An Efficient Polynomial-based Filtering Against False Data Injection Attack in CPNS

Cyber Physical Network System (CPNS) is gaining lot of attention in many applications like, transportation networks, vehicular networks, life-critical applications and many more. Hence, the system needs to be protected from various kinds of attacks that degrade the system’s performance. There are many different types of attacks that are possible on cyber physical systems, among them false data injection attack is a serious threat to the system’s security. In this type of attack, the adversary compromises sensor nodes, inject false data and send them to the controller through compromised nodes. This makes the controller to estimate wrong system states which leads to various serious issues. Therefore, the false data must be filtered out before it reaches the sink. If all the false data flow towards the controller then it will be bottle neck to filter all the false data and this could paralyze the network. To resolve this issue many filtering schemes have been developed in the past, all use Message Authentication Codes (MACs) for report endorsement and en-route filtering. But they are not suitable for CPNS because of static routes and lack resilience to the number of compromised nodes. Hence, an enhanced scheme has been proposed which uses polynomials instead of MAC for report endorsement and also uses bloom filtering along with en-route filtering. Hence, this achieves high resilience to the number of compromised nodes and achieves high filtering efficiency

Engage D5.6 Thematic challenge briefing notes (1st and 2nd releases)

Engage identified four thematic challenges to address research topics not contemporaneously (sufficiently) addressed by SESAR. This deliverable serves primarily as a record of the two sets of released thematic challenge briefing notes

Project BeARCAT : Baselining, Automation and Response for CAV Testbed Cyber Security : Connected Vehicle & Infrastructure Security Assessment

Connected, software-based systems are a driver in advancing the technology of transportation systems. Advanced automated and autonomous vehicles, together with electrification, will help reduce congestion, accidents and emissions. Meanwhile, vehicle manufacturers see advanced technology as enhancing their products in a competitive market. However, as many decades of using home and enterprise computer systems have shown, connectivity allows a system to become a target for criminal intentions. Cyber-based threats to any system are a problem; in transportation, there is the added safety implication of dealing with moving vehicles and the passengers within

Contested Deployment

As indicated in the 2018 National Defense Strategy and evolving Multi-Domain Operations doctrine, the assumption the homeland will provide a secure space for mobilization and deployment is no longer valid. This integrated research project goes beyond affirming this assumption and contributes to efforts to mitigate the concerns a contested deployment entails. Following the introductory chapter, Chapter 2, “Army Deployments in a Contested Homeland: A Framework for Protection,” explores how current coordination and cooperation mechanisms between the DoD and state and local government may need realignment, with civil authorities preparing themselves to support military mobilization. Chapter 3, “Strategic Seaports and National Defense in a Contested Environment,” examines the 22 strategic seaports across the United States, identifying issues with throughput, structural integrity, security, readiness, funding, and authorities. Chapter 4, “Single Point of Failure,” identifies how strict adherence to a business efficiency model for munition production and distribution may jeopardize the successful employment of military forces. Chapter 5, “The Interstate Highway System: Reinvestment Needed before a Contested Deployment,” provides the status of the deteriorating road network and explains how associated vulnerabilities could be exploited by an adversary. The two appendices provide points for consideration on cyberattacks and defense and the impacts a full mobilization of reserve forces would have on the homeland.https://press.armywarcollege.edu/monographs/1944/thumbnail.jp

On the Security of the Automatic Dependent Surveillance-Broadcast Protocol

Automatic dependent surveillance-broadcast (ADS-B) is the communications protocol currently being rolled out as part of next generation air transportation systems. As the heart of modern air traffic control, it will play an essential role in the protection of two billion passengers per year, besides being crucial to many other interest groups in aviation. The inherent lack of security measures in the ADS-B protocol has long been a topic in both the aviation circles and in the academic community. Due to recently published proof-of-concept attacks, the topic is becoming ever more pressing, especially with the deadline for mandatory implementation in most airspaces fast approaching. This survey first summarizes the attacks and problems that have been reported in relation to ADS-B security. Thereafter, it surveys both the theoretical and practical efforts which have been previously conducted concerning these issues, including possible countermeasures. In addition, the survey seeks to go beyond the current state of the art and gives a detailed assessment of security measures which have been developed more generally for related wireless networks such as sensor networks and vehicular ad hoc networks, including a taxonomy of all considered approaches.Comment: Survey, 22 Pages, 21 Figure

Integral Approach to Vulnerability Assessment of Ship’s Critical Equipment and Systems

The digital transformation of the maritime industry is almost a fait accompli. Merchant ships today use computing and cyber-dependent technologies for navigation, communications, cargo operations, environmental monitoring, and many other purposes. Nowadays, entire industries and businesses are becoming increasingly dependent on data arrays, and the maritime sector is fully experiencing this transformation. A modern commercial ship is unthinkable without digital technology, and the reasons for the deep digitalization of the fleet are numerous. Emergency systems such as safety monitoring, fire detection and alarms are increasingly reliant on cyber technology. Therefore, cybersecurity is a critical component of ship and shipping safety, and cyber-attacks on maritime transport are a very likely problem. These risks will only increase with the further development of information technology. This article proposes approaches to identifying cyber threats as well as a probabilistic assessment of ship cybersecurity, which is based on an integral approach to assessing the vulnerability of shipboard critical equipment and systems. Estimated probabilities of target and non-target cybersecurity breaches of the ship, as well as their overall probability, which allows considering all chains of events leading to a certain consequence associated with potential losses. The model of probability assessment of ship cybersecurity violation and its consequences, which allows evaluation of possible losses as a result of these events, is presented and mathematically described

Attacks on self-driving cars and their countermeasures : a survey

Intelligent Traffic Systems (ITS) are currently evolving in the form of a cooperative ITS or connected vehicles. Both forms use the data communications between Vehicle-To-Vehicle (V2V), Vehicle-To-Infrastructure (V2I/I2V) and other on-road entities, and are accelerating the adoption of self-driving cars. The development of cyber-physical systems containing advanced sensors, sub-systems, and smart driving assistance applications over the past decade is equipping unmanned aerial and road vehicles with autonomous decision-making capabilities. The level of autonomy depends upon the make-up and degree of sensor sophistication and the vehicle's operational applications. As a result, self-driving cars are being compromised perceived as a serious threat. Therefore, analyzing the threats and attacks on self-driving cars and ITSs, and their corresponding countermeasures to reduce those threats and attacks are needed. For this reason, some survey papers compiling potential attacks on VANETs, ITSs and self-driving cars, and their detection mechanisms are available in the current literature. However, up to our knowledge, they have not covered the real attacks already happened in self-driving cars. To bridge this research gap, in this paper, we analyze the attacks that already targeted self-driving cars and extensively present potential cyber-Attacks and their impacts on those cars along with their vulnerabilities. For recently reported attacks, we describe the possible mitigation strategies taken by the manufacturers and governments. This survey includes recent works on how a self-driving car can ensure resilient operation even under ongoing cyber-Attack. We also provide further research directions to improve the security issues associated with self-driving cars. © 2013 IEEE