“…We plan to investigate such a promising research direction in the future. We also plan to investigate the growing attack surface with the integration of CPS systems with the 5G technology and beyond [40].…”
The Controller Area Network (CAN) bus suffers security vulnerabilities that allow message spoofing and masquerading Electronic Control Units (ECUs). A popular provision for mitigating these vulnerabilities is through the use of machine learning (ML) to derive ECU fingerprints based on the physical properties of bus signals. Particularly, voltage-based intrusion detection systems associate the message transmitter with its voltage fingerprint to detect conflicting logical ECU identifiers in the presence of cyberattacks. However, the signal characteristics depend on the operating conditions and hence the fingerprints need to be adapted overtime by online training of the underlying ML model. An adversary may exploit such a shortcoming to superimpose training data based on its own transmissions and thus bypass the protection mechanism. Such an attack not only allows device impersonation but also leads to rejecting transmissions of a legitimate ECU. This paper proposes an effective approach to thwart these attack scenarios. Our approach introduces unpredictably-scheduled transmissions involving one or multiple ECUs to confuse the adversary and ensure the generation of a legitimate fingerprinting dataset for online training. We validate the robustness of our approach using data collected from a real vehicle and show that it outperforms a prominent competing scheme by over 30% in terms of identifying malicious ECUs when the attacker could overwrite 50% of the retraining transmissions.
“…We plan to investigate such a promising research direction in the future. We also plan to investigate the growing attack surface with the integration of CPS systems with the 5G technology and beyond [40].…”
The Controller Area Network (CAN) bus suffers security vulnerabilities that allow message spoofing and masquerading Electronic Control Units (ECUs). A popular provision for mitigating these vulnerabilities is through the use of machine learning (ML) to derive ECU fingerprints based on the physical properties of bus signals. Particularly, voltage-based intrusion detection systems associate the message transmitter with its voltage fingerprint to detect conflicting logical ECU identifiers in the presence of cyberattacks. However, the signal characteristics depend on the operating conditions and hence the fingerprints need to be adapted overtime by online training of the underlying ML model. An adversary may exploit such a shortcoming to superimpose training data based on its own transmissions and thus bypass the protection mechanism. Such an attack not only allows device impersonation but also leads to rejecting transmissions of a legitimate ECU. This paper proposes an effective approach to thwart these attack scenarios. Our approach introduces unpredictably-scheduled transmissions involving one or multiple ECUs to confuse the adversary and ensure the generation of a legitimate fingerprinting dataset for online training. We validate the robustness of our approach using data collected from a real vehicle and show that it outperforms a prominent competing scheme by over 30% in terms of identifying malicious ECUs when the attacker could overwrite 50% of the retraining transmissions.
“…There are two mechanisms of eavesdropping which attacker use to accomplish their goal: Passive eavesdropping, from the word 'passive' involves inactively listening and interception of communication without triggering an alert [156].…”
The network interface layer of the TCP/IP protocol suite, primarily comprised of the Internet Protocol (IP), serves as the backbone of modern internet communication. With its efficient data delivery, The network interface layer, presents key challenges in terms of performance, security, and privacy. This comprehensive survey delves into these three crucial aspects, analyzing the inherent vulnerabilities, limitations of the interface layer, and provide solutions of the related problems. The performance analysis explores throughput, latency, and bandwidth constraints, along with solutions such as bandwidth allocation and optimization techniques. Vulnerabilities within Network Interface Layer, including denial-of-service attacks and MAC address spoofing, are discussed, along with a review of existing security mechanisms. Privacy flaws are examined, covering MAC address tracking, profiling risks, and anonymization techniques, while also addressing privacy considerations on the Internet of Things. The survey analyzes several case studies providing comparative analysis of the network interface layer protocols, with support of the real world scenarios including performance analysis in high density environment, and security and privacy risks in smart homes networks. The findings provide a comprehensive understanding of the complexities surrounding performance, security, and privacy issues future directions and potential solutions.
“…The comprehensive review in [21] illustrates ML's capabilities in pattern recognition, anomaly detection, and predictive analysis, marking a significant departure from rule-based systems towards adaptive, autonomous operations. Specifically, machine learning algorithms can analyze extensive datasets, learning and evolving through experiences without explicit programming for every contingency [22]. In study [23], the authors evaluate various machine learning models, highlighting their suitability for different network scenarios based on accuracy, computational requirements, and ease of implementation.…”
Section: B Machine Learning -A Paradigm Shift In Network Managementmentioning
The burgeoning complexity in network management has garnered considerable attention, specifically focusing on Software-Defined Networking (SDN), a transformative technology that addresses limitations inherent in traditional network infrastructures. Despite its advantages, SDN is often susceptible to bottlenecks and excessive load issues, underscoring the necessity for more robust load balancing solutions. Previous research in this realm has predominantly concentrated on employing static or dynamic methodologies, encapsulating only a handful of parameters for traffic management, thereby limiting their effectiveness. This study introduces an innovative, intelligence-led approach to service delivery systems in SDN, specifically by orchestrating packet forwarding-encompassing both TCP and UDP traffic-through a multi-faceted analysis utilizing twelve distinct parameters elaborated in subsequent sections. This research leverages advanced machine learning algorithms, notably K-Means and DBSCAN clustering, to discern patterns and optimize traffic distribution, ensuring a more nuanced, responsive load balancing mechanism. A salient feature of this methodology involves determining the ideal number of operational clusters to enhance efficiency systematically. The proposed system underwent rigorous testing with an escalating scale of network packets, encompassing counts of 5,000 to an extensive 10,000,000, to validate performance under varying load conditions. Comparative analysis between K-Means and DBSCAN's results reveals critical insights into their operational efficacy, corroborated by juxtaposition with extant scholarly perspectives. This investigation's findings significantly contribute to the discourse on adaptive network solutions, demonstrating that an intelligent, parameter-rich approach can substantively mitigate load-related challenges, thereby revolutionizing service delivery paradigms within Software-Defined Networks.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.