A Cross-Layer Defense Scheme for Edge Intelligence-Enabled CBTC Systems Against MitM Attacks

While communication-based train control (CBTC) systems play a crucial role in the efficient and reliable operation of urban rail transits, its high penetration level of communication networks opens doors to Man-in-the-Middle (MitM) attacks. Current researches regarding MitM attacks do not consider the characteristics of CBTC systems. Particularly, the limited computing capability of the on-board computers prevents the direct implementation of most existing intrusion detection and defense algorithms against the MitM attack. In order to tackle this dilemma, in this article, we first introduce edge intelligence (EI) into CBTC systems to enhance the computing capability of the system. A cross-layer defense scheme, which includes the detection and defense stages, are proposed next. For the cross-layer detection stage, we propose a Long Short-Term Memory (LSTM) and Support Vector Machine (SVM) based detection method to combine the detection probability calculated from the train control parameter sequence and operation log files. For the cross-layer defense stage, we construct a Bayesian game based defense model to derive the optimal defense policy against MitM attacks. To further improve the accuracy of the defense scheme as well as optimize the communication resource allocation scheme, we propose an optimal communication resource allocation scheme based on the Asynchronous Advantage Actor-Critic (A3C) algorithm at last. Extensive simulation results show that the proposed scheme achieves excellent performance in defending against MitM attacks.

[1]  Lingjia Liu,et al.  Train-Centric CBTC Meets Age of Information in Train-to-Train Communications , 2020, IEEE Transactions on Intelligent Transportation Systems.

[2]  Yan Zhang,et al.  Deep Reinforcement Learning for Cooperative Content Caching in Vehicular Edge Computing and Networks , 2020, IEEE Internet of Things Journal.

[3]  Ke Zhang,et al.  Edge Intelligence and Blockchain Empowered 5G Beyond for the Industrial Internet of Things , 2019, IEEE Network.

[4]  Li Zhu,et al.  Joint Security and QoS Provisioning in Train-Centric CBTC Systems Under Sybil Attacks , 2019, IEEE Access.

[5]  Yan Zhang,et al.  Artificial Intelligence Empowered Edge Computing and Caching for Internet of Vehicles , 2019, IEEE Wireless Communications.

[6]  Tao Tang,et al.  Enhancing Communication-Based Train Control Systems Through Train-to-Train Communications , 2019, IEEE Transactions on Intelligent Transportation Systems.

[7]  Zhu Han,et al.  Joint Optimization of Caching, Computing, and Radio Resources for Fog-Enabled IoT Using Natural Actor–Critic Deep Reinforcement Learning , 2019, IEEE Internet of Things Journal.

[8]  Ke Zhang,et al.  Artificial Intelligence Inspired Transmission Scheduling in Cognitive Vehicular Communications and Networks , 2019, IEEE Internet of Things Journal.

[9]  Ke Zhang,et al.  Deep Learning Empowered Task Offloading for Mobile Edge Computing in Urban Informatics , 2019, IEEE Internet of Things Journal.

[10]  Hongbo Zhu,et al.  Game Theoretical Multi-user Computation Offloading for Mobile-Edge Cloud Computing , 2019, 2019 IEEE Conference on Multimedia Information Processing and Retrieval (MIPR).

[11]  Thibault de Valroger Deep Random based Key Exchange protocol resisting unlimited MITM , 2018, Advances in Intelligent Systems and Computing.

[12]  Hongwei Wang,et al.  A Safety-Security Assessment Approach for Communication-Based Train Control (CBTC) Systems Based on the Extended Fault Tree , 2018, 2018 27th International Conference on Computer Communication and Networks (ICCCN).

[13]  Yan Zhang,et al.  Mobile Edge Computing: A Survey , 2018, IEEE Internet of Things Journal.

[14]  Yang Xiang,et al.  A survey on security control and attack detection for industrial cyber-physical systems , 2018, Neurocomputing.

[15]  Setareh Maghsudi,et al.  Mobile Edge Computation Offloading Using Game Theory and Reinforcement Learning , 2017, ArXiv.

[16]  Liang Xiao,et al.  Cloud-Based Malware Detection Game for Mobile Devices with Offloading , 2017, IEEE Transactions on Mobile Computing.

[17]  Dong Yue,et al.  Analysis of cyber physical systems security via networked attacks , 2017, 2017 36th Chinese Control Conference (CCC).

[18]  K. B. Letaief,et al.  A Survey on Mobile Edge Computing: The Communication Perspective , 2017, IEEE Communications Surveys & Tutorials.

[19]  Bo An,et al.  Optimal Personalized Defense Strategy Against Man-In-The-Middle Attack , 2017, AAAI.

[20]  Paul Tavolato,et al.  Detection of Man-in-the-Middle Attacks on Industrial Control Networks , 2016, 2016 International Conference on Software Security and Assurance (ICSSA).

[21]  Walid Saad,et al.  On bounded rationality in cyber-physical systems security: Game-theoretic analysis with application to smart grid protection , 2016, 2016 Joint Workshop on Cyber- Physical Security and Resilience in Smart Grids (CPSR-SG).

[22]  F. Richard Yu,et al.  Modeling of Radio Channels With Leaky Coaxial Cable for LTE-M Based CBTC Systems , 2016, IEEE Communications Letters.

[23]  Ing-Ray Chen,et al.  Modeling and Analysis of Attacks and Counter Defense Mechanisms for Cyber Physical Systems , 2016, IEEE Transactions on Reliability.

[24]  Peng Ning,et al.  Improving learning and adaptation in security games by exploiting information asymmetry , 2015, 2015 IEEE Conference on Computer Communications (INFOCOM).

[25]  Karen A. Scarfone,et al.  Guide to Industrial Control Systems (ICS) Security , 2015 .

[26]  Xu Chen,et al.  Decentralized Computation Offloading Game for Mobile Cloud Computing , 2014, IEEE Transactions on Parallel and Distributed Systems.

[27]  Tao Tang,et al.  Communication-Based Train Control (CBTC) Systems With Cooperative Relaying: Design and Performance Analysis , 2014, IEEE Transactions on Vehicular Technology.

[28]  Tao Tang,et al.  Design and Performance Enhancements in Communication-Based Train Control Systems With Coordinated Multipoint Transmission and Reception , 2014, IEEE Transactions on Intelligent Transportation Systems.

[29]  M. D. Bastow,et al.  Cyber security of the railway signalling & control system , 2014 .

[30]  Theodore Tryfonas,et al.  A game theoretic defence framework against DoS/DDoS cyber attacks , 2013, Comput. Secur..

[31]  Robert Babuska,et al.  Efficient Model Learning Methods for Actor–Critic Control , 2012, IEEE Transactions on Systems, Man, and Cybernetics, Part B (Cybernetics).

[32]  Alex Graves,et al.  Supervised Sequence Labelling , 2012 .

[33]  Ralph Langner,et al.  Stuxnet: Dissecting a Cyberwarfare Weapon , 2011, IEEE Security & Privacy.

[34]  Dongwon Kim,et al.  Enhanced ARP: preventing ARP poisoning-based man-in-the-middle attacks , 2010, IEEE Communications Letters.

[35]  Huan-Rong Tang,et al.  Wireless Intrusion Detection for defending against TCP SYN flooding attack and man-in-the-middle attack , 2009, 2009 International Conference on Machine Learning and Cybernetics.

[36]  Vallipuram Muthukkumarasamy,et al.  Detecting Man-in-the-Middle and Wormhole Attacks in Wireless Mesh Networks , 2009, 2009 International Conference on Advanced Information Networking and Applications.

[37]  Xiaoxin Qiu,et al.  On the performance of adaptive modulation in cellular systems , 1999, IEEE Trans. Commun..