A Systematic Literature Review on Automotive Digital Forensics: Challenges, Technical Solutions and Data Collection

A modern vehicle has a complex internal architecture and is wirelessly connected to the Internet, other vehicles, and the infrastructure. The risk of cyber attacks and other criminal incidents along with recent road accidents caused by autonomous vehicles calls for more research on automotive digital forensics. Failures in automated driving functions can be caused by hardware and software failures and cyber security issues. Thus, it is imperative to be able to determine and investigate the cause of these failures, something which requires trustable data. However, automotive digital forensics is a relatively new field for the automotive where most existing self-monitoring and diagnostic systems in vehicles only monitor safety-related events. To the best of our knowledge, our work is the first systematic literature review on the current research within this field. We identify and assess over 300 papers published between 2006 - 2021 and further map the relevant papers to different categories based on identified focus areas to give a comprehensive overview of the forensics field and the related research activities. Moreover, we identify forensically relevant data from the literature, link the data to categories, and further map them to required security properties and potential stakeholders. Our categorization makes it easy for practitioners and researchers to quickly find relevant work within a particular sub-field of digital forensics. We believe our contributions can guide digital forensic investigations in automotive and similar areas, such as cyber-physical systems and smart cities, facilitate further research, and serve as a guideline for engineers implementing forensics mechanisms

An Approach to Guide Users Towards Less Revealing Internet Browsers

When browsing the Internet, HTTP headers enable both clients and servers send extra data in their requests or responses such as the User-Agent string. This string contains information related to the sender’s device, browser, and operating system. Previous research has shown that there are numerous privacy and security risks result from exposing sensitive information in the User-Agent string. For example, it enables device and browser fingerprinting and user tracking and identification. Our large analysis of thousands of User-Agent strings shows that browsers differ tremendously in the amount of information they include in their User-Agent strings. As such, our work aims at guiding users towards using less exposing browsers. In doing so, we propose to assign an exposure score to browsers based on the information they expose and vulnerability records. Thus, our contribution in this work is as follows: first, provide a full implementation that is ready to be deployed and used by users. Second, conduct a user study to identify the effectiveness and limitations of our proposed approach. Our implementation is based on using more than 52 thousand unique browsers. Our performance and validation analysis show that our solution is accurate and efficient. The source code and data set are publicly available and the solution has been deployed

Attacks on self-driving cars and their countermeasures : a survey

Intelligent Traffic Systems (ITS) are currently evolving in the form of a cooperative ITS or connected vehicles. Both forms use the data communications between Vehicle-To-Vehicle (V2V), Vehicle-To-Infrastructure (V2I/I2V) and other on-road entities, and are accelerating the adoption of self-driving cars. The development of cyber-physical systems containing advanced sensors, sub-systems, and smart driving assistance applications over the past decade is equipping unmanned aerial and road vehicles with autonomous decision-making capabilities. The level of autonomy depends upon the make-up and degree of sensor sophistication and the vehicle's operational applications. As a result, self-driving cars are being compromised perceived as a serious threat. Therefore, analyzing the threats and attacks on self-driving cars and ITSs, and their corresponding countermeasures to reduce those threats and attacks are needed. For this reason, some survey papers compiling potential attacks on VANETs, ITSs and self-driving cars, and their detection mechanisms are available in the current literature. However, up to our knowledge, they have not covered the real attacks already happened in self-driving cars. To bridge this research gap, in this paper, we analyze the attacks that already targeted self-driving cars and extensively present potential cyber-Attacks and their impacts on those cars along with their vulnerabilities. For recently reported attacks, we describe the possible mitigation strategies taken by the manufacturers and governments. This survey includes recent works on how a self-driving car can ensure resilient operation even under ongoing cyber-Attack. We also provide further research directions to improve the security issues associated with self-driving cars. © 2013 IEEE

Improvements on the enforcement process based on intelligent transportation techniques: model and mechanisms for electronic reporting, offence notification and evidence generation

Enforcement activities in the road traffi c context have shown to be one of the key factors for reducing fatalities. However, despite their evolution (both in their underlying legislation and their technical means), there are several aspects that may be subject to improvement. Three of them are on the focus of this thesis. First, victims of offenders are usually not able to report them, as there are not enough data to support their claims. Second, there is a significant delay between the offence and its notification, which negatively affects to its educational purpose. Third, the offender does not have the practical chance to defend herself (i.e. claim her innocence or, at least, that it was a less serious offence) as there are no suitable attesting elements. In order to contribute on these issues, recent advances on data processing, communication and sensing capabilities of vehicles conform an interesting technological context. These new capabilities are the basis over which a new family of services, called Intelligent Transportation Systems (ITS) are being developed. Despite the new opportunities provided by ITSs, it does not exist an adequate framework to guide the introduction of these new techniques in the surveillance of the adherence to the road traffi c rules. Thus, there is a lack of a clear view on how these techniques may help on the aforementioned problems. The general goal of this thesis is to provide the technical basis for the realization of an ITS-enhanced electronic road traffi c administrative enforcement process. Particularly, four contributions are developed in this thesis. First, an enforcement process model is proposed, based on the results of the European VERA2 project. The model describes the entities, the stakeholders, the data at stake and the underlying security considerations. It conforms the aforementioned framework that enables identifying where to introduce the required ITS enhancements. Based on the previous model, the remaining contributions focus on the development of specific mechanisms where the enforcement actors (the offender, the offence witnesses, the victims and the Authority) participate actively through ITS-related technologies. Thus, the second contribution is a mechanism that enables victims to report their offenders. In order to prevent this action to be noticeable by the reported driver, the report information is embedded into innocuous-looking messages by means of steganography. As the educational purpose of the punishment grows with its immediacy, the third contribution is a protocol to send an offence notification to the offending vehicle. Thanks to the human-machine interface of the vehicle, the offender is able to realize about the fine even during the same trip in which the offence was committed. Finally, in order to ensure that the driver has adequate means to defend herself against unfair punishments, a protocol to create evidences on its recent driving behavior has been proposed. Such evidences are based on the sensorial perceptions by surrounding vehicles, which are contacted using ITS communication technologies. At the light of these contributions, this thesis opens the door to upcoming developments that may end into a fully automated enforcement process. ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------Uno de los factores m as críticos para la reducción de la siniestralidad en las carreteras es la vigilancia del cumplimiento de las normas de circulación. A pesar de la evolución de los procedimientos y técnicas para efectuar dicha vigilancia (tanto en el ámbito normativo como en el técnico), existen algunos factores que son susceptibles de mejora. Tres de ellos constituyen el foco principal de esta tesis. En primer lugar, las víctimas de los infractores no disponen de medios prácticos para denunciarles, pues habitualmente no existen datos que permitan acreditar la descripción de los hechos manifestada. En segundo lugar, existe un intervalo significativo de tiempo entre la comisión de la infracción y la recepción de la notificación de la correspondiente denuncia, lo que afecta negativamente a la capacidad educativa de las sanciones. En tercer lugar, el supuesto infractor no dispone de medios prácticos para defenderse, pues habitualmente no se cuenta con elementos que soporten su argumento. Con el fin de contribuir a estas cuestiones, los avances recientes en materia de procesamiento de información, transmisión de información y percepción sensorial en los vehículos constituyen un contexto tecnológico interesante. Estas nuevas capacidades son la base sobre la que se construyen los Sistemas Inteligentes de Transporte (habitualmente referidos mediante sus siglas en ingl es, ITS). A pesar del desarrollo constante de dichos sistemas, no existe un marco adecuado para la utilización de dichas capacidades en el ámbito de la vigilancia del cumplimiento de las normas de circulación. Así, se detecta una carencia de una visión clara de cómo estas nuevas técnicas pueden contribuir a resolver los aspectos problemáticos identificados anteriormente. El objetivo general de esta tesis es proporcionar la base técnica para el desarrollo de un procedimiento administrativo sancionador en el ámbito del tr áfico que aproveche las oportunidades que plantean los ITS. En particular, en esta tesis se desarrollan cuatro contribuciones. En primer lugar, se propone un modelo de procedimiento administrativo sancionador, extendiendo los resultados del proyecto de investigación europeo VERA2. Este modelo describe las entidades participantes, los interesados, la información en juego y las consideraciones de seguridad subyacentes. Este modelo constituye el antedicho marco y permite identificar la forma de introducir las tecnologías ITS en dicho proceso. Basándose en este modelo, las contribuciones restantes se centran en el desarrollo de mecanismos espec íficos en los que los actores del proceso (el infractor, los testigos, las víctimas y la Autoridad) participan activamente empleando tecnologías relacionadas con los ITS. Así, la segunda contribuci ó es un mecanismo que permite a las víctimas denunciar a los infractores. Con el objetivo de impedir que dicha denuncia sea conocida por el infractor, el mensaje es introducido mediante técnicas esteganográficas en otro mensaje aparentemente inofensivo. La tercera contribución es el envío de la notificaci on de forma directa al vehí culo infractor, lo cual pretende incrementar la inmediatez del proceso (ya que se le puede presentar al infractor durante la conducción) y, con ello, su eficacia educativa. Finalmente, para promover que el conductor disponga de los medios adecuados para defenderse de sanciones supuestamente injustas, se propone un protocolo para la creaci on de evidencias que describan su comportamiento reciente en lo que respecta a la conducción. Dichas evidencias se basan en las percepciones sensoriales de los vehículos cercanos, los cuales son contactados empleando tecnologías de comunicaci on relacionadas con los ITS. A la vista de estas contribuciones, esta tesis abre la puerta al futuro desarrollo de un proceso sancionador completamente automatizado

Wireless communication, sensing, and REM: A security perspective

The diverse requirements of next-generation communication systems necessitate awareness, flexibility, and intelligence as essential building blocks of future wireless networks. The awareness can be obtained from the radio signals in the environment using wireless sensing and radio environment mapping (REM) methods. This is, however, accompanied by threats such as eavesdropping, manipulation, and disruption posed by malicious attackers. To this end, this work analyzes the wireless sensing and radio environment awareness mechanisms, highlighting their vulnerabilities and provides solutions for mitigating them. As an example, the different threats to REM and its consequences in a vehicular communication scenario are described. Furthermore, the use of REM for securing communications is discussed and future directions regarding sensing/REM security are highlighted

Authentication enhancement in command and control networks: (a study in Vehicular Ad-Hoc Networks)

Intelligent transportation systems contribute to improved traffic safety by facilitating real time communication between vehicles. By using wireless channels for communication, vehicular networks are susceptible to a wide range of attacks, such as impersonation, modification, and replay. In this context, securing data exchange between intercommunicating terminals, e.g., vehicle-to-everything (V2X) communication, constitutes a technological challenge that needs to be addressed. Hence, message authentication is crucial to safeguard vehicular ad-hoc networks (VANETs) from malicious attacks. The current state-of-the-art for authentication in VANETs relies on conventional cryptographic primitives, introducing significant computation and communication overheads. In this challenging scenario, physical (PHY)-layer authentication has gained popularity, which involves leveraging the inherent characteristics of wireless channels and the hardware imperfections to discriminate between wireless devices. However, PHY-layerbased authentication cannot be an alternative to crypto-based methods as the initial legitimacy detection must be conducted using cryptographic methods to extract the communicating terminal secret features. Nevertheless, it can be a promising complementary solution for the reauthentication problem in VANETs, introducing what is known as “cross-layer authentication.” This thesis focuses on designing efficient cross-layer authentication schemes for VANETs, reducing the communication and computation overheads associated with transmitting and verifying a crypto-based signature for each transmission. The following provides an overview of the proposed methodologies employed in various contributions presented in this thesis. 1. The first cross-layer authentication scheme: A four-step process represents this approach: initial crypto-based authentication, shared key extraction, re-authentication via a PHY challenge-response algorithm, and adaptive adjustments based on channel conditions. Simulation results validate its efficacy, especially in low signal-to-noise ratio (SNR) scenarios while proving its resilience against active and passive attacks. 2. The second cross-layer authentication scheme: Leveraging the spatially and temporally correlated wireless channel features, this scheme extracts high entropy shared keys that can be used to create dynamic PHY-layer signatures for authentication. A 3-Dimensional (3D) scattering Doppler emulator is designed to investigate the scheme’s performance at different speeds of a moving vehicle and SNRs. Theoretical and hardware implementation analyses prove the scheme’s capability to support high detection probability for an acceptable false alarm value ≤ 0.1 at SNR ≥ 0 dB and speed ≤ 45 m/s. 3. The third proposal: Reconfigurable intelligent surfaces (RIS) integration for improved authentication: Focusing on enhancing PHY-layer re-authentication, this proposal explores integrating RIS technology to improve SNR directed at designated vehicles. Theoretical analysis and practical implementation of the proposed scheme are conducted using a 1-bit RIS, consisting of 64 × 64 reflective units. Experimental results show a significant improvement in the Pd, increasing from 0.82 to 0.96 at SNR = − 6 dB for multicarrier communications. 4. The fourth proposal: RIS-enhanced vehicular communication security: Tailored for challenging SNR in non-line-of-sight (NLoS) scenarios, this proposal optimises key extraction and defends against denial-of-service (DoS) attacks through selective signal strengthening. Hardware implementation studies prove its effectiveness, showcasing improved key extraction performance and resilience against potential threats. 5. The fifth cross-layer authentication scheme: Integrating PKI-based initial legitimacy detection and blockchain-based reconciliation techniques, this scheme ensures secure data exchange. Rigorous security analyses and performance evaluations using network simulators and computation metrics showcase its effectiveness, ensuring its resistance against common attacks and time efficiency in message verification. 6. The final proposal: Group key distribution: Employing smart contract-based blockchain technology alongside PKI-based authentication, this proposal distributes group session keys securely. Its lightweight symmetric key cryptography-based method maintains privacy in VANETs, validated via Ethereum’s main network (MainNet) and comprehensive computation and communication evaluations. The analysis shows that the proposed methods yield a noteworthy reduction, approximately ranging from 70% to 99%, in both computation and communication overheads, as compared to the conventional approaches. This reduction pertains to the verification and transmission of 1000 messages in total

Security and Privacy for Modern Wireless Communication Systems

The aim of this reprint focuses on the latest protocol research, software/hardware development and implementation, and system architecture design in addressing emerging security and privacy issues for modern wireless communication networks. Relevant topics include, but are not limited to, the following: deep-learning-based security and privacy design; covert communications; information-theoretical foundations for advanced security and privacy techniques; lightweight cryptography for power constrained networks; physical layer key generation; prototypes and testbeds for security and privacy solutions; encryption and decryption algorithm for low-latency constrained networks; security protocols for modern wireless communication networks; network intrusion detection; physical layer design with security consideration; anonymity in data transmission; vulnerabilities in security and privacy in modern wireless communication networks; challenges of security and privacy in node–edge–cloud computation; security and privacy design for low-power wide-area IoT networks; security and privacy design for vehicle networks; security and privacy design for underwater communications networks