Hoppa till huvudinnehållet
Till KTH:s startsida Till KTH:s startsida

AVESTA

Attacking Vehicular Communications: Road-Map towards Secure Intelligent Transportation Systems (AVESTA)

AVESTA

AVESTA is a project approved within the Mobility for Growth program entitled VINNMER Marie Curie Incoming, with a duration of 2 years and a starting date September 2014.

The project is co-funded by VINNOVA, a Swedish-based organization, and the EU through the Marie Curie Actions FP7-PEOPLE-2011-COFUND (GROWTH 291795)

Summary

For many years, researchers, car manufacturers, and politicians have dreamt a new technology that will make traveling by car safer, faster and “greener”. Towards this direction, vehicles are becoming more automated (featuring powerful embedded devices) and wirelessly connected to other vehicles and Road-Side Units, creating an Intelligent Transportation System (ITS) [1, 2]. This is a promising solution for enhancing citizens’ road safety and traffic efficiency and is widely accepted by involved stakeholders and legislators. However, exposing the (previously) closed in-vehicle networks to, potentially dangerous, external traffic can be devastating because it exposes the “vehicle” to remote attackers.

The proposed project addresses this challenge: it will identify vulnerabilities, that can be exploited by an adversary to intrude standalone vehicles and C2X communications, by mapping the most important existing malware threats and investigating in depth their applicability in ITS. It will then implement novel intrusion methods from an attacker’s point of view. This, in turn, will lead to the design and implementation of novel detection & prevention countermeasures, as well as, the provision of a more generic and comprehensive security architecture to be deployed with forthcoming ITS prototypes (irrespective of the underlying platforms and hardware used). The project integrates technologies that cut across many diverse sectors, e.g., wireless, embedded microcontrollers, and thus the produced results could benefit European researchers in these important areas.

Objectives

  • Vulnerability Assessment (VA) and exploitation/attack implementation against VC networks.
    • Vulnerability assessment of VC networks by identifying applicable malware and investigating their impact on the system functionality. This will result in a mapping of the attack surface of such networks, and consequently ITS, with the most important types of insider threats; malware, software-based vulnerabilities, dynamic memory errors, code injection, cross-site scripting, etc.
    • Creation of an exploit database containing implementation instances of the identified exploits; both existing and novel ones. The important differences, between ITS and other types of systems and networks (in terms of underlying platforms protocol stacks, etc.), can significantly limit applicability of existing exploits. Therefore, best ways to launch them should be explored from scratch.
    • Implementation of first instances of sophisticated attack tools that allow both inspection of an ITS network functionality as well as discharge of various novel attacks against it (i.e., AVESTA Sniffer and Attack Tool).
    • Exploration of the possibility to affect the in-vehicle network and ECUs through the remote intrusion of the on-board units. This will not involve any immediate physical compromise (e.g., plug-in) of the target vehicle. Evaluation of the impact of implemented exploits on the existing in-vehicle communication interfaces between these two types of embedded devices.
  • Provision of a versatile security architecture that will conform with the commonly identified, in the ICT sector, security and privacy criteria and can be easily enhanced with patches against specific attacks.
    • Design of appropriate detection and prevention countermeasures (alongside and intrusion detection framework) that can work as patches against produced exploits. Vital to the success of such countermeasures is that they must implement lightweight algorithms and mechanisms in order not to burden on-board units, as they need to react and send signals quickly in potential dangerous road situations.

Publications (to come...)

News

1. Project to start on September 1st, 2014

Profilbild av Athanasios Giannetsos