1 / 30

Secure and Trustworthy Data Management for Vehicular Cyber Physical Systems

This presentation discusses the challenges and opportunities in secure data management for vehicular cyber-physical systems. Topics include misbehavior detection, trust management, wireless network context awareness, and policy management.

fredal
Download Presentation

Secure and Trustworthy Data Management for Vehicular Cyber Physical Systems

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Secure and Trustworthy Data Management for Vehicular Cyber Physical Systems Dr. Wenjia Li Assistant Professor in Computer Science New York Institute of Technology

  2. Agenda • Introduction and Motivation • Prior Research Efforts • The Proposed Approach • Research Challenges/Opportunities • Conclusion

  3. Various Applications of Wireless Network and CPS Situation Awareness for Battlefield Emergency/Disaster Rescue Wireless Network Mobile Healthcare System Intelligent Transportation

  4. ABCs of Wireless Networks • Wireless Network: a kind of computer network that offers ubiquitous accessfor various devices (laptops, smart phones, tablets, sensors, RSUs, etc.) • Basic features of wireless networks • Limitedbattery life of each device • Ever complained about short battery life of your smart phone? • Short, open & error-prone transmission medium • Don’t forget to encrypt your WiFi network  • Constantly changing network topology • Keep in mind devices (and cars which carry them) are always moving  Cooperation among devices is very important for wireless networks

  5. What if Devices DON’T Cooperate? • Some nodes can exhibit uncooperative behaviors due to one of the following two reasons • Anomalies (such as device malfunctioning, power outage, high wind, etc.) • These behaviors are classified as faultybehaviors • Intentionallydisturbing network and causing damage • These behaviors are known as malicious behaviors • Both faulty behaviors and malicious behaviors are regarded as MISBEHAVIORS • Which type is MORE dangerous, malicious or faulty?

  6. Node Misbehaviors • Why we want to detect and fight against node misbehaviors? • Minimize the harm they cause • Punish misbehaving nodes • Encourage node cooperation Countermeasuresare NEEDED to address the security threats led by various node misbehaviors, especially those malicious ones

  7. Outgoing Packet B Incoming Packet Incoming PacketA Radio Range Watching Your Neighbors: Example 2: Packet Modified 1 2 1: Packet Dropped Sending MANY dummy data to occupy channel 3 3: DoS attack Observer Observed Nodes

  8. Traffic Monitoring – An ITS Application • Data security and trustworthiness are CRITICAL to the traffic monitoring application

  9. How to Secure Vehicular CPS?

  10. Misbehavior Detection • An important method to protect wireless networks and CPS from BOTH external attackers AND internal compromised nodes • Previous misbehavior detection methods • Intrusion detection system (IDS) for wireless networks • IDS sensor deployed on each node • NOT energy-efficient • Cluster-based IDS by Huang et al. • Cross-layer misbehavior detection by Parker et al. • Efforts to identify routing misbehaviors • “Watchdog” & “Pathrater” by Marti et al.

  11. Trust Management • Goal: assess various behaviors of other nodes and build atrustfor each node based on the behavior assessment • Node behavior observation • First-hand observation • Directly observed • Most trustworthy but only contains behaviors of DIRECT neighbors • Second-hand observation • Exchanged with other nodes • Less trustworthy but contains behavior observations for all the nodes

  12. Previous Research Efforts in Trust Management • Cooperation Of Nodes, Fairness In Dynamic Ad-hoc NeTworks (CONFIDANT) by Buchegger et al. • Aim: encourage the node cooperation and punish misbehaving nodes • Components: Monitor, Reputation System, Trust Manager, and Path Manager • Exchange both positive and negative observations with neighbors • CORE by Michiardi et al. • Similar to CONFIDANT • ONLY exchange POSITIVE observation with neighbors • Reputation system by Patwardhan et al. • Reputation determined by data validation • A few nodes named Anchor Nodesare trustworthy data sources • Data validation by either agreement among peers or direct communication with an anchor node

  13. Motivation

  14. Traditional Security Solutions Node 1 is misbehaving because it drops packets Misbehavior Detection 1 6 Node 1 is NOT trustworthy because it drops packets 2 Trust Management 5 3 4 Wireless Network Context Awareness Nodes2and 4 (1’s neighbors) are busy sending packets Q: Is Node 1 really malicious or not?

  15. An Example Scenario • Can we survive at -173 oC ? • Probably NO! • Error reading from sensor? • Maybe YES! • Malicious or faulty? • Totally NO clue! 

  16. Another Example Scenario • Node 1 are equally trustworthy in both cases? • Probably YES according to traditional security mechanisms • But actually NO because of the context in which the packet dropping occurs!

  17. Our Solution – A Holistic Framework • A holistic framework that integrates misbehavior detection, trust management, context awareness and policy management in a cooperative and adaptive manner • Misbehavior detection that does not rely on pre-defined fixed threshold • Models node trust as a vector instead of a scalar in wireless networks • Declares and enforces policies that better reflect the context in which misbehaviors occur

  18. Why Our Solution is Better? – An Example • Busy channel for node 1 •  • Node 1 is forcedto drop packets but it is NOTmalicious • its trust gets punished less Node 1 is misbehaving because it drops packets Misbehavior Detection Data Data 1 6 2 Policy Management Data 5 3 4 Mobile Ad-hoc Network Trust Management Context Awareness Node 1 is NOT trustworthy because it drops packets Nodes2and 4 (1’s neighbors) are busy sending packets

  19. A Closer Look at the Proposed Solutions

  20. How do Traditional Misbehavior Detection Methods Work? • Threshold-based solution: • “If total bad behavior > 10, then the node is misbehaving.” 7.4 11.5 12.4 GOOD BAD Weights sum up to 1 • Challenges: • Both the weights and the threshold are hard to decide manually because they heavily depend on environment and context!

  21. Our Solution: Support Vector Machine (SVM) • Support Vector Machine (SVM): a machine learning algorithm that is used to automatically classify nodes into misbehaving nodes and normal ones • SVM requires a set of training data to build the model • Training stage: SVM Algorithm An SVM Model

  22. Support Vector Machine: Detection Stage • Detection stage: The SVM Model

  23. Trust: A Scalar or A Vector? • Majority of current trust management schemes in wireless network model trust in ONE single scalar (i.e., one single value) • Observations to all types of misbehaviors are used to determine ONE single trust value for each node • Neither expressive nor accurate in complicated scenarios

  24. 10Incoming PacketsAi 10 Incoming Packets 10 Outgoing Packets Bi TenMisused RTS requests Radio Range How did Others Evaluate Trust? Node 2: 10Packets Modified 2 Node 1: 10Packets Dropped 1 3 Node 3: 10 RTS flooding attack Trust_1 = Trust_2 = Trust_3 = 0.9

  25. 10Incoming PacketsAi 10 Incoming Packets 10 Outgoing Packets Bi TenMisused RTS requests Radio Range Our Solution for Trust Management Node 2: 10Packets Modified 2 Node 1: 10Packets Dropped 1 3 Node 3: 10 RTS flooding attack

  26. Multi-dimensional Trust Management • Multi-dimensional trust management • Decide the trustworthiness of a node from several perspectives (for example 3) • Each dimension of trustworthiness is decided by a subset of misbehaviors

  27. Research Challenges/Opportunities • Short-term trust V.S. long-term trust (Data V.S. Device) • Sometimes you will NOT see your next car in highway again (not for a long time or never)! • In many cases we are also (or MORE) interested in how trustworthy a traffic event/alert is rather than the guy who reported it • So we want to evaluate and track the trustworthiness of the traffic data!

  28. Research Challenges/ Opportunities (Cont.) • Heterogeneous Sensor Data • Smartphone sensor data V.S. on-board vehicular sensor data (and even more) • How can we properly interpret and integrate these heterogeneous sensor data? • One solution: use policy rules as well as contextual information to help fuse these sensor data to better utilize them

  29. Conclusion • Security and trustworthiness are BOTH very important for wireless network and its applications • A holisticframework better secures wireless network than the existing solutions • Context makes you better understand the threats • Policy makes your countermeasure more accurate and adaptive

  30. Thank You  • Questions? • Email: wli20@nyit.edu

More Related