Behavior Analysis for Safety and Security in Automotive Systems

The connection of automotive systems with other systems such as road-side units, other vehicles, and various servers in the Internet opens up new ways for attackers to remotely access safety relevant subsystems within connected cars. The security of connected cars and the whole vehicular ecosystem is thus of utmost importance for consumer trust and acceptance of this emerging technology. This paper describes an approach for on-board detection of unanticipated sequences of events in order to identify suspicious activities. The results show that this approach is fast enough for in-vehicle application at runtime. Several behavior models and synchronization strategies are analyzed in order to narrow down suspicious sequences of events to be sent in a privacy respecting way to a global security operations center for further in-depth analysis.

[1]  Maria Zhdanova,et al.  Security Compliance Tracking of Processes in Networked Cooperating Systems , 2015, J. Wirel. Mob. Networks Ubiquitous Comput. Dependable Appl..

[2]  Bernhard Seeger,et al.  JEPC: The Java Event Processing Connectivity , 2013, Datenbank-Spektrum.

[3]  Jana Dittmann,et al.  Security threats to automotive CAN networks - Practical examples and selected short-term countermeasures , 2008, Reliab. Eng. Syst. Saf..

[4]  Luigi Coppolino,et al.  Security and Reliability Requirements for Advanced Security Event Management , 2012, MMM-ACNS.

[5]  David Luckham,et al.  The power of events - an introduction to complex event processing in distributed enterprise systems , 2002, RuleML.

[6]  Karsten Schmidt,et al.  Adapted Development Process for Security in Networked Automotive Systems , 2014 .

[7]  Wil M. P. van der Aalst,et al.  Conformance checking of processes based on monitoring real behavior , 2008, Inf. Syst..

[8]  Andrew Y. Ng,et al.  Zero-Shot Learning Through Cross-Modal Transfer , 2013, NIPS.

[9]  Marco Montali,et al.  Monitoring Business Constraints with Linear Temporal Logic: An Approach Based on Colored Automata , 2011, BPM.

[10]  Je-Won Kang,et al.  Intrusion Detection System Using Deep Neural Network for In-Vehicle Network Security , 2016, PloS one.

[11]  Matti Valovirta,et al.  Experimental Security Analysis of a Modern Automobile , 2011 .

[12]  Wil M. P. van der Aalst,et al.  Process Mining - Discovery, Conformance and Enhancement of Business Processes , 2011 .

[13]  C. Petri Kommunikation mit Automaten , 1962 .

[14]  Panagiotis Papadimitratos,et al.  Secure vehicular communication systems: implementation, performance, and research challenges , 2008, IEEE Communications Magazine.

[15]  Chun-Hung Richard Lin,et al.  Intrusion detection system: A comprehensive review , 2013, J. Netw. Comput. Appl..

[16]  Antonio F. Gómez-Skarmeta,et al.  A complex event processing approach to detect abnormal behaviours in the marine environment , 2016, Inf. Syst. Frontiers.

[17]  Roland Rieke,et al.  Predictive Security Analysis for Event-Driven Processes , 2010, MMM-ACNS.

[18]  Maria Zhdanova,et al.  Monitoring Security Compliance of Critical Processes , 2014, 2014 22nd Euromicro International Conference on Parallel, Distributed, and Network-Based Processing.

[19]  Felix C. Freiling,et al.  A structured approach to anomaly detection for in-vehicle networks , 2010, 2010 Sixth International Conference on Information Assurance and Security.

[20]  Wil M. P. van der Aalst,et al.  Workflow mining: discovering process models from event logs , 2004, IEEE Transactions on Knowledge and Data Engineering.

[21]  D.K. Nilsson,et al.  An approach to specification-based attack detection for in-vehicle networks , 2008, 2008 IEEE Intelligent Vehicles Symposium.

[22]  Tao Zhang,et al.  Defending Connected Vehicles Against Malware: Challenges and a Solution Framework , 2014, IEEE Internet of Things Journal.