CPS: Breakthrough: Collaborative Research: Track and Fallback: Intrusion Detection to Counteract Carjack Hacks with Fail-Operational Feedback

CPS：突破：协作研究：跟踪和回退：入侵检测通过失败操作反馈来对抗劫车黑客

• 批准号: 1646317
• 负责人: Gedare Bloom
• 金额: $ 23.46万
• 依托单位: Howard University
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2016
• 资助国家: 美国
• 起止时间: 2016-10-01 至 2020-02-29
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1646317&HistoricalAwards=false
• 关键词: CPS; Breakthrough; Collaborative; Research; Track

The security of every vehicle on the road is necessary to ensure the safety of every person on or near roadways, whether a motorist, bicyclist, or pedestrian. Features such as infotainment, telematics, and driver assistance greatly increase the complexity of vehicles: top-of-the-line cars contain over 200 computers and 100 million lines of software code. With rising complexity comes rising costs to ensure safety and security. This project investigates novel methods to improve vehicular security by detecting malicious cyber attacks against a moving automobile and responding to those attacks in a manner that ensures the safety of humans in close proximity to the vehicle.The objective of this project is to protect in-vehicle networks from remote cyber attacks. The method of protection is a distributed in-vehicle network intrusion detection system (IDS) using information flow tracking and sensor data provenance in the cyber domain with novel approaches to address the physical uncertainty and time constraints of an automotive control system. When an intrusion is detected, the IDS triggers a fail-operational mode change to provide graceful degradation of service and initiate recovery without compromising human safety. Specific research aims of this project are to explore the design space of fail-operational IDS for automotive in-vehicle networks, to evaluate security and resiliency of an automobile using a fail-operational IDS, and to generalize fundamentals of a fail-operational IDS to other cyber-physical systems.

道路上每辆车的安全性对于确保道路上或道路附近的每个人的安全都是必要的，无论是驾驶员，骑自行车的人还是行人。信息娱乐、远程信息处理和驾驶员辅助等功能大大增加了车辆的复杂性：顶级汽车包含200多台计算机和1亿行软件代码。随着复杂性的增加，确保安全和保障的成本也在上升。本项目研究通过检测针对行驶中的汽车的恶意网络攻击，并以确保车辆附近人员安全的方式对这些攻击做出响应，从而提高车辆安全性的新方法。本项目的目标是保护车载网络免受远程网络攻击。保护的方法是一个分布式的车载网络入侵检测系统（IDS），使用信息流跟踪和传感器数据的出处在网络域与新的方法来解决物理的不确定性和时间限制的汽车控制系统。当检测到入侵时，IDS会触发故障操作模式更改，以提供适度的服务降级并启动恢复，而不会危及人员安全。该项目的具体研究目标是探索汽车车载网络的故障操作IDS的设计空间，使用故障操作IDS评估汽车的安全性和弹性，并将故障操作IDS的基本原理推广到其他网络物理系统。

项目成果

Anomaly Detection Approach Using Adaptive Cumulative Sum Algorithm for Controller Area Network

• DOI: 10.1145/3309171.3309178
• 发表时间: 2019-03
• 期刊: Proceedings of the ACM Workshop on Automotive Cybersecurity
• 作者: Habeeb Olufowobi;Uchenna Ezeobi;Eric Muhati;Gaylon Robinson;C. Young;Joseph Zambreno;Gedare Bloom

Optimized event notification in CAN through in-frame replies and Bloom filters

通过帧内回复和布隆过滤器优化 CAN 中的事件通知

• DOI: 10.1109/wfcs.2017.7991963
• 发表时间: 2017
• 期刊: 2017 IEEE 13th International Workshop on Factory Communication Systems (WFCS
• 作者: Bloom, Gedare;Cena, Gianluca;Bertolotti, Ivan Cibrario;Hu, Tingting;Valenzano, Adriano
• 通讯作者: Valenzano, Adriano

Event Notification in CAN-Based Sensor Networks

• DOI: 10.1109/tii.2019.2904082
• 发表时间: 2019-03
• 期刊: IEEE Transactions on Industrial Informatics
• 影响因子: 12.3
• 作者: Gedare Bloom;G. Cena;I. Bertolotti;T. Hu;N. Navet;A. Valenzano

Work-in-Progress: Real-Time Modeling for Intrusion Detection in Automotive Controller Area Network

正在进行的工作：汽车控制器局域网中入侵检测的实时建模

• DOI: 10.1109/rtss.2018.00030
• 发表时间: 2018
• 期刊: 2018 IEEE Real-Time Systems Symposium (RTSS
• 作者: Olufowobi, Habeeb;Bloom, Gedare;Young, Clinton;Zambreno, Joseph
• 通讯作者: Zambreno, Joseph

Automotive Intrusion Detection Based on Constant CAN Message Frequencies Across Vehicle Driving Modes

基于跨车辆驾驶模式的恒定 CAN 消息频率的汽车入侵检测

• DOI: 10.1145/3309171.3309179
• 发表时间: 2019
• 期刊: Proceedings of the ACM Workshop on Automotive Cybersecurity
• 作者: Young, Clinton;Olufowobi, Habeeb;Bloom, Gedare;Zambreno, Joseph
• 通讯作者: Zambreno, Joseph