A Precedence Graph-Based Approach to Detect Message Injection Attacks in J1939 Based Networks

Mukherjee, Subhojeet; Walkery, Jacob; Rayz, Indrakshi; Daily, Jeremy

doi:10.1109/pst.2017.00018

Cited by 5 publications

(4 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Moreover, 3 out of 64, 2 out of 64, and 2 out of 64 perform attack analysis, fault analysis, and safety assessment, respectively. Besides, 10 out 64 studies perform distinct functionalities, comprising of Lipeng et al [43], Niamat et al [51], Alexandre et al [55], Sabarathinam et al [56], Mario C et al [58], Elvin et al [64], Subhojeet et al [67], Huai et al [68], Sher et al [91], and TIAN et al [94], holistic event investigation, resilience quantification, cyber impact assessment, root cause analysis, intrusion detection, trust computation, anomaly detection, reliability assessment, software verification, and water traffic management, respectively.…”

Section: Applicability Threat Actor and Implementation Criteriamentioning

confidence: 99%

“…Mingjing et al [47] Simulation Not Specified Xiaoxue et al [48] Real-time Not Specified Xin et al [49] Real-time Not Specified Meizhi et al [50] Preliminary Not Specified Niamat et al [51] Preliminary Outsider, Insider Chengpeng et al [52] Real-time Not Specified Yi et al [53] Simulation Not Specified Barry et al [54] Preliminary Not Specified Alexandre et al [55] Simulation Outsider Sabarathinam et al [56] Simulation Not Specified Seyedmohsen et al [57] Simulation Not Specified Mario et al [58] Simulation Not Specified Chao et al [59] Preliminary Not Specified Nima et al [60] Real-time Outsider Hui et al [61] Real-time Outsider Xiqiang et al [62] Real-time Not Specified Jamal et al [63] Simulation Not Specified Elvin et al [64] Preliminary Not Specified Xiaoyan et al [65] Real-time Not Specified Ying et al [66] Real-time Outsider Subhojeet et al [67] Simulation Not Specified Huai et al [68] Simulation Not Specified Gabriele et al [69] Preliminary Not Specified Zhiqiang et al [70] Simulation Not Specified Jinsoo et al [71] Real-time Insider Donya et al [72] Preliminary Not Specified Xianyou et al [73] Preliminary Not Specified Galizia et al [74] Simulation Not Specified Francesca et al [75] Simulation Outsider Zhao et al [76] Real-time Not Specified Mark et al [77] Real-time Outsider, Insider Remya et al [78] Simulation Not Specified Xin Chen [79] Simulation Not Specified Mark et al [80] Preliminary Not Specified Martin et al [81] Preliminary Not Specified Jinsoo et al…”

Section: Study Implementation Criteria Threat Actormentioning

confidence: 99%

“…Complex data collection process, an automatic technology for collecting required information, is not considered. Subhojeet et al [67] Capability to recognize malicious threats and differentiate them from safety-critical activities.…”

Section: Ying Et Al [66]mentioning

confidence: 99%

See 2 more Smart Citations

Towards Integration of Security and Safety Measures for Critical Infrastructures Based on Bayesian Networks and Graph Theory: A Systematic Literature Review

Pirbhulal

Gkioulos

Katsikas

2021

Signals

View full text Add to dashboard Cite

In recent times, security and safety are, at least, conducted in safety-sensitive or critical sectors. Nevertheless, both processes do not commonly analyze the impact of security risks on safety. Several scholars are focused on integrating safety and security risk assessments, using different methodologies and tools in critical infrastructures (CIs). Bayesian networks (BN) and graph theory (GT) have received much attention from academia and industries to incorporate security and safety features for different CI applications. Hence, this study aims to conduct a systematic literature review (SLR) for co-engineering safety and security using BN or GT. In this SLR, the preferred reporting items for systematic reviews and meta-analyses recommendations (PRISMA) are followed. Initially, 2295 records (acquired between 2011 and 2020) were identified for screening purposes. Later on, 240 articles were processed to check eligibility criteria. Overall, this study includes 64 papers, after examining the pre-defined criteria and guidelines. Further, the included studies were compared, regarding the number of required nodes for system development, applied data sources, research outcomes, threat actors, performance verification mechanisms, implementation scenarios, applicability and functionality, application sectors, advantages, and disadvantages for combining safety, and security measures, based on GT and BN. The findings of this SLR suggest that BN and GT are used widely for risk and failure management in several domains. The highly focused sectors include studies of the maritime industry (14%), vehicle transportation (13%), railway (13%), nuclear (6%), chemical industry (6%), gas and pipelines (5%), smart grid (5%), network security (5%), air transportation (3%), public sector (3%), and cyber-physical systems (3%). It is also observed that 80% of the included studies use BN models to incorporate safety and security concerns, whereas 15% and 5% for GT approaches and joint GT and BN methodologies, respectively. Additionally, 31% of identified studies verified that the developed approaches used real-time implementation, whereas simulation or preliminary analysis were presented for the remaining methods. Finally, the main research limitations, concluding remarks and future research directions, are presented

show abstract

Section: Applicability Threat Actor and Implementation Criteriamentioning

confidence: 99%

Section: Study Implementation Criteria Threat Actormentioning

confidence: 99%

See 1 more Smart Citation

Towards Integration of Security and Safety Measures for Critical Infrastructures Based on Bayesian Networks and Graph Theory: A Systematic Literature Review

Pirbhulal

Gkioulos

Katsikas

2021

Signals

View full text Add to dashboard Cite

show abstract

“…Increasing complexity provides ubiquitous connectivity for autonomous driving and infotainment but comes with opportunities to exploit vulnerabilities in the networks and ECUs [1], [3], [4], [10], [16], [22], [25], [30]. These exploits motivate authentication and intrusion detection systems (IDSs) [17], [19], [21], [24], [26]- [28], [31], [38]- [40] especially in the controller area network (CAN) because it is used in the majority of vehicles.…”

Section: Introductionmentioning

confidence: 99%

WeepingCAN: A Stealthy CAN Bus-off Attack

Bloom¹

2021

Proceedings Third International Workshop on Automotive and Autonomous Vehicle Security

View full text Add to dashboard Cite

The controller area network (CAN) is a high-value asset to defend and attack in automobiles. The bus-off attack exploits CAN's fault confinement to force a victim electronic control unit (ECU) into the bus-off state, which prevents it from using the bus. Although pernicious, the bus-off attack has two distinct phases that are observable on the bus and allow the attack to be detected and prevented. In this paper we present Weeping-CAN, a refinement of the bus-off attack that is stealthy and can escape detection. We evaluate WeepingCAN experimentally using realistic CAN benchmarks and find it succeeds in over 75% of attempts without exhibiting the detectable features of the original attack. We demonstrate WeepingCAN on a real vehicle.

show abstract

Using Machine Learning to Detect Anomalies in Embedded Networks in Heavy Vehicles

Shirazi

Ray

Anderson

2020

Foundations and Practice of Security

View full text Add to dashboard Cite

A Precedence Graph-Based Approach to Detect Message Injection Attacks in J1939 Based Networks

Cited by 5 publications

References 6 publications

Towards Integration of Security and Safety Measures for Critical Infrastructures Based on Bayesian Networks and Graph Theory: A Systematic Literature Review

Towards Integration of Security and Safety Measures for Critical Infrastructures Based on Bayesian Networks and Graph Theory: A Systematic Literature Review

WeepingCAN: A Stealthy CAN Bus-off Attack

Using Machine Learning to Detect Anomalies in Embedded Networks in Heavy Vehicles

Contact Info

Product

Resources

About