Securing Intelligent Transportation Systems against Spoofing Attacks
Overview
An intelligent transportation system (ITS) is a system of vehicles and infrastructure that exchange information in real time and make decisions fully or partially automatically. The operations of ITS heavily rely on data collection and transmission, which is subject to prevalent remote and/or on-site attacks. Actual incidents have been reported where hackers spoofed traffic sensor data or created phantom traffic jams in navigation apps. It is hard to deterministically predict when a component will be attacked, and which component will be attacked. Therefore, appropriate proactive and/or responsive mechanisms should be designed to enable ITS to tolerate a certain level of attacks.
Game theory is a powerful tool for security risk analysis that has been extensively used in various engineering systems, and game-theoretic approaches have been applied to studying the security of routing in transportation and communications. This project will be the basis for a synthesis of game theory and queuing theory, essential for capturing the interaction between the queuing dynamics and players decisions, in order to protect the ITS system from spoofing and attacks.
Research Objectives & Deliverables
This project evaluates the cyber-physical security risk of ITS and designs recovery plans and resilient control algorithms in the face of strategic attacks on sensing components. The specific questions to be addressed include:
- How to quantify the security risk (in terms of throughput loss or travel delay) of ITS due to strategic sensing attacks that happen at random times and random locations,=
- How to allocate limited resources for recovery of compromised sensing components
- How to design algorithms that fully or partially protect feedback ITS control capabilities from sensing attacks
This project will study the evolution of network flows under the influence of sensing attacks based on the stochastic stability theory of Markov chains as well as the queuing theory. The equilibrium strategies of the attackers and the SO, will be characterized and the risk will be quantified. This project will study the resilience score of various routing policies, including the shortest-queue policy, the round-robin policy, and open-loop policies. The project will particularly focus on quantifying the incentive of launching attacks and designing secure-by- design mechanisms. The longer-term (3-5 years) plan for this research is to synthesize the idea of learning-based methods with the results from this research to design secure control strategies that are adaptive to the non- stationarities in system dynamics; learning-based methods are also relevant in security games with incomplete information.
The deliverables for this project will be:
- One research paper submitted to IEEE Transactions on Control of Networked Systems, with an emphasis on the theoretical foundation
- One research paper submitted to Transportation Research Part C, with an emphasis on the application in ride sharing
- A final report including a tutorial on risk analysis methodology for ITSs
- A workshop that introduces the expected products to professionals from NYCDOT and faculty/students at the Center.
Project Details
Principal Investigator | Li Jin |
Co-Principal Investigator | |
Funding Source | Request from C2SMART: $63,608 Cost share from NYU: $35,000 |
Total Project Cost | $98,989 |
USDOT Award # | 69A3551747124 |
3/1/2020 – 2/28/2021 | |
Implementation of Research Outcomes | The expected product can be directly used to evaluate the security risk of a broad class of ITS and to design protection/ detection/ mitigation mechanisms in response to cyber security threats. Specific applications include ride-sharing systems, public transit, and supply chains. |
Impacts/Benefits of Implementation | State-of-the-art ITS deployments have very limited secure-by-design features and are thus vulnerable to a variety of cyber security failures. Implementation of our products will enable ITS operators to identify vulnerable components, to efficiently allocate security resources, and to mitigate the impact of security failures. If successful, the outcomes can directly support deployment and operations of ITS. Trip advisory providers, transportation agencies, and the public are in general concerned with the security of ITS that heavily relies on data, and the outcomes of this research are directly relevant for this concern. Our modeling and analysis approach for strategic sensing attacks can be extended to other civil infrastructure systems, e.g. transit/rail, smart grid, and gas networks. We will discuss and transfer the knowledge and products resulting from this project to the New York City/State Department of Transportation via the existing channels at our C2SMART Center, including workshops, short-term courses, and symposia. |