WOLVES: Window of Opportunity attack feasibility likelihood value estimation through a simulation-based approach

IF 4.8 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Computers & Security Pub Date : 2025-06-14 DOI:10.1016/j.cose.2025.104549

Suraj Harsha Kamtam , Qian Lu , Abdur Rakib , Muhamad Azfar Ramli , Rakhi Manohar Mepparambath , Siraj Ahmed Shaikh , Hoang Nga Nguyen

{"title":"WOLVES: Window of Opportunity attack feasibility likelihood value estimation through a simulation-based approach","authors":"Suraj Harsha Kamtam , Qian Lu , Abdur Rakib , Muhamad Azfar Ramli , Rakhi Manohar Mepparambath , Siraj Ahmed Shaikh , Hoang Nga Nguyen","doi":"10.1016/j.cose.2025.104549","DOIUrl":null,"url":null,"abstract":"<div><div>The Road Vehicles Cybersecurity Engineering Standard, ISO/SAE 21434, provides a framework for road vehicle Threat Analysis and Risk Assessment (TARA). The TARA framework must include Connected Vehicles (CVs) and their connectivity with external interfaces. However, assessing cyber-attack feasibility on CVs is a significant challenge, as traditionally, qualitative and subjective expert opinions are the norm. Additionally, there is a need for historical data on security-related incidents and dynamically evolving interconnected vehicle-to-everything (V2X) entities for feasibility assessment, which is not readily available. To address this problem, this paper presents, to the best of our knowledge, the first simulation-based TARA framework designed to characterise, quantify, and assess the Window of Opportunity (WO) for attackers—a metric that indicates the likelihood of an attack. A case study involving Bluetooth, with one attacker and one target, is modelled to demonstrate the proposed framework WOLVES’s applicability. Two scenarios have been investigated using different motorway roads in the UK. The primary outcome is the WOLVES framework, which employs a data-driven approach using both prior and likelihood information to estimate the probability of a successful cyber attack on a given technology in CVs. The findings from this research could assist threat analysts, decision-makers, and planners involved in CV risk assessment by enhancing the modelling of attack feasibility for cybersecurity threats in dynamic scenarios and developing appropriate mitigation strategies.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"157 ","pages":"Article 104549"},"PeriodicalIF":4.8000,"publicationDate":"2025-06-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computers & Security","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S016740482500238X","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

The Road Vehicles Cybersecurity Engineering Standard, ISO/SAE 21434, provides a framework for road vehicle Threat Analysis and Risk Assessment (TARA). The TARA framework must include Connected Vehicles (CVs) and their connectivity with external interfaces. However, assessing cyber-attack feasibility on CVs is a significant challenge, as traditionally, qualitative and subjective expert opinions are the norm. Additionally, there is a need for historical data on security-related incidents and dynamically evolving interconnected vehicle-to-everything (V2X) entities for feasibility assessment, which is not readily available. To address this problem, this paper presents, to the best of our knowledge, the first simulation-based TARA framework designed to characterise, quantify, and assess the Window of Opportunity (WO) for attackers—a metric that indicates the likelihood of an attack. A case study involving Bluetooth, with one attacker and one target, is modelled to demonstrate the proposed framework WOLVES’s applicability. Two scenarios have been investigated using different motorway roads in the UK. The primary outcome is the WOLVES framework, which employs a data-driven approach using both prior and likelihood information to estimate the probability of a successful cyber attack on a given technology in CVs. The findings from this research could assist threat analysts, decision-makers, and planners involved in CV risk assessment by enhancing the modelling of attack feasibility for cybersecurity threats in dynamic scenarios and developing appropriate mitigation strategies.

查看原文本刊更多论文

WOLVES：基于仿真方法的机会之窗攻击可行性可能性值估计

道路车辆网络安全工程标准ISO/SAE 21434为道路车辆威胁分析和风险评估（TARA）提供了一个框架。TARA框架必须包括联网车辆（cv）及其与外部接口的连接。然而，评估网络攻击简历的可行性是一项重大挑战，因为传统上，定性和主观的专家意见是常态。此外，还需要安全相关事件的历史数据，以及动态发展的车联网（V2X）实体，以进行可行性评估，而这些数据并不容易获得。为了解决这个问题，据我们所知，本文提出了第一个基于仿真的TARA框架，旨在描述、量化和评估攻击者的机会之窗（WO）——一个表明攻击可能性的指标。一个涉及蓝牙的案例研究，一个攻击者和一个目标，建模，以证明提出的框架狼的适用性。在英国使用不同的高速公路调查了两种情况。主要成果是WOLVES框架，该框架采用数据驱动的方法，使用先验和可能性信息来估计简历中特定技术成功遭受网络攻击的可能性。这项研究的结果可以通过增强动态场景下网络安全威胁的攻击可行性建模和制定适当的缓解策略，帮助威胁分析师、决策者和规划者参与CV风险评估。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Computers & Security 工程技术-计算机：信息系统

CiteScore

12.40

自引率

7.10%

发文量

365

审稿时长

10.7 months

期刊介绍： Computers & Security is the most respected technical journal in the IT security field. With its high-profile editorial board and informative regular features and columns, the journal is essential reading for IT security professionals around the world. Computers & Security provides you with a unique blend of leading edge research and sound practical management advice. It is aimed at the professional involved with computer security, audit, control and data integrity in all sectors - industry, commerce and academia. Recognized worldwide as THE primary source of reference for applied research and technical expertise it is your first step to fully secure systems.