The Internet has changed our lives whether we like it or not. This substantial global network was not built with security in mind at the design stage, but network security was later added to it as an afterthought. Hence, we use many network protocols and applications that are insecure, and we are trying to ‘fix’ them without an underlying security design.
This messy and unplanned scenario is made worse with high-speed networks like fibre broadband/5G and with the fast proliferation of IoT devices and sensors, the computer networks, be they wired or wireless, are made vulnerable to all forms of attacks. The advancement of vehicle technology to AVs (autonomous vehicles) is triggered by the rise of AI, 5G and the Internet of Things (IoT) which has led to the development of self-driving cars with advanced communications.
One of the latest innovations in the world today is driverless cars or autonomous vehicles (AVs) which have wireless networking, sensors, image/video processing of the camera outputs and smart artificial intelligence (AI) built into them, so that they can make intelligent decisions as they drive. AVs can generally perform better than a normal driver. Though the idea sounds fascinating and is now being tested and rolled out in some countries, the security challenges around such vehicles are many.
Imagine following such a car and capturing the wireless packets from the car and doing an active reconnaissance of the network communication happening within that car, whereby an attacker has the knowledge of addressing schemes and resources used. This can be the first step of many future attacks like malware attacks, man-in-the-middle attacks, denial of service attacks, ransomware attacks, spoofing attacks and Sybil attacks.
These vehicles use image recognition through deep learning to identify and classify images such as road signs, but this can be under attack. Slight alteration to images through spray paint can confuse the classifier. The use of multi-modal systems for image recognition can be a solution. The same goes with object detection using deep learning algorithms and semantic segmentation which can both be outwitted by adversarial attacks.
Voice and speech recognition can also be under attack through adversarial voice commands which can be sent to voice recognition systems. AVs use sensors to determine the condition of the environment like the radar system, Light Detection and Ranging (LiDAR), GPS, sonar, visual sensors, ultrasonic sensors, and trunk latch sensors. These sensors allow the autonomous vehicle to avoid collisions and perceive the environment. If these sensors are maliciously controlled or blinded through a DoS (Denial of Service) attack, the vehicle could cause a disastrous accident.
Light Detection and Ranging (LiDAR) systems in AVs measure the distance to a surrounding object using light signals which can also be exposed to spoofing attacks. This can interfere with and deceive the vehicle’s LiDAR system into ‘seeing’ obstacles that are non-existent.
As the world is moving toward connected vehicles, the threat that lurks behind them can be massive, like we see in a James Bond movie
or similar where such vehicles can be immobilized and controlled from outside to attack the dignitaries inside the vehicle. This can be an out-of-the-movie reality now.
The concerns about security issues have led to several research projects surveying and investigating the security issues associated with Vehicular ad hoc networks (VANET), Intelligent Traffic Systems (ITS), interconnected vehicles, and autonomous vehicles. Some of the countermeasures used in such scenarios are as follows.
- Dynamic watermarking is used to secure an AV from arbitrary sensor attacks on adaptive cruise control systems.
- A secure distributed algorithm for a platoon of autonomous vehicles was proposed, which can detect and mitigate an attack on the GPS data of a member vehicle and can generate a distributed control signal ensuring the vehicles can maintain the platoon under such attack.
- Remote controlling of AVs under cyberattacks is a mitigation technique when the exact velocity and position of a vehicle are known during the attack.
- A neural network-based model is proposed to authenticate electronic messages sent by Electronic Control Unit (ECU) through Controller Area Network (CAN) to ensure confidentiality and integrity.
There are various other similar research that is going on to protect and secure AVs and hopefully, in the near future, we will have fully secure AVs. So, the future is not all doom and gloom, there is hope.
Dr Biju Issac, Associate Professor (Networks and Security), Northumbria University, UK
