| Modern vehicles are now information systems, with the ability to communicate. Vehicle security requires more than physical security. Research to date has been piece-meal, looking for vulnerabilities in specific implementations of isolated applications. Most of this work concentrates on car theft, even through modern automotive systems are subject to a much wider range of potential abuses. We provide a survey of connected vehicle security. It is the first complete survey in the literature. In our survey, we consider the automotive system stakeholders and the assets they need to protect. We use this security information to map the automotive security research literature onto the taxonomy CERT (Computer Emergence Response Team) uses to describe on-line security incidents, in order to find which threats are not being adequately addressed. We provide solutions to some of them.;Among the attacks on connected vehicle systems we find, we focus on Denial of Service (DoS) attacks at three levels of connected vehicle system, the lower physical network level, the middle security protocol level, and the connected vehicle application level. For the physical network layer, we consider DoS attacks on WiMAX (Worldwide Interoperability for Microwave Access) networks, because WiMAX is a popular broadband network candidate for connected vehicles. Above the network level, it is common practice to rely on security protocols to secure connected vehicle applications. The literature ignores that security protocols are subject to DoS attacks. At the application level, we consider DoS attacks on Business Service Integration application. In the application, customers can connect their cars to the manufacturer's backend server to use the services (e.g. diagnostic checks, software update, entertainment) provided by the manufacturer.;We study a new DoS attack on WiMAX networks that exploits parameter settings. We use experimental design techniques and ANOVA (analysis of variance) to quantify how individual parameters and parameter interactions determine WiMAX vulnerability to the attack. Simulations are performed using the ns-2 network simulator. Our study is the first to consider this new DoS attack and it provides guidelines for evaluating WiMAX parameter configurations. This same approach can be applied to other networking technologies as well.;In analyzing DoS vulnerabilities of security protocols, we create DoS attack and security protocol defense models. We model a security protocol, the attack and defense as a CSPN(Colored Stochastic Petri Net) model. We derive a zero-sum game from the CSPN model. By solving the game, we obtain optimal strategies for both attack and defense sides. Our work is the first to analyze DoS vulnerabilities of security protocols and provides a way of evaluating security protocol implementations.;We treat DoS attacks on Business Services Integration application as a game between the attacker and the manufacturer backend server. The game is like a Markov game, except that payoffs and state transition probabilities are not constant over time, because in the game, in addition to the attacker and the server, there is an uninterested third party, the users. To deal with this issue, we create a new game model, Quasi-Markov game. This new game model also fits other adversarial problems. Linear programming and dynamic programming are common solutions to Markov games. We propose a hybrid of linear programming and dynamic programming for the Quasi-Markov game, which overcomes the shortcomings of linear programming being computational expensive and dynamic programming being able to find only pure strategies. Simulations show that our hybrid approach behaves at least as good as the other two, even better in most cases. |
