A Framework for Modeling Advanced Persistent Threats in Intelligent Transportation Systems

Thumbnail Image
Chaudhry, Aawista
Advanced Persistent Threats , Intelligent Transportation Systems , Cyber Physical Systems , Game Theory , Stackelberg Game for ITS Security , threat modeling , APT
An Intelligent Transportation System (ITS) is the embodiment of a vast and connected network that leverages connectivity for more efficient transportation. This is through congestion management, collision avoidance, and reduction of greenhouse emissions with open and rapid sharing of large amounts of data. However, there has been a lack of focus on the security of the ITS. Unfortunately, the underlying mechanics that enable the functions of the ITS also create easily exploitable attack vectors. These attacks can result in critical damage. Furthermore, the data exchanged over the ITS network is easily corruptible with attacks known as misbehaviours. The development of misbehaviour detection systems has gained traction within the research community recently. Detectors that are specialized for specific types of attacks have been developed but are siloed, and lack consideration of attacks that are multifaceted, and an amalgamation of individual attacks. These are carried out by threat actors, known as Advanced Persistent Threats (APTs), that wish to cause long-term impact using much more dangerous and difficult to detect misbehaviours. Modeling APTs infrastructures has been done successfully using game theory in other critical infrastructures similar to the ITS. In this work, we present a framework for designing APTs and redefining their lifecycle within the ITS, and by extension for other cyber physical systems. Using this definition, a Stackelberg game is designed for modeling the motivations and behaviours of APTs within the ITS. Unconventionally, the APT attacker is defined as the leader in this game, as opposed to the defence application, given the asymmetry of information in the APT's favour. The optimization problems of the attacker and the defence system are derived, which outline the objective functions of each. A use-case scenario is used to demonstrate how to apply the framework in an ITS setting. Our work shows the impact an intelligent and evasive attacker can have on the system and the insufficiency of current state-of-the-art detectors in identifying these types of attacks. This model can be customized to any given APT targeting the ITS and will help model APTs more realistically, to subsequently better protect ITSs against them.
External DOI