research-article

V2C: A Trust-Based Vehicle to Cloud Anomaly Detection Framework for Automotive Systems

Authors:

Thomas Rosenstatter,

Tomas Olovsson,

Magnus AlmgrenAuthors Info & Claims

ARES '21: Proceedings of the 16th International Conference on Availability, Reliability and Security

Article No.: 23, Pages 1 - 10

https://doi.org/10.1145/3465481.3465750

Published: 17 August 2021 Publication History

Abstract

Vehicles have become connected in many ways. They communicate with the cloud and will use Vehicle-to-Everything (V2X) communication to exchange warning messages and perform cooperative actions such as platooning. Vehicles have already been attacked and will become even more attractive targets due to their increasing connectivity, the amount of data they produce and their importance to our society. It is therefore crucial to provide cyber security measures to prevent and limit the impact of attacks.

As it is problematic for a vehicle to reliably assess its own state when it is compromised, we investigate how vehicle trust can be used to identify compromised vehicles and how fleet-wide attacks can be detected at an early stage using cloud data. In our proposed V2C Anomaly Detection framework, peer vehicles assess each other based on their perceived behavior in traffic and V2X-enabled interactions, and upload these assessments to the cloud for analysis. This framework consists of four modules. For each module we define functional demands, interfaces and evaluate solutions proposed in literature allowing manufacturers and fleet owners to choose appropriate techniques. We detail attack scenarios where this type of framework is particularly useful in detecting and identifying potential attacks and failing software and hardware. Furthermore, we describe what basic vehicle data the cloud analysis can be based upon.

References

[1]

Ryan P. Adams and David. J. C. MacKay. 2007. Bayesian Online Changepoint Detection. arxiv:0710.3742 [stat.ML]

[2]

Samaneh Aminikhanghahi and Diane J. Cook. 2017. A survey of methods for time series change point detection. Knowledge and Information Systems 51, 2 (2017), 339–367. https://doi.org/10.1007/s10115-016-0987-z

Digital Library

[3]

Michèle Basseville and Igor V. Nikiforov. 1993. Detection of abrupt changes: theory and application. Vol. 104. Prentice Hall, Englewood Cliffs, NJ.

[4]

Norbert Bißmeyer, Sebastian Mauthofer, Kpatcha M. Bayarou, and Frank Kargl. 2012. Assessment of node trustworthiness in VANETs using data plausibility checks with particle filters. In Vehicular Networking Conference (VNC). IEEE, Seoul, South Korea, 78–85. https://doi.org/10.1109/VNC.2012.6407448

[5]

Anna L. Buczak and Erhan Guven. 2016. A Survey of Data Mining and Machine Learning Methods for Cyber Security Intrusion Detection. IEEE Communications Surveys Tutorials 18, 2 (2016), 1153–1176. https://doi.org/10.1109/COMST.2015.2494502

Digital Library

[6]

Stephen Checkoway, Damon McCoy, Brian Kantor, Danny Anderson, Hovav Shacham, 2011. Comprehensive Experimental Analyses of Automotive Attack Surfaces. In USENIX Security Symposium. USENIX, San Francisco, CA, 77–92.

[7]

Thomas M. Chen and Varadharajan Venkataramanan. 2005. Dempster-Shafer theory for intrusion detection in ad hoc networks. IEEE Internet Computing 9, 6 (2005), 35–41. https://doi.org/10.1109/MIC.2005.123

Digital Library

[8]

Arturo Davila and Mario Nombela. 2012. Platooning - Safe and Eco-Friendly Mobility.SAE Technical Paper 2012-01-0488, Article 2012-01-0488 (2012), 5 pages.

[9]

Hervé Debar, Marc Dacier, and Andreas Wespi. 1999. Towards a taxonomy of intrusion-detection systems. Computer Networks 31, 8 (1999), 805 – 822. https://doi.org/10.1016/S1389-1286(98)00017-6

[10]

Marcos Duarte. 2020. detecta: A Python module to detect events in data. https://github.com/demotu/detecta. visited on 2020-11-12.

[11]

Richard G. Engoulou, Martine Bellaiche, Talal Halabi, and Samuel Pierre. 2019. A Decentralized Reputation Management System for Securing the Internet of Vehicles. In International Conference on Computing, Networking and Communications (ICNC). IEEE, Honolulu, HI, 900–904. https://doi.org/10.1109/ICCNC.2019.8685551

[12]

ETSI. 2014. Basic Set of Applications; Part 2: Specification of Cooperative Awareness Basic Service. Intelligent Transport Systems (ITS) – Vehicular Communications EN 302 637-2 V1.3.2. ETSI.

[13]

Usama Fayyad, Gregory Piatetsky-Shapiro, and Padhraic Smyth. 1996. From Data Mining to Knowledge Discovery in Databases. AI Magazine 17, 3 (Mar. 1996), 37. https://doi.org/10.1609/aimag.v17i3.1230

Digital Library

[14]

The European Union Agency for Network and Information Security (ENISA). 2019. Good Practices for Security of Smart Cars. Technical Report. ENISA.

[15]

International Organization for Standardization (ISO). 2020. ISO 14229:2020 Road vehicles – Unified diagnostic services (UDS). Standard. ISO.

[16]

Pierre Granjon. 2013. The CuSum algorithm-a small review. Technical Report hal-00914697. GIPSA-lab.

[17]

Pinyao Guo, Hunmin Kim, Le Guan, Minghui Zhu, and Peng Liu. 2018. VCIDS: Collaborative Intrusion Detection of Sensor and Actuator Attacks on Connected Vehicles. In Security and Privacy in Communication Networks, X. Lin, A. Ghorbani, K. Ren, S. Zhu, and A. Zhang (Eds.). Springer International Publishing, Cham, 377–396.

[18]

Talal Halabi and Mohammad Zulkernine. 2019. Trust-Based Cooperative Game Model for Secure Collaboration in the Internet of Vehicles. In International Conference on Communications (ICC). IEEE, Shanghai, China, 1–6. https://doi.org/10.1109/ICC.2019.8762069

[19]

Ezz E. Hemdan and D. H. Manjaiah. 2018. Cybercrimes Investigation and Intrusion Detection in Internet of Things Based on Data Science Methods. Springer International Publishing, Cham, 39–62. https://doi.org/10.1007/978-3-319-70688-7_2

[20]

Rasheed Hussain, Jooyoung Lee, and Sherali Zeadally. 2020. Trust in VANET: A Survey of Current Solutions and Future Research Opportunities. IEEE Transactions on Intelligent Transportation Systems (2020), 1–19.

[21]

Myeongsu Kang. 2019. Machine Learning: Anomaly Detection. Wiley-IEEE Press, Hoboken, NJ, Chapter 6, 131–162. https://doi.org/10.1002/9781119515326.ch6

[22]

Chaker A. Kerrache, Carlos T. Calafate, Nasreddine Lagraa, Juan-Carlos Cano, and Pietro Manzoni. 2016. Hierarchical adaptive trust establishment solution for vehicular networks. In 27th Annual International Symposium on Personal, Indoor, and Mobile Radio Communications (PIMRC). IEEE, Valencia, Spain, 1–6. https://doi.org/10.1109/PIMRC.2016.7794617

Digital Library

[23]

Johannes Kulick. 2020. Bayesian Changepoint Detection – Python Implementation. https://github.com/hildensia/bayesian_changepoint_detection visited on 2020-11-12.

[24]

Fei T. Liu, Kai M. Ting, and Zhi-Hua Zhou. 2008. Isolation Forest. In Eighth International Conference on Data Mining. IEEE, Pisa, Italy, 413–422. https://doi.org/10.1109/ICDM.2008.17

Digital Library

[25]

Javier Martínez Torres, Carla Iglesias Comesaña, and Paulino J. García-Nieto. 2019. Review: machine learning techniques applied to cybersecurity. International Journal of Machine Learning and Cybernetics 10, 10 (01 Oct 2019), 2823–2836. https://doi.org/10.1007/s13042-018-00906-1

[26]

Charlie Miller and Chris Valasek. 2015. Remote exploitation of an unaltered passenger vehicle. Black Hat USA (2015), 91.

[27]

Michael Müter, André Groll, and Felix C. Freiling. 2010. A structured approach to anomaly detection for in-vehicle networks. In Sixth International Conference on Information Assurance and Security. IEEE, Atlanta, GA, 92–98. https://doi.org/10.1109/ISIAS.2010.5604050

[28]

Tarak Nandy, Rafidah M. Noor, Mohd Yamani Idna Bin Idris, and Sananda Bhattacharyya. 2020. T-BCIDS: Trust-Based Collaborative Intrusion Detection System for VANET. In 2020 National Conference on Emerging Trends on Sustainable Technology and Engineering Applications (NCETSTEA). Durgapur, India, 1–5. https://doi.org/10.1109/NCETSTEA48365.2020.9119934

[29]

Nasser Nowdehi, Wissam Aoudi, Magnus Almgren, and Tomas Olovsson. 2019. CASAD: CAN-Aware Stealthy-Attack Detection for In-Vehicle Networks. (2019). arxiv:1909.08407 [cs.CR]

[30]

Ewan S Page. 1954. Continuous inspection schemes. Biometrika 41, 1/2 (1954), 100–115.

[31]

Xiaofei Qu, Lin Yang, Kai Guo, Linru Ma, Meng Sun, 2019. A survey on the Development of Self-Organizing Maps for Unsupervised Intrusion Detection. Mobile Networks and Applications (02 Oct 2019). https://doi.org/10.1007/s11036-019-01353-0

Digital Library

[32]

Thomas Rosenstatter and Cristofer Englund. 2018. Modelling the Level of Trust in a Cooperative Automated Vehicle Control System. IEEE Transactions on Intelligent Transportation Systems 19, 4(2018), 1237–1247. https://doi.org/10.1109/TITS.2017.2749962

[33]

Steffen Sanwald, Liron Kaneti, Marc Stöttinger, and Martin Böhner. 2020. Secure Boot Revisited: Challenges for Secure Implementations in the Automotive Domain. SAE Int. J. Transp. Cyber. & Privacy 2, 2 (aug 2020), 69–81. https://doi.org/10.4271/11-02-02-0008

[34]

Glenn Shafer. 1992. Dempster-shafer theory. Encyclopedia of artificial intelligence 1 (1992), 330–331.

[35]

Erfan A. Shams, Ahmet Rizaner, and Ali H. Ulusoy. 2018. Trust aware support vector machine intrusion detection and prevention system in vehicular ad hoc networks. Computers & Security 78(2018), 245–254. https://doi.org/10.1016/j.cose.2018.06.008

[36]

Md A. Siddiqui, Jack W. Stokes, Christian Seifert, Evan Argyle, Robert McCann, 2019. Detecting Cyber Attacks Using Anomaly Detection with Explanations and Expert Feedback. In International Conference on Acoustics, Speech and Signal Processing (ICASSP). IEEE, Brighton, United Kingdom, 2872–2876. https://doi.org/10.1109/ICASSP.2019.8683212

[37]

Chawin Sitawarin, Arjun N. Bhagoji, Arsalan Mosenia, Mung Chiang, and Prateek Mittal. 2018. DARTS: Deceiving Autonomous Cars with Toxic Signs. arxiv:1802.06430 [cs.CR]

[38]

Seyed A. Soleymani, Abdul H. Abdullah, Mahdi Zareei, Mohammad H. Anisi, Cesar Vargas-Rosales, 2017. A Secure Trust Model Based on Fuzzy Logic in Vehicular Ad Hoc Networks With Fog Computing. IEEE Access 5(2017), 15619–15629. https://doi.org/10.1109/ACCESS.2017.2733225

[39]

Minrui Yan, Jiahao Li, and Guy Harpak. 2020. Security Research Report on Mercedes-Benz Cars. Black Hat USA (2020), 38. https://www.blackhat.com/us-20/briefings/schedule/index.html#security-research-on-mercedes-benz-from-hardware-to-car-control-20746

[40]

Chunhua Zhang, Kangqiang Chen, Xin Zeng, and Xiaoping Xue. 2018. Misbehavior Detection Based on Support Vector Machine and Dempster-Shafer Theory of Evidence in VANETs. IEEE Access 6(2018), 59860–59870. https://doi.org/10.1109/ACCESS.2018.2875678

Cited By

Michl MHof HKatzenbeisser SFritz MKrauß CHof H(2024)Classification, Impact, and Mitigation Strategies of Attacks in Automotive Trust Management SystemsProceedings of the 2024 Cyber Security in CarS Workshop10.1145/3689936.3694691(61-75)Online publication date: 20-Nov-2024
https://dl.acm.org/doi/10.1145/3689936.3694691
Dong HKotenko I(2024)Enhancing Security in EV Charging Systems: A Hybrid Detection and Mitigation Approach2024 IEEE International Conference on Cloud Computing Technology and Science (CloudCom)10.1109/CloudCom62794.2024.00014(1-8)Online publication date: 9-Dec-2024
https://doi.org/10.1109/CloudCom62794.2024.00014
Kern DKrauß CHollick M(2023)Detection of Anomalies in Electric Vehicle Charging SessionsProceedings of the 39th Annual Computer Security Applications Conference10.1145/3627106.3627127(298-309)Online publication date: 4-Dec-2023
https://dl.acm.org/doi/10.1145/3627106.3627127
Show More Cited By

Index Terms

Index terms have been assigned to the content through auto-classification.

Recommendations

Secure service discovery protocol for intelligent transport systems: proof of correctness
DIVANet '11: Proceedings of the first ACM international symposium on Design and analysis of intelligent vehicular networks and applications

Intelligent Transportation Systems (ITS) have attracted many researchers that invested a lot of effort to develop many applications mainly for vehicular systems. Existing and investigated applications in vehicular systems are classified in two folds: ...
Towards a Distraction-free Waze
HotMobile '19: Proceedings of the 20th International Workshop on Mobile Computing Systems and Applications

Real-time traffic monitoring has had widespread success via crowd-sourced GPS data. While drivers benefit from this low-level, low-latency road information, any high-level traffic data such as road closures and accidents currently have very high latency ...
Live Synthesis of Vehicle-Sourced Data Over 4G LTE
MSWiM '17: Proceedings of the 20th ACM International Conference on Modelling, Analysis and Simulation of Wireless and Mobile Systems

Accurate, up-to-date maps of transient traffic and hazards are invaluable to drivers, city managers, and the emerging class of self-driving vehicles. We present LiveMap, a scalable, automated system for acquiring, curating, and disseminating detailed, ...

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences

ARES '21: Proceedings of the 16th International Conference on Availability, Reliability and Security

August 2021

1447 pages

ISBN:9781450390514

DOI:10.1145/3465481

Copyright © 2021 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 17 August 2021

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Conference

ARES 2021

ARES 2021: The 16th International Conference on Availability, Reliability and Security

August 17 - 20, 2021

Vienna, Austria

Acceptance Rates

Overall Acceptance Rate 228 of 451 submissions, 51%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

4
Total Citations
View Citations
271
Total Downloads

Downloads (Last 12 months)54
Downloads (Last 6 weeks)4

Reflects downloads up to 01 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

Michl MHof HKatzenbeisser SFritz MKrauß CHof H(2024)Classification, Impact, and Mitigation Strategies of Attacks in Automotive Trust Management SystemsProceedings of the 2024 Cyber Security in CarS Workshop10.1145/3689936.3694691(61-75)Online publication date: 20-Nov-2024
https://dl.acm.org/doi/10.1145/3689936.3694691
Dong HKotenko I(2024)Enhancing Security in EV Charging Systems: A Hybrid Detection and Mitigation Approach2024 IEEE International Conference on Cloud Computing Technology and Science (CloudCom)10.1109/CloudCom62794.2024.00014(1-8)Online publication date: 9-Dec-2024
https://doi.org/10.1109/CloudCom62794.2024.00014
Kern DKrauß CHollick M(2023)Detection of Anomalies in Electric Vehicle Charging SessionsProceedings of the 39th Annual Computer Security Applications Conference10.1145/3627106.3627127(298-309)Online publication date: 4-Dec-2023
https://dl.acm.org/doi/10.1145/3627106.3627127
Blanco DLe Mouël FLin TEscudié M(2023)A Comprehensive Survey on Software as a Service (SaaS) Transformation for the Automotive SystemsIEEE Access10.1109/ACCESS.2023.329425611(73688-73753)Online publication date: 2023
https://doi.org/10.1109/ACCESS.2023.3294256

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

HTML Format

View this article in HTML Format.

Figures

Tables

Media

View Table of Conten