Hybrid framework for security evaluation in Internet of Vehicles

IF 4.8 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Computers & Security Pub Date : 2025-03-01 DOI:10.1016/j.cose.2025.104398

Nan Sun , Wei Wang , Kexin Liu , Donghong Li , Jinhu Lü

{"title":"Hybrid framework for security evaluation in Internet of Vehicles","authors":"Nan Sun , Wei Wang , Kexin Liu , Donghong Li , Jinhu Lü","doi":"10.1016/j.cose.2025.104398","DOIUrl":null,"url":null,"abstract":"<div><div>Advancements in communication technology are driving the rapid evolution of the Internet of Vehicles (IoV) industry, paving the way for future connected vehicle ecosystems. Current vehicle cyber-security efforts primarily concentrate on vulnerabilities within the Controller Area Network (CAN) of existing automobiles. However, the anticipated proliferation of Internet of Vehicles (IoV) capabilities in the near future brings forth a new set of cyber-security challenges. Traditional IoV security analysis methods often focus on either data or dynamic models to assess malicious vehicle behavior, lacking a comprehensive, multidimensional security evaluation approach. In this paper, a novel IoV security analysis framework is proposed, integrating vehicle dynamics models with driving behavior and communication traffic data. The framework employs set-membership filtering algorithms and deep learning techniques to comprehensively assess vehicle status and detect a wide range of security threats, including ARP spoofing, flooding attacks, and speeding, while ensuring adaptability to diverse threat scenarios. Security scores are dynamically generated based on varying threat levels using an enhanced Dempster-Shafer theory, enabling robust threat evaluation. Although the proposed framework is designed for future IoV implementations, its effectiveness is validated through joint simulations conducted in CARLA and OMNeT++, demonstrating its potential to enhance both current and next-generation vehicle networks. Additionally, the proposed framework is designed to be modular, enabling seamless integration with existing connected vehicle security systems and ensuring its relevance for both current and future IoV networks.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"153 ","pages":"Article 104398"},"PeriodicalIF":4.8000,"publicationDate":"2025-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computers & Security","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0167404825000872","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

Advancements in communication technology are driving the rapid evolution of the Internet of Vehicles (IoV) industry, paving the way for future connected vehicle ecosystems. Current vehicle cyber-security efforts primarily concentrate on vulnerabilities within the Controller Area Network (CAN) of existing automobiles. However, the anticipated proliferation of Internet of Vehicles (IoV) capabilities in the near future brings forth a new set of cyber-security challenges. Traditional IoV security analysis methods often focus on either data or dynamic models to assess malicious vehicle behavior, lacking a comprehensive, multidimensional security evaluation approach. In this paper, a novel IoV security analysis framework is proposed, integrating vehicle dynamics models with driving behavior and communication traffic data. The framework employs set-membership filtering algorithms and deep learning techniques to comprehensively assess vehicle status and detect a wide range of security threats, including ARP spoofing, flooding attacks, and speeding, while ensuring adaptability to diverse threat scenarios. Security scores are dynamically generated based on varying threat levels using an enhanced Dempster-Shafer theory, enabling robust threat evaluation. Although the proposed framework is designed for future IoV implementations, its effectiveness is validated through joint simulations conducted in CARLA and OMNeT++, demonstrating its potential to enhance both current and next-generation vehicle networks. Additionally, the proposed framework is designed to be modular, enabling seamless integration with existing connected vehicle security systems and ensuring its relevance for both current and future IoV networks.

查看原文本刊更多论文

车联网安全评估的混合框架

通信技术的进步正在推动车联网（IoV）产业的快速发展，为未来的互联汽车生态系统铺平道路。目前的车辆网络安全工作主要集中在现有汽车的控制器区域网络（CAN）中的漏洞上。然而，在不久的将来，车联网（IoV）功能的预期扩散带来了一系列新的网络安全挑战。传统的车联网安全分析方法往往侧重于数据或动态模型来评估恶意车辆行为，缺乏全面、多维的安全评估方法。本文提出了一种新的车联网安全分析框架，该框架将车辆动力学模型与驾驶行为和通信流量数据相结合。该框架采用集成员过滤算法和深度学习技术，全面评估车辆状态，检测各种安全威胁，包括ARP欺骗、洪水攻击和超速，同时确保对各种威胁场景的适应性。使用增强的Dempster-Shafer理论，根据不同的威胁级别动态生成安全分数，从而实现稳健的威胁评估。虽然所提出的框架是为未来的车联网实施而设计的，但通过在CARLA和omnet++中进行的联合模拟验证了其有效性，证明了其增强当前和下一代车辆网络的潜力。此外，拟议的框架被设计为模块化，能够与现有的联网车辆安全系统无缝集成，并确保其与当前和未来的车联网网络的相关性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Computers & Security 工程技术-计算机：信息系统

CiteScore

12.40

自引率

7.10%

发文量

365

审稿时长

10.7 months

期刊介绍： Computers & Security is the most respected technical journal in the IT security field. With its high-profile editorial board and informative regular features and columns, the journal is essential reading for IT security professionals around the world. Computers & Security provides you with a unique blend of leading edge research and sound practical management advice. It is aimed at the professional involved with computer security, audit, control and data integrity in all sectors - industry, commerce and academia. Recognized worldwide as THE primary source of reference for applied research and technical expertise it is your first step to fully secure systems.