Skip to content

Codes and results of my Graduation Thesis: V2X IoV Attack Graph Generation Technique

License

Notifications You must be signed in to change notification settings

MekAkUActOR/Distributed_Bayesian_Attack_Graph

Repository files navigation

ATTACK GRAPH GENERATION TECHNIQUE FOR V2X INTERNET OF VEHICLES

ABSTRACT

Recent years have witnessed the rapid development of Internet of Vehicles (IoV) technology, and Vehicle-to-Everything (V2X) communication is gradually becoming a reality. However, compared with traditional networks, the composition and structure of the IoV are much more complex and vulnerable. What’s worse, the dynamicity, timeliness, complexity, and large-scale of the IoV make it difficult for people to analyze the overall security risk of the IoV effectively. Therefore, there is an urgent need for an IoV security risk analysis and assessment technique to obtain real-time IoV security status, assist network administrator to make security decisions, and efficiently maintain IoV security.

This paper proposes a V2X IoV attack graph generation and analysis scheme for real-time and effective security risk analysis and assessment of the IoV. Firstly, we construct an IoV security ontology model to standardize the description of entities and the complex relationship between entities in the IoV. Then, based on the IoV security ontology model and the IoV security knowledge database, we construct an IoV attack graph generation rule set. After that, based on the IoV MEC (Multi-access Edge Computing) and C-V2X (Cellular-V2X) communication architecture, we design a distributed attack graph generation and analysis scheme to generate and analyze the real-time attack graph of the IoV with low latency, to quantitatively assess the risk in the IoV. Finally, we implement the prototype system based on the scheme, and build attack scenario test cases to test the prototype system’s correctness, effectiveness and real-time. Experimental results show that the prototype system can generate global Bayesian attack graphs of the IoV correctly with low latency, present the complete attack paths in the IoV, and provide local and global quantitative risk value to assist the security management of the IoV.

Key words: attack graph, quantitative risk assessment, C-V2X, MEC, IoV securit

Distributed_Bayesian_Attack_Graph

results folder contains complete attack graphs (AG).

  • 图4–7 The global AG of IoV directly generated by MulVAL MulVAL直接生成的车联网全局攻击图 -> global_MulVAL.pdf
  • 图4–8 The local AG of the cloud 云平台局部攻击图 -> vCloud.pdf
  • 图4–9 The local AG of cellular service area 1 蜂窝服务区1局部攻击图 -> V2X1.pdf
  • 图4–10 The local AG of cellular service area 2 蜂窝服务区2局部攻击图 -> V2X2.pdf
  • 图4–11 The local AG of cellular service area 3 蜂窝服务区3局部攻击图 -> V2X3.pdf
  • 图4–12 4-13 The global Bayesian AG 全局贝叶斯攻击图 -> bayesianAG.pdf
  • 图4–14 The global Bayesian AG after topology changes 拓扑变化后的全局贝叶斯攻击图 -> bayesianAG_topo.pdf
  • 图4–15 The global Bayesian AG after vulnerability changes 漏洞变化后的全局贝叶斯攻击图 -> bayesianAG_vuln.pdf
  • 图4–16 The global Bayesian AG after vehicle state changes 车辆状态变化后的全局贝叶斯攻击图 -> bayesianAG_vstate.pdf
  • 图4–17 The global Bayesian AG after SQL service vuln fixed 修复SQL服务漏洞后的全局贝叶斯攻击图 -> bayesianAG_fixvuln.pdf
  • 图4–18 The global Bayesian AG after bluetooth vuln fixed 修复蓝牙漏洞后的全局贝叶斯攻击图 -> bayesianAG_fixvuln2.pdf

About

Codes and results of my Graduation Thesis: V2X IoV Attack Graph Generation Technique

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published