| 1. |
- Jolak, Rodi, et al.
(författare)
-
CONSERVE: A framework for the selection of techniques for monitoring containers security
- 2022
-
Ingår i: Journal of Systems and Software. - : Elsevier BV. - 0164-1212 .- 1873-1228. ; 186:April
-
Tidskriftsartikel (refereegranskat)abstract
- Context: Container-based virtualization is gaining popularity in different domains, as it supports continuous development and improves the efficiency and reliability of run-time environments. Problem: Different techniques are proposed for monitoring the security of containers. However, there are no guidelines supporting the selection of suitable techniques for the tasks at hand. Objective: We aim to support the selection and design of techniques for monitoring container-based virtualization environments. Approach:: First, we review the literature and identify techniques for monitoring containerized environments. Second, we classify these techniques according to a set of categories, such as technical characteristic, applicability, effectiveness, and evaluation. We further detail the pros and cons that are associated with each of the identified techniques. Result: As a result, we present CONSERVE, a multi-dimensional decision support framework for an informed and optimal selection of a suitable set of container monitoring techniques to be implemented in different application domains. Evaluation: A mix of eighteen researchers and practitioners evaluated the ease of use, understandability, usefulness, efficiency, applicability, and completeness of the framework. The evaluation shows a high level of interest, and points out to potential benefits. © 2021 The Authors
|
|
| 2. |
- Aoudi, Wissam, 1983, et al.
(författare)
-
Spectra: Detecting Attacks on In-Vehicle Networks through Spectral Analysis of CAN-Message Payloads
- 2021
-
Ingår i: Proceedings of the ACM Symposium on Applied Computing. - New York, NY, USA : ACM. ; , s. 1588-1597
-
Konferensbidrag (refereegranskat)abstract
- Nowadays, vehicles have complex in-vehicle networks that have recently been shown to be increasingly vulnerable to cyber-attacks capable of taking control of the vehicles, thereby threatening the safety of the passengers. Several countermeasures have been proposed in the literature in response to the arising threats, however, hurdle requirements imposed by the industry is hindering their adoption in practice. In this paper, we propose SPECTRA, a data-driven anomaly-detection mechanism that is based on spectral analysis of CAN-message payloads. SPECTRA does not abide by the strict specifications predefined for every vehicle model and addresses key real-world deployability challenges.
|
|
| 3. |
- Kleberger, Pierre, 1978, et al.
(författare)
-
Towards designing secure in-vehicle network architectures using community detection algorithms
- 2015
-
Ingår i: IEEE Vehicular Networking Conference, VNC. - 2157-9865 .- 2157-9857. - 9781479976607 ; 2015-January:January, s. 69-76
-
Konferensbidrag (refereegranskat)abstract
- Efforts in securing the in-vehicle network have resulted in a number of proposed security mechanisms in recent years. However, so far little attention has been given to the actual architecture of the in-vehicle network. An approach within in-vehicle network design is to divide the network into domains, where each domain consists of a set of Electronic Control Units (ECUs) that handles some united functionality, e.g., body control, powertrain, and telematics. Still, this approach is based on 'best engineering practice' and there is room for improvements. In this paper, we study real traffic from a modern car and we try to divide the in-vehicle network into domains using automated partitioning algorithms. To find the optimum division, we select four community detection algorithms, known from social network analysis, and we evaluate their ability to find these domains. We conclude that community detection algorithms can be used to identify in-vehicle domains based on the message types (signals) used in the in-vehicle network and we demonstrate this by applying the algorithms to real data. The approach is not limited to only message types, but domains can also be identified based on other criteria, such as frequency of messages, payload sizes, or Automotive Safety Integrity Levels (ASILs). We also conclude that the identification of good domains can facilitate the implementation of security measures. Therefore, we believe that the approach has great potential to help engineers in deriving secure in-vehicle network architectures during the design of a vehicle.
|
|
| 4. |
- Lautenbach, Aljoscha, 1985, et al.
(författare)
-
A Preliminary Security Assessment of 5G V2X
- 2019
-
Ingår i: IEEE Vehicular Technology Conference. - 1550-2252. ; 2019-April
-
Konferensbidrag (refereegranskat)abstract
- Research on intelligent transport systems (ITS) for improved traffic safety and efficiency has reached a high level of maturity and first applications will hit the market in 2019. Since 2004, the wireless standard 802.11p has been developed specifically for ITS services. Since then new telecommunication standards have been devised, and the new 5G telecommunication standard is nearing completion. Due to its technological advantages such as higher speeds and reliability, it is being considered to be used for ITS services.The new radio technology “NewRadio (NR)”, which is being developed as part of 5G, can complement or replace 802.11p in V2X applications. While there has been some work to compare 802.11p and 5G New Radio in terms of performance and applicability for safety-critical use cases, little work has been done to investigate the implications for security. In this paper, we provide an overview of the security requirements of known ETSI ITS use cases, and based on those use cases we compare and assess the security implications of replacing 802.11p with cellular V2X. We find that due to the use of millimeter waves, beamforming and massive MIMO, there will be an implicit improvement for confidentiality and privacy, and it may also be possible to shorten authentication procedures in certain cases. When a fully network-assisted C-V2X mode is chosen, it is also possible to outsource several of the ITS security requirements to the cellular network.
|
|
| 5. |
- Nowdehi, Nasser, 1986
(författare)
-
Automotive Communication Security Methods and Recommendations for Securing In-vehicle and V2X Communications
- 2019
-
Doktorsavhandling (övrigt vetenskapligt/konstnärligt)abstract
- Today’s vehicles contain approximately more than 100 interconnected computers (ECUs), several of which will be connected to the Internet or external devices and networks around the vehicle. In the near future vehicles will extensively communicate with their environment via Vehicle to Vehicle (V2V) and Vehicle to Infrastructure (V2I), together called V2X communications. Such level of connectivity enables car manufacturers to implement new entertainment systems and to provide safety features to decrease the number of road accidents. Moreover, authorities can deploy the traffic information provided by vehicular communications to improve the traffic management. Despite the great benefits that comes with vehicular communications, there are also risks associated with exposing a safety-critical integrated system to external networks. It has already been proved that vehicles can be remotely hacked and the safety critical functions such as braking system and steering wheel can be compromised to endanger the safety of passengers. This puts high demands on IT security and car manufacturers to secure vehicular communications. This thesis proposes methods and recommendations for improving the security of internal and external vehicular communications. The main contributions of this thesis are contained in six included papers, and cover the following research areas of automotive security: (i) secure network architecture design , (ii) attack protection , (iii) attack detection , and (iv) V2X security . The first two papers in the collection are on the topic of secure network architecture design and propose an automated approach for grouping in-vehicle ECUs into security domains which facilitate the implementation of security measures in in-vehicle networks. The third paper is on the topic of attack protection and evaluates the applicability of existing Controller Area Network (CAN) bus authentication solutions to a vehicular context. In particular, this paper identifies five critical requirements for an authentication solution to be used in such a context. The fourth paper deals with the issue of attack detection in in-vehicle networks and proposes a specification agnostic method for detecting intrusion in vehicles. The fifth paper identifies weaknesses or deficiencies in the design of the ETSI V2X security standard and proposes changes to fix the identified weaknesses or deficiencies. The last paper investigates the security implications of adopting 5G New Radio (NR) for V2X communications.
|
|
| 6. |
- Nowdehi, Nasser, 1986, et al.
(författare)
-
CASAD: CAN-Aware Stealthy-Attack Detection for In-Vehicle Networks
- 2019
-
Tidskriftsartikel (övrigt vetenskapligt/konstnärligt)abstract
- Nowadays, vehicles have complex in-vehicle networks (IVNs) with millions of lines of code controlling almost every function in the vehicle including safety-critical functions. It has recently been shown that IVNs are becoming increasingly vulnerable to cyber-attacks capable of taking control of vehicles, thereby threatening the safety of the passengers. Several countermeasures have been proposed in the literature in response to the arising threats, however, hurdle requirements imposed by the industry is hindering their adoption in practice. In particular, detecting attacks on IVNs is challenged by strict resource constraints and utterly complex communication patterns that vary even for vehicles of the same model. In addition, existing solutions suffer from two main drawbacks. First, they depend on the underlying vehicle configuration, and second, they are incapable of detecting certain attacks of a stealthy nature. In this paper, we propose CASAD, a CAN-Aware Stealthy-Attack Detection mechanism that does not abide by the strict specifications predefined for every vehicle model and addresses key real-world deployability challenges. Our fast, lightweight, and system-agnostic approach learns the normal behavior of IVN dynamics from historical data and detects deviations by continuously monitoring IVN traffic. We demonstrate the effectiveness of CASAD by conducting various experiments on a CAN bus prototype, a 2018 Volvo XC60, and publicly available data from two real vehicles. Our approach is experimentally shown to be effective against different attack scenarios, including the prompt detection of stealthy attacks, and has considerable potential applicability to real vehicles.
|
|
| 7. |
- Nowdehi, Nasser, 1986, et al.
(författare)
-
Experiences from Implementing the ETSI ITS SecuredMessage Service
- 2014
-
Ingår i: 2014 IEEE Intelligent Vehicles Symposium. June 8 - 11, 2014, Dearborn, Michigan, USA. - 9781479936373 ; , s. 1055-1060
-
Konferensbidrag (refereegranskat)abstract
- Cooperative intelligent transport systems supportingsecure vehicle to vehicle and vehicle to infrastructurecommunications, is becoming a very important topic. The aimof this paper is to share our experiences from implementingthe ETSI Intelligent Transport System (ITS) SecuredMessageand sign/verify services on an existing ETSI ITS communicationstack (ITSC). We have followed the new ETSI TS 103 097 v1.1.1standard when implementing the security services, and havemade our best to create a robust and secure implementation.Our goal has been to identify flaws and vulnerabilities in ourimplementation that are caused by weaknesses or deficienciesin the standard and in its description of services.We have then performed an analysis of the protocol, itsheaders and created test cases used to test our implementation.Several problems were found, and we have also repeated thetests with another, supposedly very stable implementation,provided by Fraunhofer FOKUS. To our surprise, this systemalso showed unexpected behavior as our system. We show thatthese problems are the result of weaknesses and complexitiesin the design of the standard.We present the problems found in our implementation andshow what part in the standard was causing the problems.We show that several problems in the standard, mainly dueto their complexity, open up for misinterpretation leadingto various types of implementation errors. We conclude thepaper with proposing changes to the standard to prevent otherimplementations from repeating the same mistakes.
|
|
| 8. |
- Nowdehi, Nasser, 1986, et al.
(författare)
-
Improving In-Vehicle Network Architectures Using Automated Partitioning Algorithms
- 2016
-
Ingår i: IEEE Vehicular Networking Conference, VNC. - 2157-9865 .- 2157-9857. ; 2016-January, s. 259 - 266
-
Konferensbidrag (refereegranskat)abstract
- Today's in-vehicle networks are divided into domains using "best engineering practice". However, as far as we are aware of, there are no existing tools that do this domain partitioning in an automated and optimal way. A strategy for designing in-vehicle networks is to group Electronic Control Units (ECUs) into domains so that each domain isolates a certain functionality and minimizes dependencies to other domains. In this paper, we use an automated partitioning algorithm and apply it to an in-vehicle network from a real, modern car, and we analyze the results from such an approach and compare it with the EVITA reference architecture. Different partitioning criteria can be used, and we investigate security domains based on both message types and on domains optimized to minimize inter-domain traffic. We show that our approach is very flexible and can identify meaningful in-vehicle network domains which are better than the EVITA domains with respect to communication, safety and security. We have also investigated the relationship between safety and security to see if security domains contradict or support partitions based on ASILs.
|
|
| 9. |
- Nowdehi, Nasser, 1986, et al.
(författare)
-
In-vehicle CAN message authentication: An evaluation based on industrial criteria
- 2017
-
Ingår i: IEEE Vehicular Technology Conference. - 1550-2252. ; 2017-September, s. 2413-2419
-
Konferensbidrag (refereegranskat)abstract
- Vehicles have evolved from mostly mechanical machines into devices controlled by an internal computer network consisting of more than 100 interconnected Electronic Control Units (ECUs). Moreover, modern vehicles communicate with external devices to enable new features, but these new communication facilities also expose safety-critical functions to security threats. As the most prevalent automotive bus, the Controller Area Network (CAN) bus is a prime target for attacks. Even though the computer security community has proposed several message authentication solutions to alleviate those threats, such solutions have not yet been widely adopted by the automotive industry. We have identified the most promising CAN message authentication solutions and provide a comprehensive overview of them. In order to investigate the lack of adoption of such solutions, we, together with industry experts, have identified five general requirements they must fulfill in order to be considered viable in industry. Based on those requirements, we analyze and evaluate the identified authentication solutions. We find that none of them meet all the requirements, and that backward compatibility and acceptable overhead are the biggest obstacles.
|
|
| 10. |
- Nowdehi, Nasser, 1986
(författare)
-
On Securing Vehicular Communications: Methods and Recommendations for Secure In-vehicle and Car2X Communications
- 2017
-
Licentiatavhandling (övrigt vetenskapligt/konstnärligt)abstract
- Today's vehicles contain approximately more than 100 interconnected computers (ECUs), several of which will be connected to the Internet or external devices and networks around the vehicle. In the near future vehicles will extensively communicate with their environment via Vehicle to Vehicle and Vehicle to Infrastructure (together called V2X) communications. Such level of connectivity enables car manufacturers to implement new entertainment systems and to provide safety features to decrease the number of road accidents. Moreover, authorities can deploy the traffic information provided by vehicular communications to improve the traffic management. Despite the great benefits that comes with vehicular communications, there are also risks associated with exposing a safety-critical integrated system to external networks. It has already been proved that vehicles can be remotely hacked and the safety critical functions such as braking system and steering wheel can be compromised to endanger the safety of passengers. This puts high demands on IT security and car manufacturers to secure vehicular communications. In this thesis, we propose methods and recommendations for improving the security of internal and external vehicular communications.The thesis is divided into two parts. In the first part, we identify weaknesses or deficiencies in the design of the ETSI V2X security standard and propose changes to fix the identified weaknesses or deficiencies. The second part of the thesis focuses on the security of the internal vehicular communications. First, in order to facilitate the implementation of security measures in in-vehicle networks, we propose an automated approach for grouping in-vehicle ECUs into domains based on different criteria. Then, we compare such an automatically generated in-vehicle network architecture with a reference architecture model to show that our approach is able to identify meaningful domains with better quality with respect to communication, safety and security. Finally, we seek to evaluate the applicability of existing CAN bus authentication solutions to a vehicular context. To this end, and in cooperation with industry, we have identified five critical requirements for an authentication solution to be used in such a context. We found that no authentication solution fulfilled all the requirements, something that indicates that the CAN bus may not be suitable for secure vehicular applications.
|
|
