Protecting Our Community from the Hidden Vulnerabilities of Today’s Intelligent Transportation Systems

The ever-evolving technology interwoven into the transportation industry leaves it frequently at risk for cyber-attacks. This study analyzes the security of a common in-vehicle network, the Controller Area Network (CAN), standard in most vehicles being manufactured today. Like many other networks, CAN comes with inherent vulnerabilities that leave CAN implementations at risk of being targeted by cybercriminals. Such vulnerabilities range from eavesdropping, where the attacker can read the raw data traversing the vehicle, to spoofing, where the attacker can place fabricated traffic on the network. The research team initially performed a simulation of CAN traffic generation followed by hardware implementation of the same on a test vehicle. Due to the concealed and untransparent nature of CAN, the team reverse-engineered the missing parameters through a series of passive sniffing attacks (attacks using data reading utilities called packet sniffers) on the network and then demonstrated the feasibility of the attack by placing fabricated frames on the CAN

Taming the Data in the Internet of Vehicles

As an emerging field, the Internet of Vehicles (IoV) has a myriad of security vulnerabilities that must be addressed to protect system integrity. To stay ahead of novel attacks, cybersecurity professionals are developing new software and systems using machine learning techniques. Neural network architectures improve such systems, including Intrusion Detection System (IDSs), by implementing anomaly detection, which differentiates benign data packets from malicious ones. For an IDS to best predict anomalies, the model is trained on data that is typically pre-processed through normalization and feature selection/reduction. These pre-processing techniques play an important role in training a neural network to optimize its performance. This research studies the impact of applying normalization techniques as a pre-processing step to learning, as used by the IDSs. The impacts of pre-processing techniques play an important role in training neural networks to optimize its performance. This report proposes a Deep Neural Network (DNN) model with two hidden layers for IDS architecture and compares two commonly used normalization pre-processing techniques. Our findings are evaluated using accuracy, Area Under Curve (AUC), Receiver Operator Characteristic (ROC), F-1 Score, and loss. The experimentations demonstrate that Z-Score outperforms no-normalization and the use of Min-Max normalization

A Cognitive Framework to Secure Smart Cities

The advancement in technology has transformed Cyber Physical Systems and their interface with IoT into a more sophisticated and challenging paradigm. As a result, vulnerabilities and potential attacks manifest themselves considerably more than before, forcing researchers to rethink the conventional strategies that are currently in place to secure such physical systems. This manuscript studies the complex interweaving of sensor networks and physical systems and suggests a foundational innovation in the field. In sharp contrast with the existing IDS and IPS solutions, in this paper, a preventive and proactive method is employed to stay ahead of attacks by constantly monitoring network data patterns and identifying threats that are imminent. Here, by capitalizing on the significant progress in processing power (e.g. petascale computing) and storage capacity of computer systems, we propose a deep learning approach to predict and identify various security breaches that are about to occur. The learning process takes place by collecting a large number of files of different types and running tests on them to classify them as benign or malicious. The prediction model obtained as such can then be used to identify attacks. Our project articulates a new framework for interactions between physical systems and sensor networks, where malicious packets are repeatedly learned over time while the system continually operates with respect to imperfect security mechanisms

Securing the Emerging Technologies of Autonomous and Connected Vehicles

The Internet of Vehicles (IoV) aims to establish a network of autonomous and connected vehicles that communicate with one another through facilitation led by road-side units (RSUs) and a central trust authority (TA). Messages must be efficiently and securely disseminated to conserve resources and preserve network security. Currently, research in this area lacks consensus about security schemes and methods of disseminating messages. Furthermore, a current deficiency of information regarding resource optimization prevents further efficient development of this network. This paper takes an interdisciplinary approach to these issues by merging both cybersecurity and data science to optimize and secure the network. The proposed method is to apply Prim’s algorithm to an existing vehicular security scheme, Privacy-Preserving Dual Authentication Scheme (PPDAS), to further network efficiency in terms of power and time consumption. When a dual authentication security scheme is in place, the time taken for message dissemination follows a quadratic growth; applying Prim’s algorithm to the security scheme reduces the time to disseminate messages to a linear growth. The number of messages sent was decreased by a magnitude of up to 44.57. Contemporary security schemes are compared with PPDAS to justify the overhead consumption. Through the proposed approach, the usage of network resources, such as power and time, is reduced, which substantially enhances the performance of the vehicular network and allows for the scalability of the IoV

Secure Device and Knowledge Discovery in Internet of Things

With the ever-growing adoption of Internet of Things (IoT), there is continued development and deployment of new nodes with various capabilities and services. Such heterogeneity introduces complexity and a significant need for neighbor service discovery frameworks. Because the types of services available are orders of magnitude more than pre-IoT era, researchers need new techniques to accurately discover not only the topologies and adjacencies but also the capability of other nodes and neighbors. Device discovery is usually the first task to be performed, immediately after deployment, as it enables communications, scheduling, and channel estimation. The existing discovery mechanisms do not consider the introduced overhead and are designed without consideration of the limited resources and the real-time computation requirements. In this dissertation, we propose a network-aware discovery framework based on the requirements of Internet Protocol (IPv6) and Low-power Wireless Personal Area Networks (LoWPAN). We propose a resource-oriented discovery protocol to achieve high accuracy while reducing coordination overhead and communication overhead imposed by task division or centralization of data mining with uncertain data provenance. This is done by utilizing computational resources available throughout various layers of data nodes and incorporating the fog computing paradigm, thus pushing decisions to the network edge and endpoint devices. Particularly, this dissertation looks at the problem of neighbor device and service discovery at Layer 3 and Layer 4. To date, no systematic investigation has considered the transport layer header for neighbor service discovery. We employed multiple methods to understand the challenges encountered by IoT designs and tested the proposed framework using software simulations and high-level simulation of IoT nodes and motes. Based on the experiments, it is demonstrated that network and transport layer headers are suitable for discovering devices and services in IoT networks with only a small number of overhead messages without much impact on the convergence time or the end-to-end delay and jitter. The findings provide support for the argument that device discovery can be enhanced using a cross-layer approach

Towards a Lightweight Intrusion Detection Framework for In-Vehicle Networks

With the emergence of networked devices, from the Internet of Things (IoT) nodes and cellular phones to vehicles connected to the Internet, there has been an ever-growing expansion of attack surfaces in the Internet of Vehicles (IoV). In the past decade, there has been a rapid growth in the automotive industry as network-enabled and electronic devices are now integral parts of vehicular ecosystems. These include the development of automobile technologies, namely, Connected and Autonomous Vehicles (CAV) and electric vehicles. Attacks on IoV may lead to malfunctioning of Electronic Control Unit (ECU), brakes, control steering issues, and door lock issues that can be fatal in CAV. To mitigate these risks, there is need for a lightweight model to identify attacks on vehicular systems. In this article, an efficient model of an Intrusion Detection System (IDS) is developed to detect anomalies in the vehicular system. The dataset used in this study is an In-Vehicle Network (IVN) communication protocol, i.e., Control Area Network (CAN) dataset generated in a real-time environment. The model classifies different types of attacks on vehicles into reconnaissance, Denial of Service (DoS), and fuzzing attacks. Experimentation with performance metrics of accuracy, precision, recall, and F-1 score are compared across a variety of classification models. The results demonstrate that the proposed model outperforms other classification models

Towards a Lightweight Intrusion Detection Framework for In-Vehicle Networks

With the emergence of networked devices, from the Internet of Things (IoT) nodes and cellular phones to vehicles connected to the Internet, there has been an ever-growing expansion of attack surfaces in the Internet of Vehicles (IoV). In the past decade, there has been a rapid growth in the automotive industry as network-enabled and electronic devices are now integral parts of vehicular ecosystems. These include the development of automobile technologies, namely, Connected and Autonomous Vehicles (CAV) and electric vehicles. Attacks on IoV may lead to malfunctioning of Electronic Control Unit (ECU), brakes, control steering issues, and door lock issues that can be fatal in CAV. To mitigate these risks, there is need for a lightweight model to identify attacks on vehicular systems. In this article, an efficient model of an Intrusion Detection System (IDS) is developed to detect anomalies in the vehicular system. The dataset used in this study is an In-Vehicle Network (IVN) communication protocol, i.e., Control Area Network (CAN) dataset generated in a real-time environment. The model classifies different types of attacks on vehicles into reconnaissance, Denial of Service (DoS), and fuzzing attacks. Experimentation with performance metrics of accuracy, precision, recall, and F-1 score are compared across a variety of classification models. The results demonstrate that the proposed model outperforms other classification models

Virtual Traffic Light Implementation on a Roadside Unit over 802.11p Wireless Access in Vehicular Environments

Blind intersections have high accident rates due to the poor visibility of oncoming traffic, high traffic speeds, and lack of infrastructure (e.g., stoplights). These intersections are more commonplace in rural areas, where traffic infrastructure is less developed. The Internet of Vehicles (IoV) aims to address such safety concerns through a network of connected and autonomous vehicles (CAVs) that intercommunicate. This paper proposes a Road-Side Unit-based Virtual Intersection Management (RSU-VIM) over 802.11p system consisting of a Field-Programmable Gate Array (FPGA) lightweight RSU that is solar power-based and tailored to rural areas. The RSU utilizes the proposed RSU-VIM algorithm adapted from existing virtual traffic light methodologies to communicate with vehicles over IEEE 802.11p and facilitate intersection traffic, minimizing visibility issues. The implementation of the proposed system has a simulated cloud delay of 0.0841 s and an overall system delay of 0.4067 s with 98.611% reliability

A Cognitive Framework to Secure Smart Cities

The advancement in technology has transformed Cyber Physical Systems and their interface with IoT into a more sophisticated and challenging paradigm. As a result, vulnerabilities and potential attacks manifest themselves considerably more than before, forcing researchers to rethink the conventional strategies that are currently in place to secure such physical systems. This manuscript studies the complex interweaving of sensor networks and physical systems and suggests a foundational innovation in the field. In sharp contrast with the existing IDS and IPS solutions, in this paper, a preventive and proactive method is employed to stay ahead of attacks by constantly monitoring network data patterns and identifying threats that are imminent. Here, by capitalizing on the significant progress in processing power (e.g. petascale computing) and storage capacity of computer systems, we propose a deep learning approach to predict and identify various security breaches that are about to occur. The learning process takes place by collecting a large number of files of different types and running tests on them to classify them as benign or malicious. The prediction model obtained as such can then be used to identify attacks. Our project articulates a new framework for interactions between physical systems and sensor networks, where malicious packets are repeatedly learned over time while the system continually operates with respect to imperfect security mechanisms