As autonomous driving technologies evolve, an in-vehicle network connecting numerous sensors, actuators, and electric control units (ECUs) has become increasingly important and has led to the critical need for ensuring the security of these networks. These ECUs and vehicle components in an in-vehicle network require a more reliable and fast data transport protocol than those in ordinary computer communication. To meet these requirements, the controller area network (CAN) protocol is used in which a CAN frame containing a small payload related to the state and control of a vehicle is sent. Because the CAN protocol broadcasts unencrypted messages to the bus, it is exposed to many security threats and vulnerabilities. In particular, a network can be easily compromised by attacks such as denial-of-service (DoS), fuzzy attacks, and spoofing as long as the attacker can access the CAN network. In this study, we develop a novel deep convolutional neural network (DCNN)-based attack detection technique for CAN. Specifically, we use two key characteristics that can be obtained by observing CAN traffic flows. The first is the statistical distribution of CAN frame appearances per unit time, and the second is the average interarrival time (IAT) of the CAN frames. These characteristics are measured at different levels of time granularity and are aggregated to constitute traffic samples for DCNN-based attack detection. By processing these samples and inputting them into the DCNN, we can determine the presence or absence of an attack during each time interval in real time. Because the proposed method utilizes statistical characteristics at different levels of time granularity, it can effectively detect attacks performed in both wide and narrow time intervals.
KEYWORDS: Network security, Information security, Defense and security, Computer security, Network architectures, Defense technologies, Control systems, Defense systems
Moving target defense (MTD) is an emerging defense principle that aims to dynamically change attack surface to confuse attackers. By dynamic reconfiguration, MTD intends to invalidate the attacker's intelligence or information collection during reconnaissance, resulting in wasted resources and high attack cost/complexity for the attacker. One of the key merits of MTD is its capability to offer 'affordable defense,' by working with legacy defense mechanisms, such as intrusion detection systems (IDS) or other cryptographic mechanisms. On the other hand, a well-known drawback of MTD is the additional overhead, such as reconfiguration cost and/or potential interruptions of service availability to normal users. In this work, we aim to develop a highly secure, resilient, and affordable MTD-based proactive defense mechanism, which achieves multiple objectives of minimizing system security vulnerabilities and defense cost while maximizing service availability. To this end, we propose a multi-agent Deep Reinforcement Learning (mDRL)-based network slicing technique that can help determine two key resource management decisions: (1) link bandwidth allocation to meet Quality-of-Service requirements and (2) the frequency of triggering IP shuffling as an MTD operation not to hinder service availability by maintaining normal system operations. Specifically, we apply this strategy in an in-vehicle network that uses software-defined networking (SDN) technology to deploy the IP shuffling-based MTD, which dynamically changes IP addresses assigned to electronic control unit (ECU) nodes to introduce uncertainty or confusion for attackers.
Although the concept of non-line-of-sight (NLOS) ultraviolet (UV) communications has been studied for decades,
recent advances in the design and manufacturing of light-emitting diodes, filters, and sensors have ignited new
interest. In this paper, we discuss a Monte Carlo channel model for NLOS UV communications that accounts
for the possibility that a transmitted photon experiences multiple scattering events before being received. By
simulating the propagation of many photons based on probabilistic rules derived from physics considerations, a
computationally efficient algorithm is obtained that allows for the study of the contribution of various orders of
scattering to the received signal and to the system impulse response function. We then demonstrate the use of
this channel model in the exploration of several system configurations. In particular, we examine the effect of
the transmitter beam shape and receiver sensitivity function on the faithfulness of a well-known linear model
of path loss versus distance for short-range NLOS UV systems, and we explore geometry design for interference
reduction in a full-duplex link. The use of the model to study such diverse system implementations demonstrates
its general applicability.
Access to the requested content is limited to institutions that have purchased or subscribe to SPIE eBooks.
You are receiving this notice because your organization may not have SPIE eBooks access.*
*Shibboleth/Open Athens users─please
sign in
to access your institution's subscriptions.
To obtain this item, you may purchase the complete book in print or electronic format on
SPIE.org.
INSTITUTIONAL Select your institution to access the SPIE Digital Library.
PERSONAL Sign in with your SPIE account to access your personal subscriptions or to use specific features such as save to my library, sign up for alerts, save searches, etc.