Auto Deep Learning-based Automated Surveillance Technique to Recognize the Activities in the Cyber-Physical System

In recent days, the Internet of Things (IoT) plays a significant role and increasing in rapid usage in various applications. As IoT is being developed for cyber-physical systems in the specific domain of e-health care, military, etc. Based on real-time applications, security plays a vital role in certain activities in educational institutions. In the institutions, there are multiple videos are collected and stored in the data repositories. Those datasets are developed specifically for certain activities and no other datasets are developed for academic activities. As there is a large number of videos and images are collected and considered, advanced technologies like, deep learning and IoT are used to perform certain tasks. In this paper, a Auto Deep learning-based Automated Identification Framework (DLAIF) is proposed to consider and reconsider the activities based on image pre-processing, model can be trained through the proposed GMM model and then predication to make an effective surveillance process based on HMM. This proposed process makes to recognize the activities through EM and log Likelihood for cyber-physical systems. In the performance analysis, the proposed model efficiency can be determined through Accuracy detection, False Positive rate and F1 Score requirement. Then calculating the accuracy is more effective for the proposed model compared to other existing models such as BWMP and LATTE

Anomaly detection with machine learning for automotive cyber-physical systems

2022 Spring.Includes bibliographical references.Today's automotive systems are evolving at a rapid pace and there has been a seismic shift in automotive technology in the past few years. Automakers are racing to redefine the automobile as a fully autonomous and connected system. As a result, new technologies such as advanced driver assistance systems (ADAS), vehicle-to-vehicle (V2V), 5G vehicle to infrastructure (V2I), and vehicle to everything (V2X), etc. have emerged in recent years. These advances have resulted in increased responsibilities for the electronic control units (ECUs) in the vehicles, requiring a more sophisticated in-vehicle network to address the growing communication needs of ECUs with each other and external subsystems. This in turn has transformed modern vehicles into a complex distributed cyber-physical system. The ever-growing connectivity to external systems in such vehicles is introducing new challenges, related to the increasing vulnerability of such vehicles to various cyber-attacks. A malicious actor can use various access points in a vehicle, e.g., Bluetooth and USB ports, telematic systems, and OBD-II ports, to gain unauthorized access to the in-vehicle network. These access points are used to gain access to the network from the vehicle's attack surface. After gaining access to the in-vehicle network through an attack surface, a malicious actor can inject or alter messages on the network to try to take control of the vehicle. Traditional security mechanisms such as firewalls only detect simple attacks as they do not have the ability to detect more complex attacks. With the increasing complexity of vehicles, the attack surface increases, paving the way for more complex and novel attacks in the future. Thus, there is a need for an advanced attack detection solution that can actively monitor the in-vehicle network and detect complex cyber-attacks. One of the many approaches to achieve this is by using an intrusion detection system (IDS). Many state-of-the-art IDS employ machine learning algorithms to detect cyber-attacks for its ability to detect both previously observed as well as novel attack patterns. Moreover, the large availability of in-vehicle network data and increasing computational power of the ECUs to handle emerging complex automotive tasks facilitates the use of machine learning models. Therefore, due to its large spectrum of attack coverage and ability to detect complex attack patterns, we adopt and propose two novel machine learning based IDS frameworks (LATTE and TENET) for in-vehicle network anomaly detection. Our proposed LATTE framework uses sequence models, such as LSTMs, in an unsupervised setting to learn the normal system behavior. LATTE leverages the learned information at runtime to detect anomalies by observing for any deviations from the learned normal behavior. Our proposed LATTE framework aims to maximize the anomaly detection accuracy, precision, and recall while minimizing the false-positive rate. The increased complexity of automotive systems has resulted in very long term dependencies between messages which cannot be effectively captured by LSTMs. Hence to overcome this problem, we proposed a novel IDS framework called TENET. TENET employs a novel convolutional neural attention (TCNA) based architecture to effectively learn very-long term dependencies between messages in an in-vehicle network during the training phase and leverage the learned information in combination with a decision tree classifier to detect anomalous messages. Our work aims to efficiently detect a multitude of attacks in the in-vehicle network with low memory and computational overhead on the ECU

Cyberattacks and Countermeasures For In-Vehicle Networks

As connectivity between and within vehicles increases, so does concern about safety and security. Various automotive serial protocols are used inside vehicles such as Controller Area Network (CAN), Local Interconnect Network (LIN) and FlexRay. CAN bus is the most used in-vehicle network protocol to support exchange of vehicle parameters between Electronic Control Units (ECUs). This protocol lacks security mechanisms by design and is therefore vulnerable to various attacks. Furthermore, connectivity of vehicles has made the CAN bus not only vulnerable from within the vehicle but also from outside. With the rise of connected cars, more entry points and interfaces have been introduced on board vehicles, thereby also leading to a wider potential attack surface. Existing security mechanisms focus on the use of encryption, authentication and vehicle Intrusion Detection Systems (IDS), which operate under various constrains such as low bandwidth, small frame size (e.g. in the CAN protocol), limited availability of computational resources and real-time sensitivity. We survey In-Vehicle Network (IVN) attacks which have been grouped under: direct interfaces-initiated attacks, telematics and infotainment-initiated attacks, and sensor-initiated attacks. We survey and classify current cryptographic and IDS approaches and compare these approaches based on criteria such as real time constrains, types of hardware used, changes in CAN bus behaviour, types of attack mitigation and software/ hardware used to validate these approaches. We conclude with potential mitigation strategies and research challenges for the future

A robust, reliable and deployable framework for In-vehicle security

Cyber attacks on financial and government institutions, critical infrastructure, voting systems, businesses, modern vehicles, etc., are on the rise. Fully connected autonomous vehicles are more vulnerable than ever to hacking and data theft. This is due to the fact that the protocols used for in-vehicle communication i.e. controller area network (CAN), FlexRay, local interconnect network (LIN), etc., lack basic security features such as message authentication, which makes it vulnerable to a wide range of attacks including spoofing attacks. This research presents methods to protect the vehicle against spoofing attacks. The proposed methods exploit uniqueness in the electronic control unit electronic control unit (ECU) and the physical channel between transmitting and destination nodes for linking the received packet to the source. Impurities in the digital device, physical channel, imperfections in design, material, and length of the channel contribute to the uniqueness of artifacts. I propose novel techniques for electronic control unit (ECU) identification in this research to address security vulnerabilities of the in-vehicle communication. The reliable ECU identification has the potential to prevent spoofing attacks launched over the CAN due to the inconsideration of the message authentication. In this regard, my techniques models the ECU-specific random distortion caused by the imperfections in digital-to-analog converter digital to analog converter (DAC), and semiconductor impurities in the transmitting ECU for fingerprinting. I also model the channel-specific random distortion, impurities in the physical channel, imperfections in design, material, and length of the channel are contributing factors behind physically unclonable artifacts. The lumped element model is used to characterize channel-specific distortions. This research exploits the distortion of the device (ECU) and distortion due to the channel to identify the transmitter and hence authenticate the transmitter.Ph.D.College of Engineering & Computer ScienceUniversity of Michigan-Dearbornhttps://deepblue.lib.umich.edu/bitstream/2027.42/154568/1/Azeem Hafeez Final Disseration.pdfDescription of Azeem Hafeez Final Disseration.pdf : Dissertatio

A wavelet-based intrusion detection system for controller area network (can).

Samie, Mohammad - Associate SupervisorController Area Network (CAN), designed in the early 1980s, is the most widely used in-vehicle communication protocol. The CAN protocol has various features to provide highly reliable communication between the nodes. Some of these features are the arbitration process to provide fixed priority scheduling, error confinement mechanism to eliminate faulty nodes, and message form check along with cyclic redundancy checksum to identify transmission faults. It also has differential voltage architecture on twisted two-wire, eliminating electrical and magnetic noise. Although these features make the CAN a perfect solution for the real-time cyber-physical structure of vehicles, the protocol lacks basic security measures like encryption and authentication; therefore, vehicles are vulnerable to cyber-attacks. Due to increased automation and connectivity, the attack surface rises over time. This research aims to detect CAN bus attacks by proposing WINDS, a wavelet-based intrusion detection system. The WINDS analyses the network traffic behaviour by binary classification in the time-scale domain to identify potential attack instances anomalies. As there is no standard testing methodology, a part of this research constitutes a comprehensive testing framework and generation of benchmarking dataset. Finally, WINDS is tested according to the framework and its competitiveness with state-of-the-art solutions is presented.PhD in Transport System

Robust and secure resource management for automotive cyber-physical systems

2022 Spring.Includes bibliographical references.Modern vehicles are examples of complex cyber-physical systems with tens to hundreds of interconnected Electronic Control Units (ECUs) that manage various vehicular subsystems. With the shift towards autonomous driving, emerging vehicles are being characterized by an increase in the number of hardware ECUs, greater complexity of applications (software), and more sophisticated in-vehicle networks. These advances have resulted in numerous challenges that impact the reliability, security, and real-time performance of these emerging automotive systems. Some of the challenges include coping with computation and communication uncertainties (e.g., jitter), developing robust control software, detecting cyber-attacks, ensuring data integrity, and enabling confidentiality during communication. However, solutions to overcome these challenges incur additional overhead, which can catastrophically delay the execution of real-time automotive tasks and message transfers. Hence, there is a need for a holistic approach to a system-level solution for resource management in automotive cyber-physical systems that enables robust and secure automotive system design while satisfying a diverse set of system-wide constraints. ECUs in vehicles today run a variety of automotive applications ranging from simple vehicle window control to highly complex Advanced Driver Assistance System (ADAS) applications. The aggressive attempts of automakers to make vehicles fully autonomous have increased the complexity and data rate requirements of applications and further led to the adoption of advanced artificial intelligence (AI) based techniques for improved perception and control. Additionally, modern vehicles are becoming increasingly connected with various external systems to realize more robust vehicle autonomy. These paradigm shifts have resulted in significant overheads in resource constrained ECUs and increased the complexity of the overall automotive system (including heterogeneous ECUs, network architectures, communication protocols, and applications), which has severe performance and safety implications on modern vehicles. The increased complexity of automotive systems introduces several computation and communication uncertainties in automotive subsystems that can cause delays in applications and messages, resulting in missed real-time deadlines. Missing deadlines for safety-critical automotive applications can be catastrophic, and this problem will be further aggravated in the case of future autonomous vehicles. Additionally, due to the harsh operating conditions (such as high temperatures, vibrations, and electromagnetic interference (EMI)) of automotive embedded systems, there is a significant risk to the integrity of the data that is exchanged between ECUs which can lead to faulty vehicle control. These challenges demand a more reliable design of automotive systems that is resilient to uncertainties and supports data integrity goals. Additionally, the increased connectivity of modern vehicles has made them highly vulnerable to various kinds of sophisticated security attacks. Hence, it is also vital to ensure the security of automotive systems, and it will become crucial as connected and autonomous vehicles become more ubiquitous. However, imposing security mechanisms on the resource constrained automotive systems can result in additional computation and communication overhead, potentially leading to further missed deadlines. Therefore, it is crucial to design techniques that incur very minimal overhead (lightweight) when trying to achieve the above-mentioned goals and ensure the real-time performance of the system. We address these issues by designing a holistic resource management framework called ROSETTA that enables robust and secure automotive cyber-physical system design while satisfying a diverse set of constraints related to reliability, security, real-time performance, and energy consumption. To achieve reliability goals, we have developed several techniques for reliability-aware scheduling and multi-level monitoring of signal integrity. To achieve security objectives, we have proposed a lightweight security framework that provides confidentiality and authenticity while meeting both security and real-time constraints. We have also introduced multiple deep learning based intrusion detection systems (IDS) to monitor and detect cyber-attacks in the in-vehicle network. Lastly, we have introduced novel techniques for jitter management and security management and deployed lightweight IDSs on resource constrained automotive ECUs while ensuring the real-time performance of the automotive systems