Vulnerability Analysis of Traffic Control System
We investigate the vulnerability of traffic control system in a connected environment, where four typical elements including signal controllers, vehicle detectors, roadside units (RSUs), and onboard units (OBUs) are identified as the attack surfaces. We focused on attacking actuated and adaptive signal control systems by sending falsified data, which is considered as an indirect but realistic attack approach. The objective of an attacker is to maximize system delay with constraints such as budget and attack intensity. Check out my invited paper on Roads & Bridges Magazine! Related publications: vulnerability analysis (TRR), white-box attack (NDSS 18'), black-box attack (AutoSec @ NDSS 21', Best Paper Award!) |
Defense Solution based on Anomaly Detection
We look at the defense solutions by developing a trajectory-based hierarchical defense (TBHD) model to detect misbehaviors. The defense model consider. Te TBHD model consists of multiple hierarchies. Level 1 is a pointwise checking that checks if data elements in the received BSMs fall within their feasible ranges. Level 2 is a multiple-point checking that checks if the consecutive BSMs of one CV obey the laws of physics. Level 3 is a multiple-trajectory checking that checks if two CVs’ trajectories overlap with each other. Level 4 borrows methods from natural language processing (NLP) to cluster vehicle trajectories based on a robust crowd-sourcing scoring system.
Related publications: Trajectory Anomaly Detection (2nd Review, Trans. Res. Part C) |
Cyber Security Testing Platform for Traffic Control System
We build a testing platform which integrate attack services and defense services to test cyber security problems of the traffic control system. The platform is built based on Mcity test facility at University of Michigan. A simulated Mcity is constructed in VISSIM, which is responsible for generating virtual traffic. Roadside Units (RSUs) in the test facility are utilize to build a connected vehicle environment with DSRC communication network. The RSUs are also used to emulate V2V communication and compromised CVs (i.e., attackers). The signal control system and the defense model are running in a Linux virtual machine to mimic real-world deployment. Related publications: TSCS Cybersecurity Overview (Under Review, IEEE ITS) |