-
Improvement and Evaluation of Resilience of Adaptive Cruise Control Against Spoofing Attacks Using Intrusion Detection System
Authors:
Mubark B. Jedh,
Lotfi ben Othmane,
Arun K. Somani
Abstract:
The Adaptive Cruise Control (ACC) system automatically adjusts the vehicle speed to maintain a safe distance between the vehicle and the lead (ahead) vehicle. The controller's decision to accelerate or decelerate is computed using the target speed of the vehicle and the difference between the vehicle's distance to the lead vehicle and the safe distance from that vehicle. Spoofing the vehicle speed…
▽ More
The Adaptive Cruise Control (ACC) system automatically adjusts the vehicle speed to maintain a safe distance between the vehicle and the lead (ahead) vehicle. The controller's decision to accelerate or decelerate is computed using the target speed of the vehicle and the difference between the vehicle's distance to the lead vehicle and the safe distance from that vehicle. Spoofing the vehicle speed communicated through the Controller Area Network (CAN) of the vehicle impacts negatively the capability of the ACC (Proportional-Integral-Derivative variant) to prevent crashes with the lead vehicle. The paper reports about extending the ACC with a real-time Intrusion Detection System (IDS) capable of detecting speed spoofing attacks with reasonable response time and detection rate, and simulating the proposed extension using the CARLA simulation platform. The results of the simulation are: (1) spoofing the vehicle speed can foil the ACC to falsely accelerate, causing accidents, and (2) extending ACC with ML-based IDS to trigger the brakes when an accident is imminent may mitigate the problem. The findings suggest exploring the capabilities of ML-based IDS to support the resilience mechanisms in mitigating cyber-attacks on vehicles.
△ Less
Submitted 1 February, 2023;
originally announced February 2023.
-
Making Secure Software Insecure without Changing Its Code: The Possibilities and Impacts of Attacks on the DevOps Pipeline
Authors:
Nicholas Pecka,
Lotfi ben Othmane,
Altaz Valani
Abstract:
Companies are misled into thinking they solve their security issues by using a DevSecOps system. This paper aims to answer the question: Could a DevOps pipeline be misused to transform a securely developed application into an insecure one? To answer the question, we designed a typical DevOps pipeline utilizing Kubernetes (K8s} as a case study environment and analyzed the applicable threats. Then,…
▽ More
Companies are misled into thinking they solve their security issues by using a DevSecOps system. This paper aims to answer the question: Could a DevOps pipeline be misused to transform a securely developed application into an insecure one? To answer the question, we designed a typical DevOps pipeline utilizing Kubernetes (K8s} as a case study environment and analyzed the applicable threats. Then, we developed four attack scenarios against the case study environment: maliciously abusing the user's privilege of deploying containers within the K8s cluster, abusing the Jenkins instance to modify files during the continuous integration, delivery, and deployment systems (CI/CD) build phase, modifying the K8s DNS layer to expose an internal IP to external traffic, and elevating privileges from an account with create, read, update, and delete (CRUD) privileges to root privileges. The attacks answer the research question positively: companies should design and use a secure DevOps pipeline and not expect that using a DevSecOps environment alone is sufficient to deliver secure software.
△ Less
Submitted 30 January, 2022;
originally announced January 2022.
-
Evaluation of the Architecture Alternatives for Real-time Intrusion Detection Systems for Connected Vehicles
Authors:
Mubark B Jedh,
Jian Kai Lee,
Lotfi ben Othmane
Abstract:
Attackers demonstrated the use of remote access to the in-vehicle network of connected vehicles to launch cyber-attacks and remotely take control of these vehicles. Machine-learning-based Intrusion Detection Systems (IDSs) techniques have been proposed for the detection of such attacks. The evaluation of some of these IDS demonstrated their efficacy in terms of accuracy in detecting message inject…
▽ More
Attackers demonstrated the use of remote access to the in-vehicle network of connected vehicles to launch cyber-attacks and remotely take control of these vehicles. Machine-learning-based Intrusion Detection Systems (IDSs) techniques have been proposed for the detection of such attacks. The evaluation of some of these IDS demonstrated their efficacy in terms of accuracy in detecting message injections but was performed offline, which limits the confidence in their use for real-time protection scenarios. This paper evaluates four architecture designs for real-time IDS for connected vehicles using Controller Area Network (CAN) datasets collected from a moving vehicle under malicious speed reading message injections. The evaluation shows that a real-time IDS for a connected vehicle designed as two processes, a process for CAN Bus monitoring and another one for anomaly detection engine is reliable (no loss of messages) and could be used for real-time resilience mechanisms as a response to cyber-attacks.
△ Less
Submitted 17 January, 2022;
originally announced January 2022.
-
Detection of Message Injection Attacks onto the CAN Bus using Similarity of Successive Messages-Sequence Graphs
Authors:
Mubark Jedh,
Lotfi ben Othmane,
Noor Ahmed,
Bharat Bhargava
Abstract:
The smart features of modern cars are enabled by a number of Electronic Control Units (ECUs) components that communicate through an in-vehicle network, known as Controller Area Network (CAN) bus. The fundamental challenge is the security of the communication link where an attacker can inject messages (e.g., increase the speed) that may impact the safety of the driver. Develo** an effective defen…
▽ More
The smart features of modern cars are enabled by a number of Electronic Control Units (ECUs) components that communicate through an in-vehicle network, known as Controller Area Network (CAN) bus. The fundamental challenge is the security of the communication link where an attacker can inject messages (e.g., increase the speed) that may impact the safety of the driver. Develo** an effective defensive security solution depends on the knowledge of the identity of the ECUs, which is proprietary information. This paper proposes a message injection attack detection mechanism that is independent of the IDs of the ECUs, which is achieved by capturing the patterns in the message sequences. First, we represent the sequencing ofther messages in a given time-interval as a direct graph and compute the similarities of the successive graphs using the cosine similarity and Pearson correlation. Then, we apply threshold, change point detection, and Long Short-Term Memory (LSTM)-Recurrent NeuralNetwork (RNN) to detect and predict malicious message injections into the CAN bus. The evaluation of the methods using a dataset collected from a moving vehicle under malicious RPM and speed reading message injections show a detection accuracy of 98.45% when using LSTM-RNN and 97.32% when using a threshold method. Further, the pace of detecting the change isfast for the case of injection of RPM reading messagesbut slow for the case of injection of speed readingsmessages.
△ Less
Submitted 8 April, 2021; v1 submitted 8 April, 2021;
originally announced April 2021.
-
Threat Modeling of Cyber-Physical Systems in Practice
Authors:
Ameerah-Muhsinah Jamil,
Lotfi ben Othmane,
Altaz Valani
Abstract:
Traditional Cyber-physical Systems(CPSs) were not built with cybersecurity in mind. They operated on separate Operational Technology (OT) networks. As these systems now become more integrated with Information Technology (IT) networks based on IP, they expose vulnerabilities that can be exploited by the attackers through these IT networks. The attackers can control such systems and cause behavior t…
▽ More
Traditional Cyber-physical Systems(CPSs) were not built with cybersecurity in mind. They operated on separate Operational Technology (OT) networks. As these systems now become more integrated with Information Technology (IT) networks based on IP, they expose vulnerabilities that can be exploited by the attackers through these IT networks. The attackers can control such systems and cause behavior that jeopardizes the performance and safety measures that were originally designed into the system. In this paper, we explore the approaches to identify threats to CPSs and ensure the quality of the created threat models. The study involves interviews with eleven security experts working in security consultation companies, software engineering companies, an Original Equipment Manufacturer (OEM),and ground and areal vehicles integrators. We found through these interviews that the practitioners use a combination of various threat modeling methods, approaches, and standards together when they perform threat modeling of given CPSs. key challenges practitioners face are: they cannot transfer the threat modeling knowledge that they acquire in a cyber-physical domain to other domains, threat models of modified systems are often not updated, and the reliance on mostly peer-evaluation and quality checklists to ensure the quality of threat models. The study warns about the difficulty to develop secure CPSs and calls for research on develo** practical threat modeling methods for CPSs, techniques for continuous threat modeling, and techniques to ensure the quality of threat models.
△ Less
Submitted 6 March, 2021;
originally announced March 2021.
-
Self-Confidence of Undergraduate Students in Designing Software Architecture
Authors:
Lotfi ben Othmane,
Ameerah-Muhsina Jamil
Abstract:
Software architecture students, often, lack self-confidence in their ability to use their knowledge to design software architectures. This paper investigates the relations between undergraduate software architecture students' self-confidence and their course expectations, cognitive levels, preferred learning methods, and critical thinking. We developed a questionnaire with open-ended questions to…
▽ More
Software architecture students, often, lack self-confidence in their ability to use their knowledge to design software architectures. This paper investigates the relations between undergraduate software architecture students' self-confidence and their course expectations, cognitive levels, preferred learning methods, and critical thinking. We developed a questionnaire with open-ended questions to assess the self-confidence levels and related factors, which was taken by one-hundred ten students in two semesters. The students answers were coded and analyzed afterward. We found that self-confidence is weakly associated with the students' critical thinking and independent from their cognitive levels, preferred learning methods, and expectations from the course. The results suggest that to improve the self-confidence of the students, the instructors should work on improving the students' critical thinking capabilities.
△ Less
Submitted 12 July, 2022; v1 submitted 18 February, 2021;
originally announced February 2021.