This paper presents SixPack, a cyber attack to VANET communications that is able to go undetected by the current state-of-the-art anomaly detectors. The SixPack attack is a dynamic attack conducted by an insider attacker who modifies the content of the Basic Safety Messages to pretend a sudden activation of the braking system with the consequent activation of the Anti-lock Braking System, and create a fake representation of the vehicle. The attacker then rejoins the fake representation of the vehicle with the real one, avoiding the current state-of-the-art anomaly detectors. We experimentally evaluated the evasion capabilities of the SixPack attack using the F2MD test framework on the LuST and LuSTMini city scenarios, demonstrating the ability of the attacker to generate a high percentage of false positives that prevent the attack from being detected consistently.
SixPack: Abusing ABS to avoid Misbehavior detection in VANETs / Pollicino, F.; Stabili, D.; Bella, G.; Marchetti, M.. - 2021-:(2021), pp. 1-6. (Intervento presentato al convegno 93rd IEEE Vehicular Technology Conference, VTC 2021-Spring tenutosi a Helsinki, Finland nel 2021) [10.1109/VTC2021-Spring51267.2021.9448656].
SixPack: Abusing ABS to avoid Misbehavior detection in VANETs
Pollicino F.;Stabili D.;Marchetti M.
2021
Abstract
This paper presents SixPack, a cyber attack to VANET communications that is able to go undetected by the current state-of-the-art anomaly detectors. The SixPack attack is a dynamic attack conducted by an insider attacker who modifies the content of the Basic Safety Messages to pretend a sudden activation of the braking system with the consequent activation of the Anti-lock Braking System, and create a fake representation of the vehicle. The attacker then rejoins the fake representation of the vehicle with the real one, avoiding the current state-of-the-art anomaly detectors. We experimentally evaluated the evasion capabilities of the SixPack attack using the F2MD test framework on the LuST and LuSTMini city scenarios, demonstrating the ability of the attacker to generate a high percentage of false positives that prevent the attack from being detected consistently.File | Dimensione | Formato | |
---|---|---|---|
main.pdf
Accesso riservato
Descrizione: Articolo
Tipologia:
Versione dell'autore revisionata e accettata per la pubblicazione
Dimensione
223.21 kB
Formato
Adobe PDF
|
223.21 kB | Adobe PDF | Visualizza/Apri Richiedi una copia |
Pubblicazioni consigliate
I metadati presenti in IRIS UNIMORE sono rilasciati con licenza Creative Commons CC0 1.0 Universal, mentre i file delle pubblicazioni sono rilasciati con licenza Attribuzione 4.0 Internazionale (CC BY 4.0), salvo diversa indicazione.
In caso di violazione di copyright, contattare Supporto Iris