Change search
Link to record
Permanent link

Direct link
Publications (4 of 4) Show all publications
Zenden, I., Wang, H., Iacovazzi, A., Vahidi, A., Blom, R. & Raza, S. (2023). On the Resilience of Machine Learning-Based IDS for Automotive Networks. In: proc of IEEE Vehicular Networking Conference, VNC: . Paper presented at 14th IEEE Vehicular Networking Conference, VNC 2023.Instanbul. 26 April 2023 through 28 April 2023. (pp. 239-246). IEEE Computer Society
Open this publication in new window or tab >>On the Resilience of Machine Learning-Based IDS for Automotive Networks
Show others...
2023 (English)In: proc of IEEE Vehicular Networking Conference, VNC, IEEE Computer Society , 2023, p. 239-246Conference paper, Published paper (Refereed)
Abstract [en]

Modern automotive functions are controlled by a large number of small computers called electronic control units (ECUs). These functions span from safety-critical autonomous driving to comfort and infotainment. ECUs communicate with one another over multiple internal networks using different technologies. Some, such as Controller Area Network (CAN), are very simple and provide minimal or no security services. Machine learning techniques can be used to detect anomalous activities in such networks. However, it is necessary that these machine learning techniques are not prone to adversarial attacks. In this paper, we investigate adversarial sample vulnerabilities in four different machine learning-based intrusion detection systems for automotive networks. We show that adversarial samples negatively impact three of the four studied solutions. Furthermore, we analyze transferability of adversarial samples between different systems. We also investigate detection performance and the attack success rate after using adversarial samples in the training. After analyzing these results, we discuss whether current solutions are mature enough for a use in modern vehicles.

Place, publisher, year, edition, pages
IEEE Computer Society, 2023
Keywords
Adversarial AI/ML, Controller Area Network, Intrusion Detection System, Machine Learning, Vehicle Security, Computer crime, Control system synthesis, Controllers, Intrusion detection, Learning algorithms, Network security, Process control, Safety engineering, Automotive networks, Automotives, Autonomous driving, Controller-area network, Electronics control unit, Intrusion Detection Systems, Machine learning techniques, Machine-learning
National Category
Control Engineering
Identifiers
urn:nbn:se:ri:diva-65727 (URN)10.1109/VNC57357.2023.10136285 (DOI)2-s2.0-85163164299 (Scopus ID)9798350335491 (ISBN)
Conference
14th IEEE Vehicular Networking Conference, VNC 2023.Instanbul. 26 April 2023 through 28 April 2023.
Note

This research is partially funded by the CyReV project(Sweden’s Innovation Agency, D-nr 2019-03071), partiallyby the H2020 ARCADIAN-IoT (Grant ID. 101020259), andH2020 VEDLIoT (Grant ID. 957197).

Available from: 2023-08-11 Created: 2023-08-11 Last updated: 2024-03-03Bibliographically approved
Arfaoui, G., Bisson, P., Blom, R., Borgaonkar, R., Englund, H., Felix, E., . . . Zahariev, A. (2018). A Security Architecture for 5G Networks. IEEE Access, 6(17), 22466-22479
Open this publication in new window or tab >>A Security Architecture for 5G Networks
Show others...
2018 (English)In: IEEE Access, E-ISSN 2169-3536, Vol. 6, no 17, p. 22466-22479Article in journal (Refereed) Published
Abstract [en]

5G networks will provide opportunities for the creation of new services, for new business models, and for new players to enter the mobile market. The networks will support efficient and cost-effective launch of a multitude of services, tailored for different vertical markets having varying service and security requirements, and involving a large number of actors. Key technology concepts are network slicing and network softwarisation, including network function virtualisation and software-defined networking. The presented security architecture builds upon concepts from the 3G and 4G security architectures but extends and enhances them to cover the new 5G environment. It comprises a toolbox for security relevant modelling of the systems, a set of security design principles, and a set of security functions and mechanisms to implement the security controls needed to achieve stated security objectives. In a smart city use case setting, we illustrate its utility; we examine the high-level security aspects stemming from the deployment of large numbers of IoT devices and network softwarisation.

Keywords
5G, 5G mobile communication, Architecture, Business, Computer architecture, Electronic mail, Network slicing, Security, Smart cities, Telecommunication Networks, 5G mobile communication systems, Commerce, Cost effectiveness, Industry, Mobile security, Mobile telecommunication systems, Network architecture, Queueing networks, Smart city, Mobile communications, New business models, Security Architecture, Security functions, Security objectives, Security requirements, Network security
National Category
Natural Sciences
Identifiers
urn:nbn:se:ri:diva-33758 (URN)10.1109/ACCESS.2018.2827419 (DOI)2-s2.0-85045763510 (Scopus ID)
Available from: 2018-05-07 Created: 2018-05-07 Last updated: 2024-03-03Bibliographically approved
Ray, A., Åkerberg, J., Björkman, M., Blom, R. & Gidlund, M. (2015). Applicability of LTE Public Key Infrastructure Based Device Authentication in Industrial Plants (9ed.). In: Proceedings - IEEE Computer Society's International Computer Software and Applications Conference: . Paper presented at 39th IEEE Annual Computer Software and Applications Conference (COMPSAC 2015), July 1-5, 2015, Taichung, Taiwan (pp. 510-515). , Article ID 7273660.
Open this publication in new window or tab >>Applicability of LTE Public Key Infrastructure Based Device Authentication in Industrial Plants
Show others...
2015 (English)In: Proceedings - IEEE Computer Society's International Computer Software and Applications Conference, 2015, 9, p. 510-515, article id 7273660Conference paper, Published paper (Refereed)
Abstract [en]

The security in industrial automation domain using cryptography mechanisms is being discussed in both industry and academia. An efficient key management system is required to support cryptography for both symmetric key and public/private key encryption. The key management should ensure that the device is verified before distributing the initial key parameters to devices. The software/firmware used in the device comes from manufacturers, therefore the initial authenticity of the device can be easily verified with the help of manufacturers. Mobile telecommunication is an industrial segment where wireless devices are being used for a long time and the security of the wireless device management has been considered through a standard driven approach. Therefore, it is interesting to analyse the security authentication mechanisms used in mobile communication, specified in Long-Term-Evolution (LTE) standard. This paper analyses the initial device authentication using public key infrastructure in LTE standard, and discusses if, where and how the studied solutions can be tailored for device authenticity verification in industrial plant automation systems.

Series
Proceedings - IEEE Computer Society's International Computer Software and Applications Conference, E-ISSN 0730-3157
Keywords
Industrial Automation, Mobile telecommunication security, Gap Analysis, Public-Key Infrastructure
National Category
Computer and Information Sciences
Identifiers
urn:nbn:se:ri:diva-24471 (URN)10.1109/COMPSAC.2015.61 (DOI)2-s2.0-84962148518 (Scopus ID)978-1-4673-6564-2 (ISBN)
Conference
39th IEEE Annual Computer Software and Applications Conference (COMPSAC 2015), July 1-5, 2015, Taichung, Taiwan
Projects
PSCIP
Available from: 2016-10-31 Created: 2016-10-31 Last updated: 2024-03-03Bibliographically approved
Blom, R. & Schwarz, O. (2015). High Assurance Security Products on COTS Platforms (7ed.). ERCIM News (102), 39-40
Open this publication in new window or tab >>High Assurance Security Products on COTS Platforms
2015 (English)In: ERCIM News, ISSN 0926-4981, E-ISSN 1564-0094, no 102, p. 39-40Article in journal (Refereed) Published
Abstract [en]

With commodity operating systems failing to establish unbreakable isolation of processes, there is a need for stronger separation mechanisms. A recently launched open source project aims at applying virtualization to achieve such isolation on the widespread embedded ARM architectures. Strong assurance is established by formal verification and common criteria certification. Coexisting guest systems are able to run unmodified on the multicore platform, in a resource and cost efficient manner. The solution is rounded anchored in a secure boot process.

Place, publisher, year, edition, pages
ERCIM EEIG, 2015 Edition: 7
National Category
Computer and Information Sciences
Identifiers
urn:nbn:se:ri:diva-24462 (URN)
Projects
HASPOC
Note

This is the author version. The publisher's version can be found at http://ercim-news.ercim.eu/en102/r-i/high-assurance-security-products-on-cots-platforms

Available from: 2016-10-31 Created: 2016-10-31 Last updated: 2024-03-03Bibliographically approved
Organisations
Identifiers
ORCID iD: ORCID iD iconorcid.org/0000-0002-0621-454X

Search in DiVA

Show all publications