Presentation is loading. Please wait.

Presentation is loading. Please wait.

Secure and Trustworthy Data Management for Vehicular Cyber Physical Systems Dr. Wenjia Li Assistant Professor in Computer Science New York Institute of.

Published byKristian Preston Modified over 9 years ago

Similar presentations

Presentation on theme: "Secure and Trustworthy Data Management for Vehicular Cyber Physical Systems Dr. Wenjia Li Assistant Professor in Computer Science New York Institute of."— Presentation transcript:

1 Secure and Trustworthy Data Management for Vehicular Cyber Physical Systems Dr. Wenjia Li Assistant Professor in Computer Science New York Institute of Technology 5/22/20151

2 Agenda Introduction and Motivation Prior Research Efforts The Proposed Approach Research Challenges/Opportunities Conclusion 5/22/20152

3 Various Applications of Wireless Network and CPS 5/22/20153 Wireless Network Emergency/Disaster Rescue Intelligent Transportation Situation Awareness for Battlefield Mobile Healthcare System

4 ABCs of Wireless Networks Wireless Network: a kind of computer network that offers ubiquitous access for various devices (laptops, smart phones, tablets, sensors, RSUs, etc.) Basic features of wireless networks – Limited battery life of each device Ever complained about short battery life of your smart phone? – Short, open & error-prone transmission medium Don’t forget to encrypt your WiFi network – Constantly changing network topology Keep in mind devices (and cars which carry them) are always moving 5/22/20154  Cooperation among devices is very important for wireless networks

5 What if Devices DON’T Cooperate? Some nodes can exhibit uncooperative behaviors due to one of the following two reasons – Anomalies (such as device malfunctioning, power outage, high wind, etc.) These behaviors are classified as faulty behaviors – Intentionally disturbing network and causing damage These behaviors are known as malicious behaviors Both faulty behaviors and malicious behaviors are regarded as MISBEHAVIORS – Which type is MORE dangerous, malicious or faulty? 5/22/20155

6 Node Misbehaviors Why we want to detect and fight against node misbehaviors? – Minimize the harm they cause – Punish misbehaving nodes – Encourage node cooperation  Countermeasures are NEEDED to address the security threats led by various node misbehaviors, especially those malicious ones 5/22/2015 6

7 Watching Your Neighbors: Example 5/22/20157 Observer Observed Nodes Incoming Packet Incoming Packet A 1 1 2 2 3 3 Outgoing Packet B 1: Packet Dropped 2: Packet Modified 3: DoS attack Radio Range Sending MANY dummy data to occupy channel

8 Traffic Monitoring – An ITS Application Data security and trustworthiness are CRITICAL to the traffic monitoring application 5/22/20158

9 How to Secure Vehicular CPS? 5/22/20159

10 10 Misbehavior Detection An important method to protect wireless networks and CPS from BOTH external attackers AND internal compromised nodes Previous misbehavior detection methods – Intrusion detection system (IDS) for wireless networks IDS sensor deployed on each node – NOT energy-efficient Cluster-based IDS by Huang et al. – Cross-layer misbehavior detection by Parker et al. – Efforts to identify routing misbehaviors “Watchdog” & “Pathrater” by Marti et al.

11 Trust Management Goal: assess various behaviors of other nodes and build a trust for each node based on the behavior assessment Node behavior observation – First-hand observation Directly observed Most trustworthy but only contains behaviors of DIRECT neighbors – Second-hand observation Exchanged with other nodes Less trustworthy but contains behavior observations for all the nodes 5/22/201511

12 Previous Research Efforts in Trust Management Cooperation Of Nodes, Fairness In Dynamic Ad-hoc NeTworks (CONFIDANT) by Buchegger et al. – Aim: encourage the node cooperation and punish misbehaving nodes – Components: Monitor, Reputation System, Trust Manager, and Path Manager – Exchange both positive and negative observations with neighbors CORE by Michiardi et al. – Similar to CONFIDANT – ONLY exchange POSITIVE observation with neighbors Reputation system by Patwardhan et al. – Reputation determined by data validation – A few nodes named Anchor Nodes are trustworthy data sources – Data validation by either agreement among peers or direct communication with an anchor node 5/22/201512

13 Motivation 5/22/201513

14 Wireless Network Misbehavior Detection Trust Management Context Awareness 1 3 2 4 5 6 Node 1 is misbehaving because it drops packets Node 1 is NOT trustworthy because it drops packets Nodes 2 and 4 (1’s neighbors) are busy sending packets Traditional Security Solutions 5/22/201514 Q: Is Node 1 really malicious or not?

15 An Example Scenario Can we survive at -173 o C ? – Probably NO! Error reading from sensor? – Maybe YES! Malicious or faulty? – Totally NO clue!  5/22/2015 15

16 Another Example Scenario Node 1 are equally trustworthy in both cases? Node 1 are equally trustworthy in both cases? – Probably YES according to traditional security mechanisms – But actually NO because of the context in which the packet dropping occurs! 5/22/2015 16

17 Our Solution – A Holistic Framework A holistic framework that integrates misbehavior detection, trust management, context awareness and policy management in a cooperative and adaptive manner – Misbehavior detection that does not rely on pre-defined fixed threshold – Models node trust as a vector instead of a scalar in wireless networks – Declares and enforces policies that better reflect the context in which misbehaviors occur 5/22/201517

18 Why Our Solution is Better? – An Example 5/22/2015 18 Mobile Ad-hoc Network Misbehavior Detection Trust Management Context Awareness 1 3 2 4 5 6 Data Node 1 is misbehaving because it drops packets Node 1 is NOT trustworthy because it drops packets Nodes 2 and 4 (1’s neighbors) are busy sending packets Policy Management Busy channel for node 1   Node 1 is forced to drop packets but it is NOT malicious  its trust gets punished less

19 A Closer Look at the Proposed Solutions 5/22/201519

20 How do Traditional Misbehavior Detection Methods Work? Threshold-based solution: – “If total bad behavior > 10, then the node is misbehaving.” 5/22/201520 Packet DropPacket ModifyPacket FloodingTotal Bad Behavior Node 11848 Node 251510 Node 341016 Weight0.10.40.5 Weights sum up to 1 7.4 11.5 12.4 GOOD BAD Challenges: – Both the weights and the threshold are hard to decide manually because they heavily depend on environment and context !

21 Our Solution: Support Vector Machine (SVM) Support Vector Machine (SVM): a machine learning algorithm that is used to automatically classify nodes into misbehaving nodes and normal ones – SVM requires a set of training data to build the model Training stage: 5/22/201521 Packet Drop Packet Modify Packet Flooding Bad Guy? Node 11848No Node 251510Yes Node 341016Yes … SVM Algorithm An SVM Model

22 Support Vector Machine: Detection Stage 5/22/201522 Detection stage: The SVM Model Packet Drop Packet Modify Packet Flooding Bad Guy? Node X1668? Node Y2199? Node Z61113? Packet Drop Packet Modify Packet Flooding Bad Guy? Node X1668No Node Y2199Yes Node Z61113Yes

23 Trust: A Scalar or A Vector? Majority of current trust management schemes in wireless network model trust in ONE single scalar (i.e., one single value) – Observations to all types of misbehaviors are used to determine ONE single trust value for each node – Neither expressive nor accurate in complicated scenarios 5/22/201523

24 How did Others Evaluate Trust? 5/22/201524 10 Incoming Packets 10 Incoming Packets A i 1 1 2 2 3 3 10 Outgoing Packets B i Node 1: 10 Packets Dropped Node 2: 10 Packets Modified Ten Misused RTS requests Node 3: 10 RTS flooding attack Radio Range Trust_1 = Trust_2 = Trust_3 = 0.9 Trust_1 = Trust_2 = Trust_3 = 0.9

25 Our Solution for Trust Management 5/22/201525 10 Incoming Packets 10 Incoming Packets A i 1 1 2 2 3 3 10 Outgoing Packets B i Node 1: 10 Packets Dropped Node 2: 10 Packets Modified Ten Misused RTS requests Node 3: 10 RTS flooding attack Radio Range T1T2T3 Node10.911 Node210.91 Node3110.9

26 Multi-dimensional Trust Management Multi-dimensional trust management – Decide the trustworthiness of a node from several perspectives (for example 3) – Each dimension of trustworthiness is decided by a subset of misbehaviors 5/22/2015 26

27 Research Challenges/Opportunities Short-term trust V.S. long-term trust (Data V.S. Device) – Sometimes you will NOT see your next car in highway again (not for a long time or never)! – In many cases we are also (or MORE) interested in how trustworthy a traffic event/alert is rather than the guy who reported it – So we want to evaluate and track the trustworthiness of the traffic data! 5/22/201527

28 Research Challenges/ Opportunities (Cont.) Heterogeneous Sensor Data – Smartphone sensor data V.S. on-board vehicular sensor data (and even more) – How can we properly interpret and integrate these heterogeneous sensor data? – One solution: use policy rules as well as contextual information to help fuse these sensor data to better utilize them 5/22/201528

29 Conclusion Security and trustworthiness are BOTH very important for wireless network and its applications A holistic framework better secures wireless network than the existing solutions – Context makes you better understand the threats – Policy makes your countermeasure more accurate and adaptive 5/22/201529

30 Thank You Thank You Questions? Email: wli20@nyit.edu 5/22/201530

Download ppt "Secure and Trustworthy Data Management for Vehicular Cyber Physical Systems Dr. Wenjia Li Assistant Professor in Computer Science New York Institute of."

Similar presentations

Security in Mobile Ad Hoc Networks

Security in Mobile Ad Hoc Networks
June 4, 2004 A Robust Reputation System for P2P and Mobile Ad-hoc Networks Sonja Buchegger 1 A Robust Reputation System for P2P and Mobile Ad-hoc Networks.

June 4, 2004 A Robust Reputation System for P2P and Mobile Ad-hoc Networks Sonja Buchegger 1 A Robust Reputation System for P2P and Mobile Ad-hoc Networks.
Mitigating Routing Misbehavior in Mobile Ad-Hoc Networks Reference: Mitigating Routing Misbehavior in Mobile Ad Hoc Networks, Sergio Marti, T.J. Giuli,

Mitigating Routing Misbehavior in Mobile Ad-Hoc Networks Reference: Mitigating Routing Misbehavior in Mobile Ad Hoc Networks, Sergio Marti, T.J. Giuli,
Enhancing Security Using Mobile Based Anomaly Detection in Cellular Mobile Networks Bo Sun, Fei Yu, KuiWu, Yang Xiao, and Victor C. M. Leung. Presented.

Enhancing Security Using Mobile Based Anomaly Detection in Cellular Mobile Networks Bo Sun, Fei Yu, KuiWu, Yang Xiao, and Victor C. M. Leung. Presented.
Conceptual Framework for Dynamic Trust Monitoring and Prediction Olufunmilola Onolaja Rami Bahsoon Georgios Theodoropoulos School of Computer Science The.

Conceptual Framework for Dynamic Trust Monitoring and Prediction Olufunmilola Onolaja Rami Bahsoon Georgios Theodoropoulos School of Computer Science The.
Collaborative Attacks on Routing Protocols in Ad hoc Networks Neelima Gupta University of Delhi India.

Collaborative Attacks on Routing Protocols in Ad hoc Networks Neelima Gupta University of Delhi India.
SELF-ORGANIZING MEDIA ACCESS MECHANISM OF A WIRELESS SENSOR NETWORK AHM QUAMRUZZAMAN.

SELF-ORGANIZING MEDIA ACCESS MECHANISM OF A WIRELESS SENSOR NETWORK AHM QUAMRUZZAMAN.
Michael Baswell WSN Security Wireless Ad Hoc Sensor Network Security Michael Baswell For CS591 S2007 5/7/20071.

Michael Baswell WSN Security Wireless Ad Hoc Sensor Network Security Michael Baswell For CS591 S2007 5/7/20071.
Intrusion Detection Techniques in Mobile Ad Hoc and Wireless Sensor Networks - IEEE October 2007 CMSC 681 - Advanced Computer Networks Oleg Aulov CMSC.

Intrusion Detection Techniques in Mobile Ad Hoc and Wireless Sensor Networks - IEEE October 2007 CMSC Advanced Computer Networks Oleg Aulov CMSC.
Forwarding Redundancy in Opportunistic Mobile Networks: Investigation and Elimination Wei Gao 1, Qinghua Li 2 and Guohong Cao 3 1 The University of Tennessee,

Forwarding Redundancy in Opportunistic Mobile Networks: Investigation and Elimination Wei Gao 1, Qinghua Li 2 and Guohong Cao 3 1 The University of Tennessee,
Edith C. H. Ngai1, Jiangchuan Liu2, and Michael R. Lyu1

Edith C. H. Ngai1, Jiangchuan Liu2, and Michael R. Lyu1
1 Security in Wireless Sensor Networks Group Meeting Fall 2004 Presented by Edith Ngai.

1 Security in Wireless Sensor Networks Group Meeting Fall 2004 Presented by Edith Ngai.
Secure Routing and Intrusion Detection For Mobile Ad Hoc Networks Secure Routing and Intrusion Detection For Mobile Ad Hoc Networks Anand Patwardhan Jim.

Secure Routing and Intrusion Detection For Mobile Ad Hoc Networks Secure Routing and Intrusion Detection For Mobile Ad Hoc Networks Anand Patwardhan Jim.
Jorge Hortelano, Juan Carlos Ruiz, Pietro Manzoni

Jorge Hortelano, Juan Carlos Ruiz, Pietro Manzoni
Report on Intrusion Detection and Data Fusion By Ganesh Godavari.

Report on Intrusion Detection and Data Fusion By Ganesh Godavari.
Network Coding and Reliable Communications Group A Multi-hop Multi-source Algebraic Watchdog Muriel Médard † Joint work with MinJi Kim †, João Barros ‡

Network Coding and Reliable Communications Group A Multi-hop Multi-source Algebraic Watchdog Muriel Médard † Joint work with MinJi Kim †, João Barros ‡
This work is supported by the National Science Foundation under Grant Number DUE-0302909. Any opinions, findings and conclusions or recommendations expressed.

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
Adaptive Security for Wireless Sensor Networks Master Thesis – June 2006.

Adaptive Security for Wireless Sensor Networks Master Thesis – June 2006.
© 2007 Levente Buttyán and Jean-Pierre Hubaux Security and Cooperation in Wireless Networks Chapter 3: Trust assumptions and.

© 2007 Levente Buttyán and Jean-Pierre Hubaux Security and Cooperation in Wireless Networks Chapter 3: Trust assumptions and.
An Architecture for Dynamic Trust Monitoring in Mobile Networks Onolaja Olufunmilola, Rami Bahsoon, Georgios Theodoropoulos School of Computer Science.

An Architecture for Dynamic Trust Monitoring in Mobile Networks Onolaja Olufunmilola, Rami Bahsoon, Georgios Theodoropoulos School of Computer Science.

Similar presentations

Ads by Google