A Framework for Modeling Advanced Persistent Threats in Intelligent Transportation Systems
Loading...
Authors
Chaudhry, Aawista
Date
Type
thesis
Language
eng
Keyword
Advanced Persistent Threats , Intelligent Transportation Systems , Cyber Physical Systems , Game Theory , Stackelberg Game for ITS Security , threat modeling , APT
Alternative Title
Abstract
An Intelligent Transportation System (ITS) is the embodiment of a vast and connected network that leverages connectivity for more efficient transportation. This is through congestion management, collision avoidance, and reduction of greenhouse emissions with open and rapid sharing of large amounts of data. However, there has been a lack of focus on the security of the ITS. Unfortunately, the underlying mechanics that enable the functions of the ITS also create easily exploitable attack vectors. These attacks can result in critical damage. Furthermore, the data exchanged over the ITS network is easily corruptible with attacks known as misbehaviours. The development of misbehaviour detection systems has gained traction within the research community recently. Detectors that are specialized for specific types of attacks have been developed but are siloed, and lack consideration of attacks that are multifaceted, and an amalgamation of individual attacks. These are carried out by threat actors, known as Advanced Persistent Threats (APTs), that wish to cause long-term impact using much more dangerous and difficult to detect misbehaviours. Modeling APTs infrastructures has been done successfully using game theory in other critical infrastructures similar to the ITS. In this work, we present a framework for designing APTs and redefining their lifecycle within the ITS, and by extension for other cyber physical systems. Using this definition, a Stackelberg game is designed for modeling the motivations and behaviours of APTs within the ITS. Unconventionally, the APT attacker is defined as the leader in this game, as opposed to the defence application, given the asymmetry of information in the APT's favour. The optimization problems of the attacker and the defence system are derived, which outline the objective functions of each. A use-case scenario is used to demonstrate how to apply the framework in an ITS setting. Our work shows the impact an intelligent and evasive attacker can have on the system and the insufficiency of current state-of-the-art detectors in identifying these types of attacks. This model can be customized to any given APT targeting the ITS and will help model APTs more realistically, to subsequently better protect ITSs against them.
Description
Citation
Publisher
License
Queen's University's Thesis/Dissertation Non-Exclusive License for Deposit to QSpace and Library and Archives Canada
ProQuest PhD and Master's Theses International Dissemination Agreement
Intellectual Property Guidelines at Queen's University
Copying and Preserving Your Thesis
This publication is made available by the authority of the copyright owner solely for the purpose of private study and research and may not be copied or reproduced except as permitted by the copyright laws without written authority from the copyright owner.
ProQuest PhD and Master's Theses International Dissemination Agreement
Intellectual Property Guidelines at Queen's University
Copying and Preserving Your Thesis
This publication is made available by the authority of the copyright owner solely for the purpose of private study and research and may not be copied or reproduced except as permitted by the copyright laws without written authority from the copyright owner.