A Lightweight 5G-V2X Intra-slice Intrusion Detection System Using Knowledge Distillation

in A Lightweight 5G-V2X Intra-slice Intrusion Detection System Using Knowledge Distillation (2023, May)

As the automotive industry grows, modern vehicles will be connected to 5G networks, creating a new Vehicular-to-Everything (V2X) ecosystem. Network Slicing (NS) supports this 5G-V2X ecosystem by enabling ... [more ▼]

As the automotive industry grows, modern vehicles will be connected to 5G networks, creating a new Vehicular-to-Everything (V2X) ecosystem. Network Slicing (NS) supports this 5G-V2X ecosystem by enabling network operators to flexibly provide dedicated logical networks addressing use case specific-requirements on top of a shared physical infrastructure. Despite its benefits, NS is highly vulnerable to privacy and security threats, which can put Connected and Automated Vehicles (CAVs) in dangerous situations. Deep Learning-based Intrusion Detection Systems (DL-based IDSs) have been proposed as the first defense line to detect and report these attacks. However, current DL-based IDSs are processing and memory-consuming, increasing security costs and jeopardizing 5G-V2X acceptance. To this end, this paper proposes a lightweight intrusion detection scheme for 5G-V2X sliced networks. Our scheme leverages DL and Knowledge Distillation (KD) for training in the cloud and offloading knowledge to slice-tailored lightweight DL models running on CAVs. Our results show that our scheme provides an optimal trade-off between detection accuracy and security overhead. Specifically, it can reduce security overhead in computation and memory complexity to more than 50% while keeping almost the same performance as heavy DL-based IDSs. [less ▲]

A Survey on Privacy-preserving Electronic Toll Collection Schemes for Intelligent Transportation Systems

in IEEE Transactions on Intelligent Transportation Systems (2023)

As part of Intelligent Transportation Systems (ITS), Electronic toll collection (ETC) is a type of toll collection system (TCS) which is getting more and more popular as it can not only help to finance ... [more ▼]

As part of Intelligent Transportation Systems (ITS), Electronic toll collection (ETC) is a type of toll collection system (TCS) which is getting more and more popular as it can not only help to finance the government's road infrastructure but also it can play a crucial role in pollution reduction and congestion management. As most of the traditional ETC schemes (ETCS) require identifying their users, they enable location tracking. This violates user privacy and poses challenges regarding the compliance of such systems with privacy regulations such as the EU General Data Protection Regulation (GDPR). So far, several privacy-preserving ETC schemes have been proposed. To the best of our knowledge, this is the first survey that systematically reviews and compares various characteristics of these schemes, including components, technologies, security properties, privacy properties, and attacks on ETCS. This survey first categorizes the ETCS based on two technologies, GNSS and DSRC. Then under these categories, the schemes are classified based on whether they provide formal proof of security and support security analysis. We also demonstrate which schemes specifically are/are not resistant to collusion and physical attacks. Then, based on these classifications, several limitations and shortcomings in privacy-preserving ETCS are revealed. Finally, we identify several directions for future research. [less ▲]

Edge Computing-enabled Intrusion Detection for C-V2X Networks using Federated Learning

in The 2022 IEEE Global Communications Conference (GLOBECOM) (2022, December)

Intrusion detection systems (IDS) have already demonstrated their effectiveness in detecting various attacks in cellular vehicle-to-everything (C-V2X) networks, especially when using machine learning (ML ... [more ▼]

Intrusion detection systems (IDS) have already demonstrated their effectiveness in detecting various attacks in cellular vehicle-to-everything (C-V2X) networks, especially when using machine learning (ML) techniques. However, it has been shown that generating ML-based models in a centralized way consumes a massive quantity of network resources, such as CPU/memory and bandwidth, which may represent a critical issue in such networks. To avoid this problem, the new concept of Federated Learning (FL) emerged to build ML-based models in a distributed and collaborative way. In such an approach, the set of nodes, e.g., vehicles or gNodeB, collaborate to create a global ML model trained across these multiple decentralized nodes, each one with its respective data samples that are not shared with any other nodes. In this way, FL enables, on the one hand, data privacy since sharing data with a central location is not always feasible and, on the other hand, network overhead reduction. This paper designs a new IDS for C-V2X networks based on FL. It leverages edge computing to not only build a prediction model in a distributed way but also to enable low-latency intrusion detection. Moreover, we build our FL-based IDS on top of the well-known CIC-IDS2018 dataset, which includes the main network attacks. Noting that, we first perform feature engineering on the dataset using the ANOVA method to consider only the most informative features. Simulation results show the efficiency of our system compared to the existing solutions in terms of attack detection accuracy while reducing network resource consumption. [less ▲]

DRIVE-B5G: A Flexible and Scalable Platform Testbed for B5G-V2X Networks

in DRIVE-B5G: A Flexible and Scalable Platform Testbed for B5G-V2X Networks (2022, December)

Unlike previous mobile networks, 5G and beyond (B5G) networks are expected to be the key enabler of various vertical industries such as eHealth, intelligent transportation, and Industrial IoT verticals ... [more ▼]

Unlike previous mobile networks, 5G and beyond (B5G) networks are expected to be the key enabler of various vertical industries such as eHealth, intelligent transportation, and Industrial IoT verticals. To support that, B5G networks enable to sharing of common physical resources (radio, computation, network) among different tenants, thanks to network slicing concept and network softwarization technologies, including Software Defined Networking (SDN) and Network Function Virtualization (NFV). Therefore, new research challenges related to B5G networks have emerged, such as resources management and orchestration, service chaining, security, and QoS management. However, there is a lack of a realistic platform enabling researchers to design and validate their solutions effectively, since B5G networks are still in their early stages. In this paper, we first discuss the different methods for deploying realistic B5G platforms for the V2X vertical, including the key B5G technologies. Then, we describe DRIVE-B5G, a novel platform that serves as an end-to-end test-bed to emulate a vehicular network environment, allowing researchers to provide proof of concept, validate, and evaluate their research approaches. [less ▲]

5G Vehicle-to-Everything at the Cross-Borders: Security Challenges and Opportunities

in IEEE Internet of Things Journal (2022)

5G Vehicle-to-Everything (5G-V2X) communications will play a vital role in the development of the automotive industry. Indeed and thanks to the Network Slicing (NS) concept of 5G and beyond networks (B5G ... [more ▼]

5G Vehicle-to-Everything (5G-V2X) communications will play a vital role in the development of the automotive industry. Indeed and thanks to the Network Slicing (NS) concept of 5G and beyond networks (B5G), unprecedented new vehicular use–cases can be supported on top of the same physical network. NS promises to enable the sharing of common network infrastructure and resources while ensuring strict traffic isolation and providing necessary network resources to each NS. However, enabling NS in vehicular networks brings new security challenges and requirements that automotive or 5G standards have not yet addressed. Attackers can exploit the weakest link in the slicing chain, connected and automated vehicles, to violate the slice isolation and degrade its performance. Furthermore, these attacks can be more powerful, especially if they are produced in cross-border areas of two countries, which require an optimal network transition from one operator to another. Therefore, this article aims to provide an overview of newly enabled 5G-V2X slicing use cases and their security issues while focusing on cross-border slicing attacks. It also presents the open security issues of 5G-V2X slicing and identifies some opportunities. [less ▲]

Deep Learning-based Intra-slice Attack Detection for 5G-V2X Sliced Networks

in 2022 IEEE 95th Vehicular Technology Conference: (VTC2022-Spring) (2022, August 25)

Connected and Automated Vehicles (CAVs) represent one of the main verticals of 5G to provide road safety, road traffic efficiency, and user convenience. As a key enabler of 5G, Network Slicing (NS) aims ... [more ▼]

Connected and Automated Vehicles (CAVs) represent one of the main verticals of 5G to provide road safety, road traffic efficiency, and user convenience. As a key enabler of 5G, Network Slicing (NS) aims to create Vehicle-to-Everything (V2X) network slices with different network requirements on a shared and programmable physical infrastructure. However, NS has generated new network threats that might target CAVs leading to road hazards. More specifically, such attacks may target either the inner functioning of each V2X-NS (intra-slice) or break the NS isolation. In this paper, we aim to deal with the raised question of how to detect intra-slice V2X attacks. To do so, we leverage both Virtual Security as a Service (VSaS) concept and deep learning (DL) to deploy a set of DL-empowered security Virtual Network Functions (sVNFs) within V2X-NSs. These sVNFs are in charge of detecting such attacks, thanks to a DL model that we also build in this work. The proposed DL model is trained, validated, and tested using a publicly available dataset. The results show the efficiency and accuracy of our scheme to detect intra-slice V2X attacks. [less ▲]

Intelligent Misbehavior Detection System for Detecting False Position Attacks in Vehicular Networks

in Hawlader, Faisal; Boualouache, Abdelwahab; Faye, Sébastien (Eds.) et al The 2021 IEEE International Conference on Communications (the 4th Workshop on 5G and Beyond Wireless Security) (2021, June)

Position falsification attacks are one of the most dangerous internal attacks in vehicular networks. Several Machine Learning-based Misbehavior Detection Systems (ML-based MDSs) have recently been proposed ... [more ▼]

Position falsification attacks are one of the most dangerous internal attacks in vehicular networks. Several Machine Learning-based Misbehavior Detection Systems (ML-based MDSs) have recently been proposed to detect these attacks and mitigate their impact. However, existing ML-based MDSs require numerous features, which increases the computational time needed to detect attacks. In this context, this paper introduces a novel ML-based MDS for the early detection of position falsification attacks. Based only on received positions, our system provides real-time and accurate predictions. Our system is intensively trained and tested using a publicly available data set, while its validation is done by simulation. Six conventional classification algorithms are applied to estimate and construct the best model based on supervised learning. The results show that the proposed system can detect position falsification attacks with almost 100% accuracy. [less ▲]

Software-Defined Location Privacy Protection for Vehicular Networks

in Boualouache, Abdelwahab; Soua, Ridha; Qiang, Tang (Eds.) et al Machine Intelligence and Data Analytics for Sustainable Future Smart Cities (2021)

While the adoption of connected vehicles is growing, security and privacy concerns are still the key barriers raised by society. These concerns mandate automakers and standardization groups to propose ... [more ▼]

While the adoption of connected vehicles is growing, security and privacy concerns are still the key barriers raised by society. These concerns mandate automakers and standardization groups to propose convenient solutions for privacy preservation. One of the main proposed solutions is the use of Pseudonym-Changing Strategies (PCSs). However, ETSI has recently published a technical report which highlights the absence of standardized and efficient PCSs [1]. This alarming situation mandates an innovative shift in the way that the privacy of end-users is protected during their journey. Software Defined Networking (SDN) is emerging as a key 5G enabler to manage the network in a dynamic manner. SDN-enabled wireless networks are opening up new programmable and highly-flexible privacy-aware solutions. We exploit this paradigm to propose an innovative software-defined location privacy architecture for vehicular networks. The proposed architecture is context-aware, programmable, extensible, and able to encompass all existing and future pseudonym-changing strategies. To demonstrate the merit of our architecture, we consider a case study that involves four pseudonym-changing strategies, which we deploy over our architecture and compare with their static implementations. We also detail how the SDN controller dynamically switches between the strategies according to the context. [less ▲]

Toward an SDN-based Data Collection Scheme for Vehicular Fog Computing

in IEEE International Conference on Communications ICC'2020 (2020, June 07)

With the integration of fog networks and vehicular networks, Vehicular Fog Computing (VFC) is a promising paradigm to efficiently collect data for improving safety, mobility, and driver experience during ... [more ▼]

With the integration of fog networks and vehicular networks, Vehicular Fog Computing (VFC) is a promising paradigm to efficiently collect data for improving safety, mobility, and driver experience during journeys. To this end, we exploit the Software-Defined Networking (SDN) paradigm to propose a fully-programmable, self-configurable, and context-aware data collection scheme for VFC. This scheme leverages a stochastic model to dynamically estimate the number of fog stations to be deployed. Our simulation results demonstrate that our proposed scheme provides lower latency and higher resiliency compared to classical data collection schemes. [less ▲]

VPGA: an SDN-based Location Privacy Zones Placement Scheme for Vehicular Networks

in 38th IEEE International Performance Computing and Communications Conference (IPCCC) (2019, October 29)

Making personal data anonymous is crucial to ensure the adoption of connected vehicles. One of the privacy-sensitive information is location, which once revealed can be used by adversaries to track ... [more ▼]

Making personal data anonymous is crucial to ensure the adoption of connected vehicles. One of the privacy-sensitive information is location, which once revealed can be used by adversaries to track drivers during their journey. Vehicular Location Privacy Zones (VLPZs) is a promising approach to ensure unlinkability. These logical zones can be easily deployed over roadside infrastructures (RIs) such as gas station or electric charging stations. However, the placement optimization problem of VLPZs is NP-hard and thus an efficient allocation of VLPZs to these RIs is needed to avoid their overload and the degradation of the QoS provided within theses RIs. This work considers the optimal placement of the VLPZs and proposes a genetic-based algorithm in a software defined vehicular network to ensure minimized trajectory cost of involved vehicles and hence less consumption of their pseudonyms. The analytical evaluation shows that the proposed approach is cost-efficient and ensures a shorter response time. [less ▲]