A profile-driven dynamic risk assessment framework for connected and autonomous vehicles

The Internet of Things has already demonstrated clear benefits when applied in many areas. In connected and autonomous vehicles (CAV), IoT data can help the autonomous systems make better decisions for safer and more secure transportation. For example, different IoT data sources can extend CAV's risk awareness, while the incoming data can update these risks in real-time for faster reactions that may mitigate possible damages. However, the current state of the art CAV research has not addressed this matter well enough. This paper proposes a profile-driven approach to manage IoT data in the context of CAV systems through a dynamic risk management framework. Unlike the current inflexible risk assessment strategies, the framework encourages more flexible investigation of risks through different risk profiles, each representing risk knowledge through a set of risk input considerations, assessment methods and optimal reaction strategies. As the risks change frequently with time and location, there will be no single profile that can cover all the risks that CAVs face on the road. The uses of different risk profiles, therefore can help interested parties to better understand the risks and adapt to various situations appropriately. Our framework includes the effective management of IoT data sources to enable the run-time risk assessment. We also describe a case study of using the proposed framework to manage the risks for the POD being developed in the Innovate UK-funded CAPRI project

A specification-based IDS for detecting attacks on RPL-based network topology

Routing Protocol for Low power and Lossy network (RPL) topology attacks can downgrade the network performance significantly by disrupting the optimal protocol structure. To detect such threats, we propose a RPL-specification, obtained by a semi-auto profiling technique that constructs a high-level abstract of operations through network simulation traces, to use as reference for verifying the node behaviors. This specification, including all the legitimate protocol states and transitions with corresponding statistics, will be implemented as a set of rules in the intrusion detection agents, in the form of the cluster heads propagated to monitor the whole network. In order to save resources, we set the cluster members to report related information about itself and other neighbors to the cluster head instead of making the head overhearing all the communication. As a result, information about a cluster member will be reported by different neighbors, which allow the cluster head to do cross-check. We propose to record the sequence in RPL Information Object (DIO) and Information Solicitation (DIS) messages to eliminate the synchronized issue created by the delay in transmitting the report, in which the cluster head only does cross-check on information that come from sources with the same sequence. Simulation results show that the proposed Intrusion Detection System (IDS) has a high accuracy rate in detecting RPL topology attacks, while only creating insignificant overhead (about 6.3%) that enable its scalability in large-scale network

Structure of multicorrelation sequences with integer part polynomial iterates along primes

Let $T$ be a measure preserving $\mathbb{Z}^\ell$-action on the probability space $(X,{\mathcal B},\mu),$ $q_1,\dots,q_m:{\mathbb R}\to{\mathbb R}^\ell$ vector polynomials, and $f_0,\dots,f_m\in L^\infty(X)$. For any $\epsilon > 0$ and multicorrelation sequences of the form $\displaystyle\alpha(n)=\int_Xf_0\cdot T^{ \lfloor q_1(n) \rfloor }f_1\cdots T^{ \lfloor q_m(n) \rfloor }f_m\;d\mu$ we show that there exists a nilsequence $\psi$ for which $\displaystyle\lim_{N - M \to \infty} \frac{1}{N-M} \sum_{n=M}^{N-1} |\alpha(n) - \psi(n)| \leq \epsilon$ and $\displaystyle\lim_{N \to \infty} \frac{1}{\pi(N)} \sum_{p \in {\mathbb P}\cap[1,N]} |\alpha(p) - \psi(p)| \leq \epsilon.$ This result simultaneously generalizes previous results of Frantzikinakis [2] and the authors [11,13].Comment: 7 page

Exchange routing information between new neighbor nodes to improve AODV performance

In Ad hoc On-Demand Distance Vector (AODV) protocol, once an on-demand link is established, it only maintains that link and does not care about any other paths. AODV may not use some more optimal or reserved paths which occur later but may improve its current transfer. We modify AODV that each node uses routing information provided by the new neighbour nodes to find out and update to better paths and create accumulated routes for later use. Our modeling results in NS2 show that the approach can create more optimal routes and significantly improve the performance with high mobility and traffic level network in term of delay and packet delivery ratio

A simplified approach for dynamic security risk management in connected and autonomous vehicles

Connected and autonomous vehicles (CAVs) have the potential to offer safer and more efficient transportation. However, such vehicles operate in complex heterogeneous environments and it is therefore essential to control the dynamic risks that the CAVs face during operation. Given that CAVs can be seriously impacted by cyber-attacks, their security issues have been investigated widely. However, existing approaches fail to adequately consider the dynamicity of the risks that arise and present methods to capture the changes in risks and adaptive mitigations. To bridge these gaps, this paper proposes a systematic approach, which comprises of three modules: a knowledge-based system to support the identification of the critical threats, a monitoring module to detect the changes in security context of the CAV and its surrounding environments, and a simplified assessment module to capture the dynamic risks and adjust the mitigations as needed. We investigate a case study of CAV platooning to evaluate our proposal

Shadows don’t lie : n-sequence trajectory inspection for misbehaviour detection and classification in VANETs

This paper presents a machine learning approach to detect and classify misbehaviour in Vehicular Ad-hoc Networks. We describe three novel features obtained from analysis o

Incorporating FAIR into Bayesian network for numerical assessment of loss event frequencies of smart grid cyber threats

In today’s cyber world, assessing security threats before implementing smart grids is essential to identify and mitigate the risks. Loss Event Frequency (LEF) is a concept provided by the well-known Factor Analysis of Information Risk (FAIR) framework to assess and categorize the cyber threats into five classes, based on their severity. As the number of threats is increasing, it is possible that many threats might fall under the same LEF category, but FAIR cannot provide any further mechanism to rank them. In this paper, we propose a method to incorporate the FAIR’s LEF into Bayesian Network (BN) to derive the numerical assessments to rank the threat severity. The BN probabilistic relations are inferred from the FAIR lookup tables to reflect and conserve the FAIR appraisal. Our approach extends FAIR functionality by providing a more detailed ranking, allowing fuzzy inputs, enabling the illustration of input-output relations, and identifying the most influential element of a threat to improve the effectiveness of countermeasure investment. Such improvements are demonstrated by applying the method to assess cyber threats in a smart grid robustness research project (IRENE)