Secure Localization Topology and Methodology for a Dedicated Automated Highway System

Localization of nodes is an important aspect in a vehicular ad-hoc network (VANET). Research has been done on various localization methods. Some are more apt for a specific purpose than others. To begin with, we give an overview of a vehicular ad-hoc network, localization methods, and how they can be classified. The distance bounding and verifiable trilateration methods are explained further with their corresponding algorithms and steps used for localization. Distance bounding is a range-based distance estimation algorithm. Verifiable trilateration is a popular geometric method of localization. A dedicated automated highway infrastructure can use distance bounding and/or trilateration to localize an automated vehicle on the highway. We describe a highway infrastructure for our analysis and test how well each of the methods performs, according to a security measure defined as spoofing probability. The spoofing probability is, simply put, the probability that a given point on the highway will be successfully spoofed by an attacker that is located at any random position along the highway. Spoofing probability depends on different quantities depending on the method of localization used. We compare the distance bounding and trilateration methods to a novel method using friendly jamming for localization. Friendly jamming works by creating an interference around the region whenever communication takes place between a vehicle and a verifier (belonging to the highway infrastructure, which is involved in the localization process using a given algorithm and localization method). In case of friendly jamming, the spoofing probability depends both on the position and velocity of the attacker and those of the target vehicle (which the attacker aims to spoof). This makes the spoofing probability much less for friendly jamming. On the other hand, the distance bounding and trilateration methods have spoofing probabilities depending only on their position. The results are summarized at the end of the last chapter to give an idea about how the three localization methods, i.e. distance bounding, verifiable trilateration, and friendly jamming, compare against each other for a dedicated automated highway infrastructure. We observe that the spoofing probability of the friendly jamming infrastructure is less than 2% while the spoofing probabilities of distance bounding and trilateration are 25% and 11%, respectively. This means that the friendly jamming method is more secure for the corresponding automated transportation system (ATS) infrastructure than distance bounding and trilateration. However, one drawback of friendly jamming is that it has a high standard deviation because the range of positions that are most vulnerable is high. Even though the spoofing probability is much less, the friendly jamming method is vulnerable to an attack over a large range of distances along the highway. This can be overcome by defining a more robust infrastructure and using the infrastructure\u27s resources judiciously. This can be the future scope of our research. Infrastructures that use the radio resources in a cost effective manner to reduce the vulnerability of the friendly jamming method are a promising choice for the localization of vehicles on an ATS highway

On the Security of the Automatic Dependent Surveillance-Broadcast Protocol

Automatic dependent surveillance-broadcast (ADS-B) is the communications protocol currently being rolled out as part of next generation air transportation systems. As the heart of modern air traffic control, it will play an essential role in the protection of two billion passengers per year, besides being crucial to many other interest groups in aviation. The inherent lack of security measures in the ADS-B protocol has long been a topic in both the aviation circles and in the academic community. Due to recently published proof-of-concept attacks, the topic is becoming ever more pressing, especially with the deadline for mandatory implementation in most airspaces fast approaching. This survey first summarizes the attacks and problems that have been reported in relation to ADS-B security. Thereafter, it surveys both the theoretical and practical efforts which have been previously conducted concerning these issues, including possible countermeasures. In addition, the survey seeks to go beyond the current state of the art and gives a detailed assessment of security measures which have been developed more generally for related wireless networks such as sensor networks and vehicular ad hoc networks, including a taxonomy of all considered approaches.Comment: Survey, 22 Pages, 21 Figure

RSU-Based Online Intrusion Detection and Mitigation for VANET

Secure vehicular communication is a critical factor for secure traffic management. Effective security in intelligent transportation systems (ITS) requires effective and timely intrusion detection systems (IDS). In this paper, we consider false data injection attacks and distributed denial-of-service (DDoS) attacks, especially the stealthy DDoS attacks, targeting the integrity and availability, respectively, in vehicular ad-hoc networks (VANET). Novel statistical intrusion detection and mitigation techniques based on centralized communications through roadside units (RSU) are proposed for the considered attacks. The performance of the proposed methods are evaluated using a traffic simulator and a real traffic dataset. Comparisons with the state-of-the-art solutions clearly demonstrate the superior performance of the proposed methods in terms of quick and accurate detection and localization of cyberattacks

The Mason Test: A Defense Against Sybil Attacks in Wireless Networks Without Trusted Authorities

Wireless networks are vulnerable to Sybil attacks, in which a malicious node poses as many identities in order to gain disproportionate influence. Many defenses based on spatial variability of wireless channels exist, but depend either on detailed, multi-tap channel estimation - something not exposed on commodity 802.11 devices - or valid RSSI observations from multiple trusted sources, e.g., corporate access points - something not directly available in ad hoc and delay-tolerant networks with potentially malicious neighbors. We extend these techniques to be practical for wireless ad hoc networks of commodity 802.11 devices. Specifically, we propose two efficient methods for separating the valid RSSI observations of behaving nodes from those falsified by malicious participants. Further, we note that prior signalprint methods are easily defeated by mobile attackers and develop an appropriate challenge-response defense. Finally, we present the Mason test, the first implementation of these techniques for ad hoc and delay-tolerant networks of commodity 802.11 devices. We illustrate its performance in several real-world scenarios

Towards a Severity Assessment Method for Potential Cyber Attacks to Connected and Autonomous Vehicles

CAV (connected and autonomous vehicle) is a crucial part of intelligent transportation systems. CAVs utilize both sensors and communication components to make driving decisions. A large number of companies, research organizations, and governments have researched extensively on the development of CAVs. The increasing number of autonomous and connected functions however means that CAVs are exposed to more cyber security vulnerabilities. Unlike computer cyber security attacks, cyber attacks to CAVs could lead to not only information leakage but also physical damage. According to the UK CAV Cyber Security Principles, preventing CAVs from cyber security attacks need to be considered at the beginning of CAV development. In this paper, a large set of potential cyber attacks are collected and investigated from the aspects of target assets, risks, and consequences. Severity of each type of attacks is then analysed based on clearly defined new set of criteria. The levels of severity for the attacks can be categorized as critical, important, moderate, and minor. Mitigation methods including prevention, reduction, transference, acceptance, and contingency are then suggested. It is found that remote control, fake vision on cameras, hidden objects to LiDAR and Radar, spoofing attack to GNSS, and fake identity in cloud authority are the most dangerous and of the highest vulnerabilities in CAV cyber security

Performance Analysis of Secondary Users in Heterogeneous Cognitive Radio Network

Continuous increase in wireless subscriptions and static allocation of wireless frequency bands to the primary users (PUs) are fueling the radio frequency (RF) shortage problem. Cognitive radio network (CRN) is regarded as a solution to this problem as it utilizes the scarce RF in an opportunisticmanner to increase the spectrumefficiency. InCRN, secondary users (SUs) are allowed to access idle frequency bands opportunistically without causing harmful interference to the PUs. In CRN, the SUs determine the presence of PUs through spectrum sensing and access idle bands by means of dynamic spectrum access. Spectrum sensing techniques available in the literature do not consider mobility. One of the main objectives of this thesis is to include mobility of SUs in spectrum sensing. Furthermore, due to the physical characteristics of CRN where licensed RF bands can be dynamically accessed by various unknown wireless devices, security is a growing concern. This thesis also addresses the physical layer security issues in CRN. Performance of spectrum sensing is evaluated based on probability of misdetection and false alarm, and expected overlapping time, and performance of SUs in the presence of attackers is evaluated based on secrecy rates