Decision Tree Based Attack Prediction And Analysis On Intelligent Traffic Signal System

For the recent years,with the disadvantages of traditional transportation systems emerging,connected vehicle(CV)technology has been paid more attention from governments and companies around the world for its ability to wirelessly connect vehicles and road infrastructure to improve transportation efficiency.But this huge efficiency and connectivity increase in transportation has also opened a new door for cyberattacks.On the Intelligent Traffic Signaling System(ISIG)designed by the U.S.Department of Transportation and being deployed in several states like New York State,Chen Qi et al.first discovered a dangerous data-poisoning congestion attack in 2018.This attack simply by adding falsified data from one malicious vehicle to the system could have the ability to reverse the optimization caused by ISIG signal planning and increase intersection delays to 14 times high.However,in our study we found that the success possibility of single-point vehicle congestion attack is not high enough,and the delay caused by the attack cannot be guaranteed.In the security protection research of ISIG system,there also lacks characteristic quantification and road vulnerability analysis for congestion attacks.Therefore,in order to proceed a systematic quantitative analysis of data poisoning congestion attack,from the perspective of machine learning,our study systematically analyzed the characteristics of congestion attack and its changes under different traffic flow.We used two kinds of interpretable machine learning models to construct a double direction prediction model,which provides support for analyzing congestion attack and the vulnerability of intersection.Our main research contents and contributions of this thesis are as follows:(1)We first proposed a congestion attack effect evaluation method based on optimal sparse decision tree(OSDT).Considering the multiple road traffic characteristics,our optimal sparse decision tree model is trained through the defined 29-dimensional feature data set to forward evaluate the attack consequences and analyze the influence of road characteristics.According to our survey,this study is the first standard data set for statistical analysis of ISIG congestion attacks,as well as the first security analysis work to assess and predict congestion attacks in both forward and reverse ways in the ISIG system.(2)In order to study the internal causes of different consequences caused by attacks in different phases,we further used tree regularization gated recurrent units(TGRU)to reversely predict the sources of congestion attacks.We reconstructed a 32-dimensional feature data set for vulnerable road environment to describe the interconnection of an8 phase intersection environment,then utilized the processed data set to train a prediction model based on regularization GRU algorithm,which is able to predict the potential source of congestion attack also the most vulnerable phase according to the given road environment,thus providing pertinent suggestions for future protection work.Our simulation platform of ISIG system was built based on VISSIM to reproduce the congestion attack.In a large number of experiments based on real world intersection settings,195 attack evaluation samples and 384 optimal congestion attack samples were collected and organized from the simulation platform,and the prediction accuracy of the trained model reached 78.6% and 88%,respectively.In this thesis,by comparing with other popular decision tree algorithms,it is proved that the algorithm used in this thesis has achieved good accuracy and high interpretability.Based on the visual decision tree diagrams generated by the two models,we conducted a detailed evaluation of the characteristics and effects of congestion attacks,as well as a thorough analysis of each phase of congestion attacks,and at the end we discussed the possible future enhancement defense strategies.