Security and privacy in intelligent transportation systems: challenges and solutions
Date
2024
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
University of Delaware
Abstract
Recent advancements in communication, computing, and mobile technologies facilitate the emergence of Intelligent Transportation Systems (ITS), which are widely expected to make travel safer, faster, more environmentally friendly, and more convenient. For example, Connected Vehicle (CV) technology is expected to enhance traffic safety and efficiency by enabling safety and mobility information exchanges among vehicles, pedestrians, and infrastructure. Additionally, Mobility on Demand (MOD) services, such as carpooling and ridesharing, have the potential to reduce traffic congestion and carbon emissions through more efficient vehicle utilization. Despite the potential benefits, the proliferation of ITS faces substantial challenges, particularly in terms of security and privacy. For instance, recent studies demonstrated that attackers could create traffic jams by generating false CV reports and disseminating misleading mobility information. Moreover, concerns about privacy may deter drivers and riders from participating in ridesharing services, particularly if it requires them to share sensitive information such as current locations and planned routes with the service provider. This dissertation is dedicated to addressing three critical security and privacy challenges within ITS, aiming to overcome these obstacles and unlock its full potential. ☐ First, we study the problem of data spoofing attacks in CV-based traffic signal systems. Effective CV-based traffic control relies on accurate estimation of the queue length to determine the optimal traffic signal control plans. While significant efforts have been made on accurate queue length estimation, the robustness of queue length estimation has so far received very limited attention. Recent studies show that malicious CVs can manipulate the estimated queue length and cause traffic jams by transmitting false mobility information. To address this challenge, we propose a robust queue length estimation mechanism for CV-based traffic signal systems, ensuring accurate queue length estimation despite the presence of multiple malicious CVs. ☐ Second, we investigate the problem of Sybil attacks within CV-based ITS. Sybil attacks pose a significant threat to CV-based ITS, in which an attacker creates multiple fake CVs and disseminates false mobility information to mislead CV-based ITS into making sub-optimal decisions. Existing solutions are either dependent on multiple Roadside Units (RSUs) or rely on unreliable physical measurements like the Received Signal Strength Indicator (RSSI). To tackle this challenge, we propose a novel detection scheme for Sybil attacks, utilizing a more reliable physical measurement: Angle-of-Arrival (AoA). Our scheme enables CV-based ITS to effectively detect Sybil attacks and accurately identify malicious CVs using only a single RSU. ☐ Third, we focus on addressing the privacy concerns in ridesharing services. Current ridesharing services require both drivers and riders to submit their planned routes and departure times to the service provider for ride-matching. While the drivers and riders that are successfully matched can enjoy the service, those who fail to find a match reveal their locations and travel plans to the service provider in vain. As a result, potential users with privacy concerns would be reluctant to participate in ridesharing without a strong privacy guarantee for their submitted data. Existing privacy-preserving ridesharing schemes typically depend on advanced cryptographic techniques, such as homomorphic encryption and secure multi-party computation. Although these solutions can provide strong privacy guarantees, they lead to high computation and communication overheads and require complex coordination among multiple parties, which can be challenging in a dynamic ridesharing context. To tackle this challenge, we introduce a novel privacy-preserving ridesharing mechanism that effectively facilitates ride matching while providing a strong privacy guarantee for users.
Description
Keywords
Connected Vehicle, Data privacy, Intelligent Transportation Systems, Network security, Mobility on Demand