to the C-ITS systems. Their detection and identification may be inaccurate and confusing. In this work, we propose a Machine Learning (ML) based solution for the internal detection process of the MA. We show through extensive simulation that our solution is able to precisely identify the type of the Sybil attack and provide promising detection accuracy results

A comprehensive survey of V2X cybersecurity mechanisms and future research paths

Recent advancements in vehicle-to-everything (V2X) communication have notably improved existing transport systems by enabling increased connectivity and driving autonomy levels. The remarkable benefits of V2X connectivity come inadvertently with challenges which involve security vulnerabilities and breaches. Addressing security concerns is essential for seamless and safe operation of mission-critical V2X use cases. This paper surveys current literature on V2X security and provides a systematic and comprehensive review of the most relevant security enhancements to date. An in-depth classification of V2X attacks is first performed according to key security and privacy requirements. Our methodology resumes with a taxonomy of security mechanisms based on their proactive/reactive defensive approach, which helps identify strengths and limitations of state-of-the-art countermeasures for V2X attacks. In addition, this paper delves into the potential of emerging security approaches leveraging artificial intelligence tools to meet security objectives. Promising data-driven solutions tailored to tackle security, privacy and trust issues are thoroughly discussed along with new threat vectors introduced inevitably by these enablers. The lessons learned from the detailed review of existing works are also compiled and highlighted. We conclude this survey with a structured synthesis of open challenges and future research directions to foster contributions in this prominent field.This work is supported by the H2020-INSPIRE-5Gplus project (under Grant agreement No. 871808), the ”Ministerio de Asuntos Económicos y Transformacion Digital” and the European Union-NextGenerationEU in the frameworks of the ”Plan de Recuperación, Transformación y Resiliencia” and of the ”Mecanismo de Recuperación y Resiliencia” under references TSI-063000-2021-39/40/41, and the CHIST-ERA-17-BDSI-003 FIREMAN project funded by the Spanish National Foundation (Grant PCI2019-103780).Peer ReviewedPostprint (published version

RSU-Based Online Intrusion Detection and Mitigation for VANET

Secure vehicular communication is a critical factor for secure traffic management. Effective security in intelligent transportation systems (ITS) requires effective and timely intrusion detection systems (IDS). In this paper, we consider false data injection attacks and distributed denial-of-service (DDoS) attacks, especially the stealthy DDoS attacks, targeting the integrity and availability, respectively, in vehicular ad-hoc networks (VANET). Novel statistical intrusion detection and mitigation techniques based on centralized communications through roadside units (RSU) are proposed for the considered attacks. The performance of the proposed methods are evaluated using a traffic simulator and a real traffic dataset. Comparisons with the state-of-the-art solutions clearly demonstrate the superior performance of the proposed methods in terms of quick and accurate detection and localization of cyberattacks

Ensemble Learning Based Malicious Node Detection in SDN-Based VANETs

Background: The architecture of Software Defined Networking (SDN) integrated with Vehicular Ad-hoc Networks (VANETs) is considered a practical method for handling large-scale, dynamic, heterogeneous vehicular networks, since it offers flexibility, programmability, scalability, and a global understanding. However, the integration with VANETs introduces additional security vulnerabilities due to the deployment of a logically centralized control mechanism. These security attacks are classified as internal and external based on the nature of the attacker. The method adopted in this work facilitated the detection of internal position falsification attacks. Objective: This study aimed to investigate the performance of k-NN, SVM, Naïve Bayes, Logistic Regression, and Random Forest machine learning (ML) algorithms in detecting position falsification attacks using the Vehicular Reference Misbehavior (VeReMi) dataset. It also aimed to conduct a comparative analysis of two ensemble classification models, namely voting and stacking for final decision-making. These ensemble classification methods used the ML algorithms cooperatively to achieve improved classification. Methods: The simulations and evaluations were conducted using the Python programming language. VeReMi dataset was selected since it was an application-specific dataset for VANETs environment. Performance evaluation metrics, such as accuracy, precision, recall, F-measure, and prediction time were also used in the comparative studies. Results: This experimental study showed that Random Forest ML algorithm provided the best performance in detecting attacks among the ML algorithms. Voting and stacking were both used to enhance classification accuracy and reduce time required to identify an attack through predictions generated by k-NN, SVM, Naïve Bayes, Logistic Regression, and Random Forest classifiers. Conclusion: In terms of attack detection accuracy, both methods (voting and stacking) achieved the same level of accuracy as Random Forest. However, the detection of attack using stacking could be achieved in roughly less than half the time required by voting ensemble. Keywords: Machine learning methods, Majority voting ensemble, SDN-based VANETs, Security attacks, Stacking ensemble classifiers, VANETs

Neural Network Based Approach for Detecting Location Spoofing in Vehicular Communication

Vehicular Ad hoc Network (VANET) is an evolving subset of MANET. It\u27s deployed on the roads, where vehicles act as mobile nodes. Active security and Intelligent Transportation System (ITS) are integral applications of VANET, which require stable and uninterrupted vehicle-to-vehicle communication technology. VANET, is a type of wireless network, due to which it is quite prone to security attacks. Extremely dynamic connections, sensitive data sharing and time-sensitivity of this network make it a vulnerable to security attacks. The messages shared between the vehicles are the basic safety message (BSM), these messages are broadcasted by each vehicle in the network to report its status to the other vehicles and Road Side Unit (RSU). One common attack is to use position falsification to hamper the roadside safety, leading to road accidents and congestion. Identifying malicious nodes involved in such attacks is crucial to ensure safety in the network. The proposed research presents a neural network based approach for detecting position falsification attacks in VANET. The proposed Deep Learning-based detection of attackers is done using the dataset called Vehicular Reference Misbehavior Dataset (VeReMi). VeReMi dataset provides five classes of attackers, each broadcasting fabricated coordinates concerning the type. This MLP-based model uses resampled single BSM and two consecutive BSM to detect these attacks