As time goes on, more cars are being manufactured with connected vehicle technology (CV) to easily connect vehicles to transportation infrastructure via wireless communication. The goal of the technology is to improve mobility, safety, environmental impact, and public agency operations.
The US Department of Transportation has started implementing a CV-based system called Intelligent Traffic Signal System (I-SIG), which is a vehicle-to-infrastructure technology that uses real-time vehicle trajectory data to intelligently control the duration and sequence of traffic signals. With the use of this system comes vulnerabilities, and Michigan researchers have demonstrated that even one single cyber attack can greatly manipulate the intelligent traffic control algorithm in the current I-SIG system and cause severe traffic jams.
The researchers, including CSE PhD student Qi Alfred Chen, computer science undergraduate student Yucheng Yin, CSE Prof. Z. Morley Mao, CEE Prof. Henry Liu, and UMTRI research scientist Dr. Yiheng Feng, believe attackers can compromise their own vehicle or other people’s vehicles (physically, wirelessly, or through malware), and send malicious CV messages with spoofed driving data (e.g., speed and location) to the I-SIG system. This can cause massive congestion and can even cause a blocking effect to jam an entire intersection direction.
In the video below, they demonstrate how one single attack vehicle parking nearby can exploit the newly-discovered congestion creation vulnerabilities in the current I-SIG system and cause severe traffic jams.
To demonstrate the security vulnerabilities, the researchers first performed a security analysis on the I-SIG system design, and created spoofing strategies. They then performed vulnerability analysis by trying all the data spoofing options for these strategies to understand the attack effectiveness. After that, they analyzed the causes for the highly effective attack results, and constructed practical exploits under real-world attack constraints.
The researchers discovered that the massive congestion is due to two congestion creation vulnerabilities. The first one is called "last vehicle advantage", which allows an attacker to determine the traffic signal plan by spoofing as a late arriving vehicle. The other is called "curse of the transition period", which allows an attacker to inject tens of "ghost vehicles" to substantially influence the traffic signal plan.
The researchers state that “an attack can completely reverse the benefit of a connected vehicle-based signal control system by causing the traffic mobility to be 23.4% worse than that without adopting such system.”
To defend against an attack, they recommend: designing an effective and robust signal control algorithms specifically for the transition period, performance improvement for road-side units, and data spoofing detection using infrastructure-controlled sensors.
More information is available in their research paper entitled "Exposing Congestion Attack on Emerging Connected Vehicle based Traffic Signal Control", which was presented at the 2018 NDSS Symposium in San Diego, California.
Posted: March 26, 2018