HoneyCar: A Framework to Configure Honeypot Vulnerabilities on the Internet of Vehicles

Panda, Sakshyam; Raß, Stefan; Moschoyiannis, Sotiris; Liang, Kaitai; Loukas, George; Panaousis, Emmanouil

doi:10.1109/access.2022.3210117

Cited by 19 publications

(4 citation statements)

References 56 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…An important direction for further research would be to combine the risk assessment and optimisation framework presented in this paper with the game-theoretic frameworks such as [25], [38], [42], and [43], to explore how strategic interactions impact the optimal choice of controls and support cyber security decisions. Additionally, the optimisation functionality of CENSOR could be extended in terms of its scope to allow for different objective functions, reflected in risk measures, such as the VaR and the CVaR.…”

Section: Discussionmentioning

confidence: 99%

Cyber Risk Assessment and Optimization: A Small Business Case Study

et al. 2023

Self Cite

View full text Add to dashboard Cite

Assessing and controlling cyber risk is the cornerstone of information security management, but also a formidable challenge for organisations due to the uncertainties associated with attacks, the resulting risk exposure, and the availability of scarce resources for investment in mitigation measures. In this paper, we propose a cybersecurity decision-support framework, called CENSOR, for optimal cyber security investment. CENSOR accounts for the serial nature of a cyber attack, the uncertainty in the time required to exploit a vulnerability, and the optimisation of mitigation measures in the presence of a limited budget. First, we evaluate the cost that an organisation incurs due to a cyber security breach that progresses in stages and derive an analytical expression for the distribution of the present value of the cost. Second, we adopt a Set Covering and a Knapsack formulation to derive and compare optimal strategies for investment in mitigation measures. Third, we validate CENSOR via a case study of a small business (SB) based on: (i) the 2020 Common Weakness Enumeration (CWE) top 25 most dangerous software weaknesses; and (ii) the Center for Internet Security (CIS) Controls. Specifically, we demonstrate how the Knapsack formulation provides solutions that are both more affordable and entail lower risk compared to those of the Set Covering formulation. Interestingly, our results confirm that investing more in cybersecurity does not necessarily lead to an analogous cyber risk reduction, which indicates that the latter decelerates beyond a certain point of security investment intensity.

show abstract

Section: Discussionmentioning

confidence: 99%

Cyber Risk Assessment and Optimization: A Small Business Case Study

et al. 2023

Self Cite

View full text Add to dashboard Cite

show abstract

“…Panda et al [23] proposed a new decision support framework for Internet of Vehicles honeypot deception, using decoy systems such as honeypots to truly collect attacker data. Haydari et al [24] proposed a statistical non-parametric intrusion detection system for the online detection of attacks, which has superior performance in fast and accurate detection.…”

Section: Intrusion Detection Methods Based On Other Types (Nonmachine...mentioning

confidence: 99%

Intrusion Detection Model for Internet of Vehicles Using GRIPCA and OWELM

Zhang,

Yang,

Shao

et al. 2024

IEEE Access

View full text Add to dashboard Cite

With the rapid development of the Internet of Vehicles, a large amount of vehicle network data is being generated. The large amount of data presents network communication security challenges. Although intrusion detection technology can assist in safeguarding the system from malicious attacks, the substantial data generated within the vehicle network poses time-consuming detection challenges. Thus, we propose an intrusion detection model for the Internet of Vehicles, utilizing Gaussian random incremental principal component analysis (GRIPCA) and optimal weighted extreme learning machine (OWELM). First, we utilize GRIPCA to reduce data redundancy by projecting high-dimensional data into a low-dimensional space, thus reducing storage costs. Then, we utilize the dynamic inertia weight particle swarm optimization (DPSO) to optimize the parameters of the weighted extreme learning machine (WELM) to achieve the best performance. We utilize the NSL-KDD and CIC-IDS-2017 datasets to perform experiments and compare the results with other techniques. The experimental results show the excellence of the proposed model, achieving an accuracy rate of 91.02% on the NSL KDD dataset and 94.67% on the CIC-IDS-2017 dataset.INDEX TERMS Extreme learning machine, Internet of Vehicles, intrusion detection, particle swarm optimization, principal component analysis.

show abstract

“…The potential for cyber attacks on vehicles, infrastructure, and autonomous networks has already yielded some protective actions: situation reviews (Chen et al, 2022;Sharma and Gillanders, 2022), policy recommendations (Girdhar et al, 2022;Khan et al, 2022;Kukkala et al, 2022;Benyahya et al, 2023), honey-pots (Panda et al, 2022;Anastasiadis et al, 2023;Baldo et al, 2023), and attack detection (Chen et al, 2021;Zelle et al, 2022;Zhang et al, 2023). This activity demonstrates a high level of concern for the cybersecurity of vehicles, infrastructure, and autonomous vehicles.…”

Section: Security Considerationsmentioning

confidence: 99%

Key parameters linking cyber-physical trust anchors with embedded internet of things systems

Maasberg,

Butler,

Taylor

2023

Front. Comms. Net.

View full text Add to dashboard Cite

Integration of the Internet of Things (IoT) in the automotive industry has brought benefits as well as security challenges. Significant benefits include enhanced passenger safety and more comprehensive vehicle performance diagnostics. However, current onboard and remote vehicle diagnostics do not include the ability to detect counterfeit parts. A method is needed to verify authentic parts along the automotive supply chain from manufacture through installation and to coordinate part authentication with a secure database. In this study, we develop an architecture for anti-counterfeiting in automotive supply chains. The core of the architecture consists of a cyber-physical trust anchor and authentication mechanisms connected to blockchain-based tracking processes with cloud storage. The key parameters for linking a cyber-physical trust anchor in embedded IoT include identifiers (i.e., serial numbers, special features, hashes), authentication algorithms, blockchain, and sensors. A use case was provided by a two-year long implementation of simple trust anchors and tracking for a coffee supply chain which suggests a low-cost part authentication strategy could be successfully applied to vehicles. The challenge is authenticating parts not normally connected to main vehicle communication networks. Therefore, we advance the coffee bean model with an acoustical sensor to differentiate between authentic and counterfeit tires onboard the vehicle. The workload of secure supply chain development can be shared with the development of the connected autonomous vehicle networks, as the fleet performance is degraded by vehicles with questionable replacement parts of uncertain reliability.

show abstract

HoneyCar: A Framework to Configure Honeypot Vulnerabilities on the Internet of Vehicles

Cited by 19 publications

References 56 publications

Cyber Risk Assessment and Optimization: A Small Business Case Study

Cyber Risk Assessment and Optimization: A Small Business Case Study

Intrusion Detection Model for Internet of Vehicles Using GRIPCA and OWELM

Key parameters linking cyber-physical trust anchors with embedded internet of things systems

Contact Info

Product

Resources

About