A Note on the Security of ITS: Car Crash Analysis in Cruise Control Scenarios

Security of Intelligent Transportation Systems (ITS) heavily depends on the security of the underlying components that create such a smart ecosystem. Adaptive Cruise Control (ACC) is embedded into most modern vehicles. In this report, we study the situations that the two vehicles involved in a cruise control scenario create. More precisely, after breaking down the phases the two vehicle go through (especially the ego one), we show how a simple formula can be used to predict collisions in hard brake cruise control scenarios

Cyber Attacks via Consumer Electronics: Studying the Threat of Covert Malware in Smart and Autonomous Vehicles

peer reviewedIn Industry 5.0, man and machine work alongside each other in production, but smart and autonomous vehicles are examples that show this notion is now being extended to the end consumers. In 2015, a Jeep was remotely hacked through its head unit. This incident drew the public attention to vehicles security and showed how entertainment/infotainment consumer electronics can be used to intrude vehicles. In this paper, we study a novel covert attack that can be launched by malwares spreading through Intelligent Transportation Systems, e.g., via consumer electronics. This malware infects a vehicle module, like the Adaptive Cruise Controller (ACC), and manipulates its setting in a way that is not noticeable to human observers, but gives rise to accidents statistics. We show how this is done and analyze the effect mathematically. We also propose a new Intrusion Detection System (IDS) whose architecture is non-disruptive and can be readily adopted by car manufacturers. We evaluate our proposal with real-world datasets. We demonstrate how a malware/attacker can engineer the crash statistics by manipulating the safe distance value in cruise control scenarios. Then, we put an anomaly-based IDS for ACC modules into test and show how it can effectively detect such covert attacks

Decentralizing the lightning network: a score-based recommendation strategy for the autopilot system

Abstract The fundamental objective of the Lightning Network is to establish a decentralized platform for scaling the Bitcoin network and facilitating high-throughput micropayments. However, this network has gradually deviated from its decentralized topology since its operational inception, and its resources have quickly shifted towards centralization. The evolution of the network and the changes in its topology have been critically reviewed and criticized due to its increasing centralization. This study delves into the network’s topology and the reasons behind its centralized evolution. We explain the incentives of various participating nodes in the network and propose a score-based strategy for the Lightning Autopilot system, which is responsible for automatically establishing new payment channels for the nodes joining the network. Our study demonstrates that utilizing the proposed strategy could significantly aid in reducing the network’s centralization. This strategy is grounded in qualitative labeling of network nodes based on topological and protocol features, followed by the creation of a scoring and recommendation model. Results of the experiments indicate that in the evolved network using the proposed strategy, concentration indicators such as the Gini coefficient can decrease by up to 17%, and channels ownership of the top 1% of hubs decrease by 27% compared to other autopilot strategies. Moreover, through simulated targeted attacks on hubs and channels, it is shown that by adopting the proposed strategy, the network’s resilience is increased compared to the existing autopilot strategies for evolved networks. The proposed method from this research can also be integrated into operational Lightning clients and potentially replace the current recommendation methods used in Lightning Autopilot

Identification and analysis of stochastic deception attacks on cyber–physical systems

Cyber–Physical Systems (CPSs) refer to control systems which are composed of sensors, actuators, computers and network components. These systems are vulnerable to unforeseen failures and external malicious attacks. In this paper, we analyze the stability of CPSs under stochastic deception attacks. To this end: (i) we propose a statistical Intrusion Detection System (IDS) for detection of deception attacks in CPSs; (ii) identify the place of such attacks by taking advantage of a novel cryptographic adversarial model; (iii) based on the real-time data and characterizing the deception attacks by IDS, we analyze the effect of both adaptive and blind/random types of deception attacks on the stability of CPSs. We do this through Markov chain modeling and subsequently extract the sufficient stability conditions. (iv) as an extra effort, introduce a new adaptive and intelligent deception attack. We validate our findings by illustrative examples at the end of the paper. Our results show that proposed IDS can detect deception attacks with low false positive and negative rates in real time. The results also confirm the validity of the theoretically-predicted stability conditions.Peer reviewe