Conducting forensic investigations of cyber attacks on automobile in-vehicle networks

2008 ◽  
Author(s):  
Dennis K. Nilsson ◽  
Ulf E. Larson
Keyword(s):  
Cyber Attacks ◽  
Vehicle Networks ◽  
Forensic Investigations

Conducting Forensic Investigations of Cyber Attacks on Automobile In-Vehicle Networks

2010 ◽  
pp. 647-660 ◽  
Author(s):  
Dennis K. Nilsson ◽  
Ulf E. Larson
Keyword(s):  
Data Collection ◽  
Cyber Attacks ◽  
Entry Point ◽  
Forensic Investigation ◽  
Digital Forensic ◽  
Event Reconstruction ◽  
Vehicle Networks ◽  
Digital Investigation ◽  
Investigation Process ◽  
Vehicle Network

The introduction of a wireless gateway as an entry point to the automobile in-vehicle network reduces the effort of performing diagnostics and firmware updates considerably. Unfortunately, the same gateway also allows cyber attacks to target the unprotected network which currently lacks proper means for detecting and investigating security-related events. In this article, we discuss how to perform a digital forensic investigation of an in-vehicle network. An analysis of the current features of the network is performed, and an attacker model is developed. Based on the attacker model and a set of generally accepted forensic investigation principles, we derive a list of requirements for detection, data collection, and event reconstruction. We then use the Integrated Digital Investigation Process proposed by Carrier and Spafford (2004) as a template to illustrate how our derived requirements affect an investigation. For each phase of the process, we show the benefits of meeting the requirements and the implications of not complying with them.

scholarly journals LATTE: L STM Self- Att ention based Anomaly Detection in E mbedded Automotive Platforms

2021 ◽  
Vol 20 (5s) ◽  
pp. 1-23
Author(s):  
Vipin Kumar Kukkala ◽  
Sooryaa Vignesh Thiruloga ◽  
Sudeep Pasricha
Keyword(s):  
Anomaly Detection ◽  
Short Term Memory ◽  
Detailed Comparison ◽  
Cyber Attacks ◽  
Area Network ◽  
Automotive Applications ◽  
Distributed Embedded Systems ◽  
Detection Scheme ◽  
Design Time ◽  
Vehicle Networks

Modern vehicles can be thought of as complex distributed embedded systems that run a variety of automotive applications with real-time constraints. Recent advances in the automotive industry towards greater autonomy are driving vehicles to be increasingly connected with various external systems (e.g., roadside beacons, other vehicles), which makes emerging vehicles highly vulnerable to cyber-attacks. Additionally, the increased complexity of automotive applications and the in-vehicle networks results in poor attack visibility, which makes detecting such attacks particularly challenging in automotive systems. In this work, we present a novel anomaly detection framework called LATTE to detect cyber-attacks in Controller Area Network (CAN) based networks within automotive platforms. Our proposed LATTE framework uses a stacked Long Short Term Memory (LSTM) predictor network with novel attention mechanisms to learn the normal operating behavior at design time. Subsequently, a novel detection scheme (also trained at design time) is used to detect various cyber-attacks (as anomalies) at runtime. We evaluate our proposed LATTE framework under different automotive attack scenarios and present a detailed comparison with the best-known prior works in this area, to demonstrate the potential of our approach.

Conducting Forensic Investigations of Cyber Attacks on Automobile In-Vehicle Networks

2011 ◽  
pp. 115-128
Author(s):  
Dennis K. Nilsson ◽  
Ulf E. Larson
Keyword(s):  
Data Collection ◽  
Cyber Attacks ◽  
Entry Point ◽  
Forensic Investigation ◽  
Digital Forensic ◽  
Event Reconstruction ◽  
Vehicle Networks ◽  
Digital Investigation ◽  
Investigation Process ◽  
Vehicle Network

The introduction of a wireless gateway as an entry point to the automobile in-vehicle network reduces the effort of performing diagnostics and firmware updates considerably. Unfortunately, the same gateway also allows cyber attacks to target the unprotected network which currently lacks proper means for detecting and investigating security-related events. In this article, we discuss how to perform a digital forensic investigation of an in-vehicle network. An analysis of the current features of the network is performed, and an attacker model is developed. Based on the attacker model and a set of generally accepted forensic investigation principles, we derive a list of requirements for detection, data collection, and event reconstruction. We then use the Integrated Digital Investigation Process proposed by Carrier and Spafford (2004) as a template to illustrate how our derived requirements affect an investigation. For each phase of the process, we show the benefits of meeting the requirements and the implications of not complying with them.

Internal control in banks: Assessing the risk of cyber attacks

2019 ◽  
Vol 25 (3) ◽  
pp. 500-513
Author(s):  
P.V. Revenkov ◽  
Keyword(s):  
Internal Control ◽  
Cyber Attacks

Cyber attacks as a source of operational risk in electronic banking

2018 ◽  
Vol 24 (3) ◽  
pp. 629-640
Author(s):  
P.V. Revenkov ◽  
◽  
A.A. Berdyugin ◽  
Keyword(s):  
Operational Risk ◽  
Cyber Attacks ◽  
Electronic Banking
Sign in / Sign up

Export Citation Format

Share Document