Visible to the public Biblio

Found 316 results

Filters: Keyword is Sensors  [Clear All Filters]
2020-09-28
Madhan, E.S., Ghosh, Uttam, Tosh, Deepak K., Mandal, K., Murali, E., Ghosh, Soumalya.  2019.  An Improved Communications in Cyber Physical System Architecture, Protocols and Applications. 2019 16th Annual IEEE International Conference on Sensing, Communication, and Networking (SECON). :1–6.
In recent trends, Cyber-Physical Systems (CPS) and Internet of Things interpret an evolution of computerized integration connectivity. The specific research challenges in CPS as security, privacy, data analytics, participate sensing, smart decision making. In addition, The challenges in Wireless Sensor Network (WSN) includes secure architecture, energy efficient protocols and quality of services. In this paper, we present an architectures of CPS and its protocols and applications. We propose software related mobile sensing paradigm namely Mobile Sensor Information Agent (MSIA). It works as plug-in based for CPS middleware and scalable applications in mobile devices. The working principle MSIA is acts intermediary device and gathers data from a various external sensors and its upload to cloud on demand. CPS needs tight integration between cyber world and man-made physical world to achieve stability, security, reliability, robustness, and efficiency in the system. Emerging software-defined networking (SDN) can be integrated as the communication infrastructure with CPS infrastructure to accomplish such system. Thus we propose a possible SDN-based CPS framework to improve the performance of the system.
Butun, Ismail, Österberg, Patrik, Gidlund, Mikael.  2019.  Preserving Location Privacy in Cyber-Physical Systems. 2019 IEEE Conference on Communications and Network Security (CNS). :1–6.
The trending technological research platform is Internet of Things (IoT)and most probably it will stay that way for a while. One of the main application areas of IoT is Cyber-Physical Systems (CPSs), in which IoT devices can be leveraged as actuators and sensors in accordance with the system needs. The public acceptance and adoption of CPS services and applications will create a huge amount of privacy issues related to the processing, storage and disclosure of the user location information. As a remedy, our paper proposes a methodology to provide location privacy for the users of CPSs. Our proposal takes advantage of concepts such as mix-zone, context-awareness, and location-obfuscation. According to our best knowledge, the proposed methodology is the first privacy-preserving location service for CPSs that offers adaptable privacy levels related to the current context of the user.
Chen, Yuqi, Poskitt, Christopher M., Sun, Jun.  2018.  Learning from Mutants: Using Code Mutation to Learn and Monitor Invariants of a Cyber-Physical System. 2018 IEEE Symposium on Security and Privacy (SP). :648–660.
Cyber-physical systems (CPS) consist of sensors, actuators, and controllers all communicating over a network; if any subset becomes compromised, an attacker could cause significant damage. With access to data logs and a model of the CPS, the physical effects of an attack could potentially be detected before any damage is done. Manually building a model that is accurate enough in practice, however, is extremely difficult. In this paper, we propose a novel approach for constructing models of CPS automatically, by applying supervised machine learning to data traces obtained after systematically seeding their software components with faults ("mutants"). We demonstrate the efficacy of this approach on the simulator of a real-world water purification plant, presenting a framework that automatically generates mutants, collects data traces, and learns an SVM-based model. Using cross-validation and statistical model checking, we show that the learnt model characterises an invariant physical property of the system. Furthermore, we demonstrate the usefulness of the invariant by subjecting the system to 55 network and code-modification attacks, and showing that it can detect 85% of them from the data logs generated at runtime.
Gawanmeh, Amjad, Alomari, Ahmad.  2018.  Taxonomy Analysis of Security Aspects in Cyber Physical Systems Applications. 2018 IEEE International Conference on Communications Workshops (ICC Workshops). :1–6.
The notion of Cyber Physical Systems is based on using recent computing, communication, and control methods to design and operate intelligent and autonomous systems that can provide using innovative technologies. The existence of several critical applications within the scope of cyber physical systems results in many security and privacy concerns. On the other hand, the distributive nature of these CPS increases security risks. In addition, certain CPS, such as medical ones, generate and process sensitive data regularly, hence, this data must be protected at all levels of generation, processing, and transmission. In this paper, we present a taxonomy based analysis for the state of the art work on security issues in CPS. We identify four types of analysis for security issues in CPS: Modeling, Detection, Prevention, and Response. In addition, we identified six applications of CPS where security is relevant: eHealth and medical, smart grid and power related, vehicular technologies, industrial control and manufacturing, autonomous systems and UAVs, and finally IoT related issues. Then we mapped existing works in the literature into these categories.
Dong, Guishan, Chen, Yuxiang, Fan, Jia, Liu, Dijun, Hao, Yao, Wang, Zhen.  2018.  A Privacy-User-Friendly Scheme for Wearable Smart Sensing Devices Based on Blockchain. 2018 IEEE 15th International Conference on Mobile Ad Hoc and Sensor Systems (MASS). :481–486.
Wearable smart sensing devices presently become more and more popular in people's daily life, which also brings serious problems related to personal data privacy. In order to provide users better experiences, wearable smart sensing devices are collecting users' personal data all the time and uploading the data to service provider to get computing services, which objectively let service provider master each user's condition and cause a lot of problems such as spam, harassing call, etc. This paper designs a blockchain based scheme to solve such problems by cutting off the association between user identifier and its sensing data from perspective of shielding service providers and adversaries. Firstly, privacy requirements and situations in smart sensing area are reviewed. Then, three key technologies are introduced in the scheme including its theories, purposes and usage. Next, the designed protocol is shown and analyzed in detail. Finally, security analysis and engineering feasibility of the scheme are given. This scheme will give user better experience from privacy protection perspective in smart sensing area.
2020-09-21
Kovach, Nicholas S., Lamont, Gary B..  2019.  Trust and Deception in Hypergame Theory. 2019 IEEE National Aerospace and Electronics Conference (NAECON). :262–268.
Hypergame theory has been used to model advantages in decision making. This research provides a formal representation of deception to further extend the hypergame model. In order to extend the model, we propose a hypergame theoretic framework based on temporal logic to model decision making under the potential for trust and deception. Using the temporal hypergame model, the concept of trust is defined within the constraints of the model. With a formal definition of trust in hypergame theory, the concepts of distrust, mistrust, misperception, and deception are then constructed. These formal definitions are then applied to an Attacker-Defender hypergame to show how the deception within the game can be formally modeled; the model is presented. This demonstrates how hypergame theory can be used to model trust, mistrust, misperception, and deception using a formal model.
2020-09-18
Sureka, N., Gunaseelan, K..  2019.  Detection Defense against Primary User Emulation Attack in Dynamic Cognitive Radio Networks. 2019 Fifth International Conference on Science Technology Engineering and Mathematics (ICONSTEM). 1:505—510.
Cognitive radio is a promising technology that intends on solving the spectrum scarcity problem by allocating free spectrum dynamically to the unlicensed Secondary Users (SUs) in order to establish coexistence between the licensed Primary User (PU) & SUs, without causing any interference to the incumbent transmission. Primary user emulation attack (PUEA) is one such major threat posed on spectrum sensing, which decreases the spectrum access probability. Detection and defense against PUEA is realized using Yardstick based Threshold Allocation technique (YTA), by assigning threshold level to the base station thereby efficiently enhancing the spectrum sensing ability in a dynamic CR network. The simulation is performed using NS2 and analysis by using X-graph. The results shows minimum interference to primary transmissions by letting SUs spontaneously predict the prospective spectrum availability and aiding in effective prevention of potential emulation attacks along with proficient improvement of throughput in a dynamic cognitive radio environment.
2020-09-14
Chandrala, M S, Hadli, Pooja, Aishwarya, R, Jejo, Kevin C, Sunil, Y, Sure, Pallaviram.  2019.  A GUI for Wideband Spectrum Sensing using Compressive Sampling Approaches. 2019 10th International Conference on Computing, Communication and Networking Technologies (ICCCNT). :1–6.
Cognitive Radio is a prominent solution for effective spectral resource utilization. The rapidly growing device to device (D2D) communications and the next generation networks urge the cognitive radio networks to facilitate wideband spectrum sensing in order to assure newer spectral opportunities. As Nyquist sampling rates are formidable owing to complexity and cost of the ADCs, compressive sampling approaches are becoming increasingly popular. One such approach exploited in this paper is the Modulated Wideband Converter (MWC) to recover the spectral support. On the multiple measurement vector (MMV) framework provided by the MWC, threshold based Orthogonal Matching Pursuit (OMP) and Sparse Bayesian Learning (SBL) algorithms are employed for support recovery. We develop a Graphical User Interface (GUI) that assists a beginner to simulate the RF front-end of a MWC and thereby enables the user to explore support recovery as a function of Signal to Noise Ratio (SNR), number of measurement vectors and threshold. The GUI enables the user to explore spectrum sensing in DVB-T, 3G and 4G bands and recovers the support using OMP or SBL approach. The results show that the performance of SBL is better than that of OMP at a lower SNR values.
Anselmi, Nicola, Poli, Lorenzo, Oliveri, Giacomo, Rocca, Paolo, Massa, Andrea.  2019.  Dealing with Correlation and Sparsity for an Effective Exploitation of the Compressive Processing in Electromagnetic Inverse Problems. 2019 13th European Conference on Antennas and Propagation (EuCAP). :1–4.
In this paper, a novel method for tomographic microwave imaging based on the Compressive Processing (CP) paradigm is proposed. The retrieval of the dielectric profiles of the scatterers is carried out by efficiently solving both the sampling and the sensing problems suitably formulated under the first order Born approximation. Selected numerical results are presented in order to show the improvements provided by the CP with respect to conventional compressive sensing (CSE) approaches.
2020-09-04
Shi, Yang, Zhang, Qing, Liang, Jingwen, He, Zongjian, Fan, Hongfei.  2019.  Obfuscatable Anonymous Authentication Scheme for Mobile Crowd Sensing. IEEE Systems Journal. 13:2918—2929.

Mobile crowd sensing (MCS) is a rapidly developing technique for information collection from the users of mobile devices. This technique deals with participants' personal information such as their identities and locations, thus raising significant security and privacy concerns. Accordingly, anonymous authentication schemes have been widely considered for preserving participants' privacy in MCS. However, mobile devices are easy to lose and vulnerable to device capture attacks, which enables an attacker to extract the private authentication key of a mobile application and to further invade the user's privacy by linking sensed data with the user's identity. To address this issue, we have devised a special anonymous authentication scheme where the authentication request algorithm can be obfuscated into an unintelligible form and thus the authentication key is not explicitly used. This scheme not only achieves authenticity and unlinkability for participants, but also resists impersonation, replay, denial-of-service, man-in-the-middle, collusion, and insider attacks. The scheme's obfuscation algorithm is the first obfuscator for anonymous authentication, and it satisfies the average-case secure virtual black-box property. The scheme also supports batch verification of authentication requests for improving efficiency. Performance evaluations on a workstation and smart phones have indicated that our scheme works efficiently on various devices.

2020-08-28
Brinkman, Bo.  2012.  Willing to be fooled: Security and autoamputation in augmented reality. 2012 IEEE International Symposium on Mixed and Augmented Reality - Arts, Media, and Humanities (ISMAR-AMH). :89—90.

What does it mean to trust, or not trust, an augmented reality system? Froma computer security point of view, trust in augmented reality represents a real threat to real people. The fact that augmented reality allows the programmer to tinker with the user's senses creates many opportunities for malfeasance. It might be natural to think that if we warn users to be careful it will lower their trust in the system, greatly reducing risk.

2020-08-13
Yang, Xudong, Gao, Ling, Wang, Hai, Zheng, Jie, Guo, Hongbo.  2019.  A Semantic k-Anonymity Privacy Protection Method for Publishing Sparse Location Data. 2019 Seventh International Conference on Advanced Cloud and Big Data (CBD). :216—222.

With the development of location technology, location-based services greatly facilitate people's life . However, due to the location information contains a large amount of user sensitive informations, the servicer in location-based services published location data also be subject to the risk of privacy disclosure. In particular, it is more easy to lead to privacy leaks without considering the attacker's semantic background knowledge while the publish sparse location data. So, we proposed semantic k-anonymity privacy protection method to against above problem in this paper. In this method, we first proposed multi-user compressing sensing method to reconstruct the missing location data . To balance the availability and privacy requirment of anonymity set, We use semantic translation and multi-view fusion to selected non-sensitive data to join anonymous set. Experiment results on two real world datasets demonstrate that our solution improve the quality of privacy protection to against semantic attacks.

Kim, MyeongHyun, Lee, JoonYoung, Yu, SungJin, Park, KiSung, Park, YoHan, Park, YoungHo.  2019.  A Secure Authentication and Key Establishment Scheme for Wearable Devices. 2019 28th International Conference on Computer Communication and Networks (ICCCN). :1—2.
With the rapid development of micro-electronics and Information and Communication Technology (ICT), users can utilize various service such as Internet of Things(IoT), smart-healthcare and smart-home using wearable devices. However, the sensitive information of user are revealed by attackers because the medical services are provided through open channel. Therefore, secure mutual authentication and key establishment are essential to provide secure services for legitimate users in Wireless Body Area Networks(WBAN). In 2019, Gupta et al. proposed a lightweight anonymous user authentication and key establishment scheme for wearable devices. We demonstrate that their scheme cannot withstand user impersonation, session key disclosure and wearable device stolen attacks. We also propose a secure and lightweight mutual authentication and key establishment scheme using wearable devices to resolve the security shortcomings of Gupta et al.'s scheme. The proposed scheme can be suitable to resource-limited environments.
Zhang, Yueqian, Kantarci, Burak.  2019.  Invited Paper: AI-Based Security Design of Mobile Crowdsensing Systems: Review, Challenges and Case Studies. 2019 IEEE International Conference on Service-Oriented System Engineering (SOSE). :17—1709.
Mobile crowdsensing (MCS) is a distributed sensing paradigm that uses a variety of built-in sensors in smart mobile devices to enable ubiquitous acquisition of sensory data from surroundings. However, non-dedicated nature of MCS results in vulnerabilities in the presence of malicious participants to compromise the availability of the MCS components, particularly the servers and participants' devices. In this paper, we focus on Denial of Service attacks in MCS where malicious participants submit illegitimate task requests to the MCS platform to keep MCS servers busy while having sensing devices expend energy needlessly. After reviewing Artificial Intelligence-based security solutions for MCS systems, we focus on a typical location-based and energy-oriented DoS attack, and present a security solution that applies ensemble techniques in machine learning to identify illegitimate tasks and prevent personal devices from pointless energy consumption so as to improve the availability of the whole system. Through simulations, we show that ensemble techniques are capable of identifying illegitimate and legitimate tasks while gradient boosting appears to be a preferable solution with an AUC performance higher than 0.88 in the precision-recall curve. We also investigate the impact of environmental settings on the detection performance so as to provide a clearer understanding of the model. Our performance results show that MCS task legitimacy decisions with high F-scores are possible for both illegitimate and legitimate tasks.
2020-08-10
Onaolapo, A.K., Akindeji, K.T..  2019.  Application of Artificial Neural Network for Fault Recognition and Classification in Distribution Network. 2019 Southern African Universities Power Engineering Conference/Robotics and Mechatronics/Pattern Recognition Association of South Africa (SAUPEC/RobMech/PRASA). :299–304.
Occurrence of faults in power systems is unavoidable but their timely recognition and location enhances the reliability and security of supply; thereby resulting in economic gain to consumers and power utility alike. Distribution Network (DN) is made smarter by the introduction of sensors and computers into the system. In this paper, detection and classification of faults in DN using Artificial Neural Network (ANN) is emphasized. This is achieved through the employment of Back Propagation Algorithm (BPA) of the Feed Forward Neural Network (FFNN) using three phase voltages and currents as inputs. The simulations were carried out using the MATLAB® 2017a. ANN with various hidden layers were analyzed and the results authenticate the effectiveness of the method.
2020-08-07
Pawlick, Jeffrey, Nguyen, Thi Thu Hang, Colbert, Edward, Zhu, Quanyan.  2019.  Optimal Timing in Dynamic and Robust Attacker Engagement During Advanced Persistent Threats. 2019 International Symposium on Modeling and Optimization in Mobile, Ad Hoc, and Wireless Networks (WiOPT). :1—8.
Advanced persistent threats (APTs) are stealthy attacks which make use of social engineering and deception to give adversaries insider access to networked systems. Against APTs, active defense technologies aim to create and exploit information asymmetry for defenders. In this paper, we study a scenario in which a powerful defender uses honeynets for active defense in order to observe an attacker who has penetrated the network. Rather than immediately eject the attacker, the defender may elect to gather information. We introduce an undiscounted, infinite-horizon Markov decision process on a continuous state space in order to model the defender's problem. We find a threshold of information that the defender should gather about the attacker before ejecting him. Then we study the robustness of this policy using a Stackelberg game. Finally, we simulate the policy for a conceptual network. Our results provide a quantitative foundation for studying optimal timing for attacker engagement in network defense.
2020-08-03
Moradi, Ashkan, Venkategowda, Naveen K. D., Werner, Stefan.  2019.  Coordinated Data-Falsification Attacks in Consensus-based Distributed Kalman Filtering. 2019 IEEE 8th International Workshop on Computational Advances in Multi-Sensor Adaptive Processing (CAMSAP). :495–499.
This paper considers consensus-based distributed Kalman filtering subject to data-falsification attack, where Byzantine agents share manipulated data with their neighboring agents. The attack is assumed to be coordinated among the Byzantine agents and follows a linear model. The goal of the Byzantine agents is to maximize the network-wide estimation error while evading false-data detectors at honest agents. To that end, we propose a joint selection of Byzantine agents and covariance matrices of attack sequences to maximize the network-wide estimation error subject to constraints on stealthiness and the number of Byzantine agents. The attack strategy is then obtained by employing block-coordinate descent method via Boolean relaxation and backward stepwise based subset selection method. Numerical results show the efficiency of the proposed attack strategy in comparison with other naive and uncoordinated attacks.
2020-07-30
Liu, Junqiu, Wang, Fei, Zhao, Shuang, Wang, Xin, Chen, Shuhui.  2019.  iMonitor, An APP-Level Traffic Monitoring and Labeling System for iOS Devices. 2019 IEEE International Conference on Computational Science and Engineering (CSE) and IEEE International Conference on Embedded and Ubiquitous Computing (EUC). :211—218.
In this paper, we propose the first traffic monitoring and labeling system for iOS devices, named iMonitor, which not just captures mobile network traffic in .pcap files, but also provides comprehensive APP-related and user-related information of captured packets. Through further analysis, one can obtain the exact APP or device where each packet comes from. The labeled traffic can be used in many research areas for mobile security, such as privacy leakage detection and user profiling. Given the implementation methodology of NetworkExtension framework of iOS 9+, APP labels of iMonitor are reliable enough so that labeled traffic can be regarded as training data for any traffic classification methods. Evaluations on real iPhones demonstrate that iMonitor has no notable impact upon user experience even with slight packet latency. Also, the experiment result supports our motivation that mobile traffic monitoring for iOS is absolutely necessary, as traffic generated by different OSes like Android and iOS are different and unreplaceable in researches.
Reddy, Vijender Busi, Negi, Atul, Venkataraman, S, Venkataraman, V Raghu.  2019.  A Similarity based Trust Model to Mitigate Badmouthing Attacks in Internet of Things (IoT). 2019 IEEE 5th World Forum on Internet of Things (WF-IoT). :278—282.

In Internet of Things (IoT) each object is addressable, trackable and accessible on the Internet. To be useful, objects in IoT co-operate and exchange information. IoT networks are open, anonymous, dynamic in nature so, a malicious object may enter into the network and disrupt the network. Trust models have been proposed to identify malicious objects and to improve the reliability of the network. Recommendations in trust computation are the basis of trust models. Due to this, trust models are vulnerable to bad mouthing and collusion attacks. In this paper, we propose a similarity model to mitigate badmouthing and collusion attacks and show that proposed method efficiently removes the impact of malicious recommendations in trust computation.

Kirupakar, J., Shalinie, S. Mercy.  2019.  Situation Aware Intrusion Detection System Design for Industrial IoT Gateways. 2019 International Conference on Computational Intelligence in Data Science (ICCIDS). :1—6.

In today's IIoT world, most of the IoT platform providers like Microsoft, Amazon and Google are focused towards connecting devices and extract data from the devices and send the data to the Cloud for analytics. Only there are few companies concentrating on Security measures implemented on Edge Node. Gartner estimates that by 2020, more than 25 percent of all enterprise attackers will make use of the Industrial IoT. As Cyber Security Threat is getting more important, it is essential to ensure protection of data both at rest and at motion. The reflex of Cyber Security in the Industrial IoT Domain is much more severe when compared to the Consumer IoT Segment. The new bottleneck in this are security services which employ computationally intensive software operations and system services [1]. Resilient services consume considerable resources in a design. When such measures are added to thwart security attacks, the resource requirements grow even more demanding. Since the standard IIoT Gateways and other sub devices are resource constrained in nature the conventional design for security services will not be applicable in this case. This paper proposes an intelligent architectural paradigm for the Constrained IIoT Gateways that can efficiently identify the Cyber-Attacks in the Industrial IoT domain.

2020-07-27
Liu, Dongqi.  2018.  A Creditability-based Intrusion Tolerant Method for Protection Equipment in Transformer Substations. 2018 China International Conference on Electricity Distribution (CICED). :1489–1492.
With the development of the interconnection of all things(IoT), a large number of mobile terminal devices with multiple users access the distribution network, and gradually form an open and interconnected network environment, which brings new challenges to the security and protection of the distribution network. In this paper, a method of analyzing the sensing data of the digital substation is proposed, which can prevent the abnormal data from causing the malfunction of the protective relays by calculating the creditability of the sensing data. Creditability calculation algorithm as well as the implementation of the intrusion tolerance strategy are studied throughout the paper. The simulation results show that the proposed creditability-based intrusion-tolerant(CIT) algorithm can ensure that the protective equipment have no protective malfunction from the false instructions or false data attacks, and the proposed intrusion tolerant algorithm has little affect on the real-time performance of the original protection algorithm, hence it has some practical value.
2020-07-24
Jiang, Feng, Qi, Buren, Wu, Tianhao, Zhu, Konglin, Zhang, Lin.  2019.  CPSS: CP-ABE based Platoon Secure Sensing Scheme against Cyber-Attacks. 2019 IEEE Intelligent Transportation Systems Conference (ITSC). :3218—3223.

Platoon is one of cooperative driving applications where a set of vehicles can collaboratively sense each other for driving safety and traffic efficiency. However, platoon without security insurance makes the cooperative vehicles vulnerable to cyber-attacks, which may cause life-threatening accidents. In this paper, we introduce malicious attacks in platoon maneuvers. To defend against these attacks, we propose a Cyphertext-Policy Attribute-Based Encryption (CP-ABE) based Platoon Secure Sensing scheme, named CPSS. In the CPSS, platoon key is encapsulated in the access control structure in the key distribution process, so that interference messages sending by attackers without the platoon key could be ignored. Therefore, the sensing data which contains speed and position information can be protected. In this way, speed and distance fluctuations caused by attacks can be mitigated even eliminated thereby avoiding the collisions and ensuring the overall platoon stability. Time complexity analysis shows that the CPSS is more efficient than that of the polynomial time solutions. Finally, to evaluate capabilities of the CPSS, we integrate a LTE-V2X with platoon maneuvers based on Veins platform. The evaluation results show that the CPSS outperforms the baseline algorithm by 25% in terms of distance variations.

Touati, Lyes, Challal, Yacine.  2016.  Collaborative KP-ABE for cloud-based Internet of Things applications. 2016 IEEE International Conference on Communications (ICC). :1—7.

KP-ABE mechanism emerges as one of the most suitable security scheme for asymmetric encryption. It has been widely used to implement access control solutions. However, due to its expensive overhead, it is difficult to consider this cryptographic scheme in resource-limited networks, such as the IoT. As the cloud has become a key infrastructural support for IoT applications, it is interesting to exploit cloud resources to perform heavy operations. In this paper, a collaborative variant of KP-ABE named C-KP-ABE for cloud-based IoT applications is proposed. Our proposal is based on the use of computing power and storage capacities of cloud servers and trusted assistant nodes to run heavy operations. A performance analysis is conducted to show the effectiveness of the proposed solution.

2020-07-20
Lekidis, Alexios, Barosan, Ion.  2019.  Model-based simulation and threat analysis of in-vehicle networks. 2019 15th IEEE International Workshop on Factory Communication Systems (WFCS). :1–8.
Automotive systems are currently undergoing a rapid evolution through the integration of the Internet of Things (IoT) and Software Defined Networking (SDN) technologies. The main focus of this evolution is to improve the driving experience, including automated controls, intelligent navigation and safety systems. Moreover, the extremely rapid pace that such technologies are brought into the vehicles, necessitates the presence of adequate testing of new features to avoid operational errors. Apart from testing though, IoT and SDN technologies also widen the threat landscape of cyber-security risks due to the amount of connectivity interfaces that are nowadays exposed in vehicles. In this paper we present a new method, based on OMNET++, for testing new in-vehicle features and assessing security risks through network simulation. The method is demonstrated through a case-study on a Toyota Prius, whose network data are analyzed for the detection of anomalies caused from security threats or operational errors.
Rumez, Marcel, Dürrwang, Jürgen, Brecht, Tim, Steinshorn, Timo, Neugebauer, Peter, Kriesten, Reiner, Sax, Eric.  2019.  CAN Radar: Sensing Physical Devices in CAN Networks based on Time Domain Reflectometry. 2019 IEEE Vehicular Networking Conference (VNC). :1–8.
The presence of security vulnerabilities in automotive networks has already been shown by various publications in recent years. Due to the specification of the Controller Area Network (CAN) as a broadcast medium without security mechanisms, attackers are able to read transmitted messages without being noticed and to inject malicious messages. In order to detect potential attackers within a network or software system as early as possible, Intrusion Detection Systems (IDSs) are prevalent. Many approaches for vehicles are based on techniques which are able to detect deviations from specified CAN network behaviour regarding protocol or payload properties. However, it is challenging to detect attackers who secretly connect to CAN networks and do not actively participate in bus traffic. In this paper, we present an approach that is capable of successfully detecting unknown CAN devices and determining the distance (cable length) between the attacker device and our sensing unit based on Time Domain Reflectometry (TDR) technique. We evaluated our approach on a real vehicle network.