Graphical security modelling for Autonomous Vehicles: A novel approach to threat analysis and defence evaluation

IF 5.4 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS Computers & Security Pub Date : 2025-03-01 Epub Date: 2024-11-30 DOI:10.1016/j.cose.2024.104229

Nhung H. Nguyen , Mengmeng Ge , Jin-Hee Cho , Terrence J. Moore , Seunghyun Yoon , Hyuk Lim , Frederica Nelson , Guangdong Bai , Dan Dongseong Kim

{"title":"Graphical security modelling for Autonomous Vehicles: A novel approach to threat analysis and defence evaluation","authors":"Nhung H. Nguyen , Mengmeng Ge , Jin-Hee Cho , Terrence J. Moore , Seunghyun Yoon , Hyuk Lim , Frederica Nelson , Guangdong Bai , Dan Dongseong Kim","doi":"10.1016/j.cose.2024.104229","DOIUrl":null,"url":null,"abstract":"<div><div>Autonomous Vehicles (AVs) integrate numerous control units, network components, and protocols to operate effectively and interact with their surroundings, such as pedestrians and other vehicles. While these technologies enhance vehicle capabilities and enrich the driving experience, they also introduce new attack surfaces, making AVs vulnerable to cyber-attacks. Such cyber-attacks can lead to severe consequences, including traffic disruption and even threats to human life. Security modelling is crucial to safeguarding AVs as it enables the simulation and analysis of an AV’s security before any potential attacks. However, the existing research on AV security modelling methods for analysing security risks and evaluating the effectiveness of security measures remains limited. In this work, we introduce a novel graphical security model and metrics to assess the security of AV systems. The proposed model utilizes initial network information to build attack graphs and attack trees at different layers of network depth. From this, various metrics are automatically calculated to analyse the security and safety of the AV network. The proposed model is designed to identify potential attack paths, analyse security and safety with precise metrics, and evaluate various defence strategies. We demonstrate the effectiveness of our framework by applying it to two AV networks and distinct AV attack scenarios, showcasing its capability to enhance the security of AVs.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"150 ","pages":"Article 104229"},"PeriodicalIF":5.4000,"publicationDate":"2025-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computers & Security","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0167404824005352","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"2024/11/30 0:00:00","PubModel":"Epub","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

Autonomous Vehicles (AVs) integrate numerous control units, network components, and protocols to operate effectively and interact with their surroundings, such as pedestrians and other vehicles. While these technologies enhance vehicle capabilities and enrich the driving experience, they also introduce new attack surfaces, making AVs vulnerable to cyber-attacks. Such cyber-attacks can lead to severe consequences, including traffic disruption and even threats to human life. Security modelling is crucial to safeguarding AVs as it enables the simulation and analysis of an AV’s security before any potential attacks. However, the existing research on AV security modelling methods for analysing security risks and evaluating the effectiveness of security measures remains limited. In this work, we introduce a novel graphical security model and metrics to assess the security of AV systems. The proposed model utilizes initial network information to build attack graphs and attack trees at different layers of network depth. From this, various metrics are automatically calculated to analyse the security and safety of the AV network. The proposed model is designed to identify potential attack paths, analyse security and safety with precise metrics, and evaluate various defence strategies. We demonstrate the effectiveness of our framework by applying it to two AV networks and distinct AV attack scenarios, showcasing its capability to enhance the security of AVs.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

自动驾驶汽车的图形安全建模：一种新的威胁分析和防御评估方法

自动驾驶汽车（AVs）集成了众多控制单元、网络组件和协议，以有效运行并与周围环境（如行人和其他车辆）交互。虽然这些技术增强了车辆的性能，丰富了驾驶体验，但它们也引入了新的攻击面，使自动驾驶汽车容易受到网络攻击。这样的网络攻击会导致严重的后果，包括交通中断，甚至威胁到人类的生命。安全建模对于保护自动驾驶汽车至关重要，因为它可以在任何潜在攻击之前模拟和分析自动驾驶汽车的安全性。然而，现有的AV安全建模方法在分析安全风险和评估安全措施有效性方面的研究仍然有限。在这项工作中，我们引入了一种新的图形安全模型和度量来评估AV系统的安全性。该模型利用初始网络信息在不同的网络深度层构建攻击图和攻击树。以此为基础，自动计算各种指标来分析AV网络的安全性。该模型旨在识别潜在的攻击路径，用精确的度量分析安全性，并评估各种防御策略。我们通过将该框架应用于两个自动驾驶汽车网络和不同的自动驾驶汽车攻击场景来证明其有效性，展示了其增强自动驾驶汽车安全性的能力。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

Computers & Security 工程技术-计算机：信息系统

CiteScore

12.40

自引率

7.10%

发文量

365

审稿时长

10.7 months

期刊介绍： Computers & Security is the most respected technical journal in the IT security field. With its high-profile editorial board and informative regular features and columns, the journal is essential reading for IT security professionals around the world. Computers & Security provides you with a unique blend of leading edge research and sound practical management advice. It is aimed at the professional involved with computer security, audit, control and data integrity in all sectors - industry, commerce and academia. Recognized worldwide as THE primary source of reference for applied research and technical expertise it is your first step to fully secure systems.