Sage Journals: Discover world-class research

Abstract

This paper aims at developing a novel detection and identification method against malicious attacks in intelligent transportation. Due to the development and applications of communication and advanced sensor technologies, intelligent transportation has faced new safety risks. In particular, the emerging malicious attacks, such as false data injection attack, can mask the destruction of physical dynamic by tampering with information in layer to fool the current detection methods. Because of this reason, an adaptive unknown input observer-based detection and identification method is developed. Firstly, a physical dynamics model of vehicle networking system is established by considering the actual physical state. Considering the spoofing characteristics of false data injection attack, an unknown input observer-based detection method is proposed. Through the design of adaptive unknown input observer parameters, the detection performance, can be improved by cutting down the state estimation error. Compared with the UIO-based detection method, simulations demonstrate that the false positive rate can be reduced 0.1%. Based on the feature of state residuals that is not sensitive to the attacked ith residual, but sensitive to other residuals, a novel identification criterion is developed. At last, simulation experiments on the Matlab verify the performance of the proposed detection and identification algorithm in intelligent transportation system.

Keywords

Intelligent transportation detection and identification false data injection attack adaptive unknown input observer

Introduction

As the cornerstone of future transportation, intelligent transportation system effectively applies advanced science and technology to traffic service control, and strengthens the connection among vehicles, roads, and users.^1–3 As one of typical cyber-physical systems, intelligent transportation system can alleviate many traffic problems, such as traffic congestion, energy consumption, and environmental pollution.^4,5 However, the openness and intelligence of communication network make intelligent transportation system more vulnerable to malicious attacks.⁶ In particular, the emerging cyber-physical attacks on vehicle-to-vehicle communication can cause serious vehicle collisions. For instance, in 2019, a simulated cyber attack launched on Austin network shows the security risk on intelligent transportation system.⁷ In addition, a group of hackers can remotely attack a Tesla Model.⁸ For this reason, it is urgent to developing a novel detection and identification mechanism against cyber-physical attacks for intelligent transportation system.

In recent years, the safety of intelligent transportation system has been a hot issue concerned by scholars. There exist two kinds of approaches to ensure the traditional cyber networks security of intelligent transportation system, such as attack defense and attack detection.⁹ In Dibaei et al.,¹⁰ lots of available attack defense methods on intelligent transportation system consisting of lots of networking vehicle are investigated. To ensure the security of vehicular ad-hoc network, a two-factor lightweight privacy-preserving authentication defense method was developed.¹¹ In Tan et al.,¹² Tan et al. developed a novel defense method based on the authenticated key management protocol. Based on the differential game theory, an optimal defense strategy against Denial of service attack was developed.¹³ By using the resilient distributed observer and distributed adaptive controller, a novel distributed control scheme against Dos was proposed in Zhang et al.¹⁴ Fei et al. developed an attack-defense tree mode to deal with the advanced persistent threat attacks in Fei et al.¹⁵ In Deng et al.,¹⁶ a novel resilient practical cooperative output regulation control scheme against Dos was developed. Since the above defense methods are passive defense against intrusion attacks, it is difficult for them to respond the injected attacks quickly.

To respond the injected Denial of service attack timely, a data driven-based attack detection method was proposed.¹⁷ For detecting and mitigating the Denial of service attack (Dos), Haydari and Yilmaz¹⁸ developed a nonparametric statistical anomaly detection-based security mechanism. A novel prevention and detection method against FDIAs was proposed to protect the power network.¹⁹ In Wang et al.,²⁰ an extended Kalman filter-based detection and isolation method against cyber attack was proposed. To enhance the safety of vehicle networking system, a sliding mode observer-based real-time detection method was developed in Abdollahi Biron et al.²¹ Compared with the above Dos, the emerging FDIAs has a strong deceptive characteristics. By tampering with the information data in layer, FDIAs can mask the change of the physical system state.²² For this reason, the spoofing characteristics of FDIAs can fool the above security detection mechanisms. In Guo et al.,²³ Guo et al. analyzed the spoofing feature of FDIAs, and given the optimal attack strategy. In Kwon et al.,²⁴ three kinds of stealthy FDIAs were studied based on the ability of attackers. In Taylor et al.,²⁵ Taylor et al. studied the impact of FDIAs on the vehicular platoon that a hacker can inject false messages leading to a breakup of the vehicular system. Under limited sensor information, an AC state estimation (AC-SE) based coordinated cyber-physical attack was designed in Jena et al.²⁶ In a sum, the above works in Kwon et al.,²⁴ Taylor et al.,²⁵ and Jena et al.²⁶ have shown that the spoofing feature of FDIAs brings enormous challenge to the existing detection methods.

To detect the FDIAs timely, lots of research works have been devoted by scholars. A blockchain-integrated multi-agent deep reinforcement learning architecture was proposed to detect the malicious attacks in Raja et al.²⁷ In Karthikeyan and Usha,²⁸ a long short-term memory-based detection method was proposed to ensure the security of intelligent transportation. A novel reinforcement learning-based attack detection method was proposed in Li et al.²⁹ In Said et al.,³⁰ a machine Learning-based detection method against FDIAs on the electricity price of electric vehicles was proposed. Considering the vulnerability of traditional communication, a state estimation and control algorithm against FDIAs was developed.³¹ In Cabelin et al.,³² a machine learning-based detection and identification method against FDIAs was proposed. However, the above learning-based detection methods relay on the training of historical data. Thus, a physical dynamic model-based detection methods against FDIAs were proposed in Huang and Wang³³ and Yamamoto et al.³⁴ In Huang and Wang,³³ a robust state observer-based detection method against FDIAs was proposed. Yamamoto et al.³⁴ developed an UIO-based detection method against FDIAs in vehicle networking system based on a state residuals. Although the above detection works in Huang and Wang³³ and Yamamoto et al.³⁴ can reduce the complexity of attack detection, the accuracy of state estimation limits the detection performance of FDIAs. In addition, the existing detection works lack the research on the detection and identification of multiple attacks.

Motivated by the above problems, this paper develops an adaptive unknown input observer (AUIO)-based security method against FDIAs in intelligent transportation system. By considering the impact of FDIAs on the physical dynamics, a bank of parallel AUIOs are designed. Through the design of AUIOs parameters, the performance of state estimation errors can be improved. Based on the feature generated by AUIO, a novel detection and identification criterion is developed. The main contributions of this paper are listed as follow.

• An AUIOs-based detection method. Taking the change of physical dynamics into account, an AUIOs-based is proposed to address the problem that FDIAs can fool the Chi-square estimator. Compared with the existing method, the proposed detection method can improve the detection performance, such as false positive rate and state estimation error.

• A novel identification method against malicious attack. Through the design of AUIOs parameters, a bank of attack residuals can be obtained. Of noted, attack residuals are not sensitive to the attacked ith residuals, but sensitive to other residuals. Based on the above residual feature, a novel attack identification criterion is developed.

The framework of this paper is outlined as follows. Section II is the theory. The developed AUIO-based detection and identification framework against FDIAs is presented in Section III. Section IV, simulations are presented to demonstrate the performance of the developed method. Conclusion and discussion are given in Section V.

Theory

In this section, a physical dynamic vehicle networking system model is given. Then, the covert feature of FDIAs is shown. Finally, the addressing problem of this work is given.

Physical dynamic model of vehicle networking system

As shown in Figure 1, intelligent vehicle networking system consists of n vehicles, where each vehicle includes the measurement sensors and actuators. By monitoring the measured data, such as vehicle speed, acceleration and vehicle distance, the monitoring and control center can judge the running state of each intelligent vehicle. Then, the vehicle networking model can be established as follow.³⁵

Δ d (t) = d_{i} (t) - d_{i + 1} (t) - Γ - d_{d}

(1)

Δ v (t) = v_{i} (t) - v_{i + 1} (t)

(2)

Δ a (t) = a_{i} (t) - a_{i + 1} (t)

(3)

Figure 1.

Intelligent vehicle networking system.

By using equations (1)–(3), the physical dynamic model can be rewritten as

{\begin{matrix} \overset{\cdot}{x} (t) = Ax (t) + Bu (t) + M Ψ (t) \\ y (t) = Cx (t) \end{matrix}

(4)

where $x (t) = [\begin{matrix} Δ d (t) & Δ v (t) & Δ a (t) \end{matrix}]$ , $A = [\begin{matrix} 0 & 1 & 0 \\ 0 & 0 & 1 \\ 0 & 0 & 1 / ζ_{i} \end{matrix}]$ , $B = {[\begin{matrix} 0 & 0 & \frac{1}{ζ_{i}} \end{matrix}]}^{T}$ , $‖ Ψ (t) ‖ \leq τ$ is norm bounded, $M$ and $C$ denote the disturbance and measurement matrix with appropriate dimension, respectively.

Covert characteristics of FDIAs

As shown in Figure 2, data measurement and control center can monitor and control the running state of intelligent vehicle by communication channel. However, hackers can design FDIAs to tamper with the control data by stealing the communication information.

Figure 2.

Running state of vehicle networking system under FDIAs.

The designed FDIAs not only destroy the running sate of intelligent vehicles quickly, but also cheat the common Chi-square estimator-based detection method. According to Manandhar et al.,³⁶ the detection criterion is given as follows.

\begin{matrix} {\begin{matrix} | | R (t) | | = | | z (t) - Cx (t) | | < ι, normal \\ | | R (t) | | = | | z (t) - Cx (t) | | \geq ι, attack \end{matrix} \end{matrix}

(5)

Assumption 1. It is assumed that the topology information and the minimum number of sensors in vehicles system can be obtained by hackers.

Under Assumption 1, hackers can steal the relevant information of intelligent vehicle networking system. For this reason, the corresponding false data injection attack model can be modeled as follow.³³

f (t) = Θ x (t) + (1 - Θ) ϖ^{*}

(6)

with

ϖ^{*} (t + n) = ϖ^{*} (t) - \frac{ς^{(i + 1)}}{ℵ} ϖ

(7)

where $0 < Θ < 1$ , $ϖ = C Ω$ , $‖ ς ‖ \geq 1$ , $i \in (1, \dots, n - 1)$ $Ω$ is the eigenvector of system matrix A, $ℵ = max_{t = 0, \dots, n} ‖ z_{FDAI} (t) - z (t) ‖$ .

Then, the measurement residual can be described as.

\begin{matrix} | | R_{a} (t) | | = | | z_{a} (t) - C (\tilde{x} (t) + η) | | \\ = | | z (t) + f (t) - C (\tilde{x} (t) + η) | | \end{matrix}

(8)

When the attack sequence is designed as $f (t) = C η$ , one can obtain

\begin{matrix} | | R_{a} (t) | | = | | z (t) - Cx (t) | | \\ = | | R (t) | | < ι \end{matrix}

(9)

Obviously, the designed FDIAs can cheat the Chi-square estimator-based bad data detection method. Namely, hacker can change the running state of intelligent vehicle by injecting the above FDIAs without triggering the detection mechanism. Therefore, the detection and identification against FDIAs is urgent to ensure security of networking vehicle system.

Addressing problem

Taking the covert characteristics of FDIAs into account, this paper aims at developing a novel AUIOs-based detection and identification method based on the constructed dynamic model in equation (4) under FDIAs, that is,

{\begin{matrix} {\overset{\cdot}{x}}_{i} (t) = A x_{i} (t) + B u_{i} (t) + M Ψ_{i} (t) + f_{i} (t) \\ y_{i} (t) = C x_{i} (t) \end{matrix}

(10)

where $f (t)$ denotes the attack vector in equation (7).

Detection and identification framework against false data injection attacks

In this section, an AUIOs-based detection and identification method against FDIAs is developed. Based on the constructed physical dynamics model, a bank of parallel AUIOs are designed. Then, a novel detection and identification criterion is proposed, based on the feature of attack residuals.

Design of parallel adaptive unknown input observer

Through the physical dynamics model of vehicle networking system, the ith AUIO can be designed as.

{\begin{matrix} {\overset{\cdot}{z}}_{i} (t) = G z_{i} (t) + E B_{i} u (t) + E b_{i} {\hat{f}}_{i} (t) + L y_{i} (t) \\ {\hat{x}}_{i} (t) = z_{i} (t) + K y_{i} (t) \end{matrix}

(11)

where ${\hat{x}}_{i} (t)$ and $z_{i} (t)$ denote the estimated state and observer state, respectively, $B_{i} = B N_{i}$ $N_{i} = diag [κ_{1}, κ_{2}, \dots, κ_{n}]$ , $κ_{n} = 0 ~ 1$ , ${\hat{f}}_{i}$ is the estimated value of attack vector $f_{i}$ , $G$ , $E$ , $L$ , and $K$ are unknown input observer parameters to be designed.

Based on equations (10) and (11), the estimation error can be obtained as

\begin{matrix} {\overset{\cdot}{e}}_{i} (t) = (A - KCA - L_{1} C) e_{i} (t) + [(A - KCA - L_{1} C) - G] z_{i} (t) \\ + [(A - KCA - L_{1} C) K - L_{2}] y_{i} (t) + (I - KC) M Ψ (t) \\ + [(I - KC) B - E B_{i}] u (t) + (I - KC) {\hat{f}}_{i} - E b_{i} {\hat{f}}_{i} \end{matrix}

(12)

According to the work in Chen et al.,³⁷ the above observer parameters can be chosen as follow.

\begin{matrix} {\begin{matrix} A - KCA - L_{1} C = G \\ (I - KC) M = 0 \\ E = (I - KC) \\ L = L_{1} + L_{2} \\ L_{2} = GK \end{matrix} \end{matrix}

(13)

To ensure the convergence of the above estimation ${\hat{f}}_{i}$ , an adaptive law is designed as

\begin{matrix} {\begin{matrix} {\overset{\cdot}{\hat{f}}}_{i} (t) = ε_{i} r_{i}^{T} (t) QCE b_{i} \\ r_{i} (t) = C e_{i} (t) \end{matrix} \end{matrix}

(14)

where $ε_{i}$ denotes the adaptation rate, $Q$ is a symmetric positive matrix satisfying the following condition.

G^{T} Q + QG = - Λ

(15)

where $Λ$ is a symmetric positive matrix.

Before analyzing the stability of the designed AUIOs, the following Lemma is given.³⁸

Lemma 1. IF matrix $A$ is Hurwitz, the following linear system is globally stable. And there exist a symmetric positive matrix $Q$ , $ϕ (t)$ , and $μ_{b}$ satisfying the following conditions

[\begin{matrix} \overset{\cdot}{e} \\ \overset{\cdot}{ϑ} \end{matrix}] = [\begin{matrix} A & B \\ - α ϕ (t) C^{T} & 0 \end{matrix}] [\begin{matrix} e \\ ϑ \end{matrix}]

(16)

G^{T} Q + QG = - Λ

(17)

C = QB

(18)

μ_{b} I \leq \int_{t}^{t + t_{b}} ϕ (o) ϕ^{T} (o) do, \forall t \geq 0

(19)

To ensure the stability of the proposed AUIO, the Theorem 1 is given as follow.

Theorem 1. It is assumed that there exists the injected FDIAs on the ith intelligent vehicle, the proposed AUIO in equation (11) and adaptive algorithm in equation (14) can ensure the residual $r_{i}$ under FDIAs and estimation error of $ϕ_{i}$ converge exponentially.

Proof of theorem 1. A Lyapunov is chosen as follow.

V (r_{i}, ϕ_{i}) = \frac{1}{2} (r_{i}^{T} Q r_{i} + ϕ_{i}^{2} / α_{i})

(20)

Based on equation (11) and (13), the derivative of equation (20) can be obtained as

\begin{matrix} V (r_{i}, ϕ_{i}) = \frac{1}{2} ({\overset{\cdot}{r}}_{i}^{T} Q r_{i} + r_{i}^{T} Q {\overset{\cdot}{r}}_{i} + 2 ϕ_{i} {\overset{\cdot}{ϕ}}_{i} / α_{i}) \\ = \frac{1}{2} ({\overset{\cdot}{e}}_{i}^{T} C^{T} QC e_{i} + e_{i}^{T} C^{T} QC {\overset{\cdot}{e}}_{i} + 2 ϕ_{i} {\overset{\cdot}{ϕ}}_{i} / α_{i}) \\ = \frac{1}{2} ([e_{i}^{T} G^{T} + (E b_{i} ϕ_{i})] C^{T} QC e_{i} + e_{i}^{T} C^{T} QC (G e_{i} + E b_{i} ϕ_{i})) \\ + ϕ_{i} {\overset{\cdot}{ϕ}}_{i} / α_{i} \\ = \frac{1}{2} (e_{i}^{T} (G^{T} C^{T} QC + C^{T} QCG) e_{i} + 2 e_{i}^{T} C^{T} QCE b_{i} ϕ_{i}) \\ - ϕ_{i} {\overset{\cdot}{\hat{f}}}_{i} / α_{i} \end{matrix}

(21)

By using equation (14), equation (21) can be rewritten as.

V (r_{i}, ϕ_{i}) = \frac{1}{2} e_{i}^{T} (G^{T} C^{T} QC + C^{T} QCG) e_{i}

(22)

Since matrix $C$ is full rank, one can obtain $Q^{*} = C^{T} QC$ is a symmetric positive matrix. Based on equation (15), one can obtain.

V (r_{i}, ϕ_{i}) \leq 0

(23)

Based on equation (14), one can obtain

\begin{matrix} {\begin{matrix} {\overset{\cdot}{e}}_{i} = G e_{i} + E b_{i} ϕ_{i} \\ {\overset{\cdot}{ϕ}}_{i} = - α_{i} e_{i}^{T} C^{T} QCE b_{i} \end{matrix} \end{matrix}

(24)

By using the Lemma 1, one can find that the residual $r_{i}$ under FDIAs and of $ϕ_{i}$ tend to zero with an exponential convergence rate. □

Theorem 1 ensures that the developed AIUOs are stable and residual $r_{i}$ under FDIAs approaches zero. Namely, the ith AIUO will generate zero residual if the injected FDIAs occur on the ith intelligent network vehicle.

Detection and identification method against FDIAs

By using Theorem 1, one can obtain that the state estimation error on the ith intelligent network vehicle approaches zero. Then, the state estimation error on the jth intelligent network vehicle can be obtained as

{\overset{\cdot}{e}}_{j} (t) = G e_{j} (t) + E b_{j} (f_{j} - {\hat{f}}_{j}) + E b_{i} (f_{i} - {\hat{f}}_{i})

(25)

Defining

{\begin{matrix} χ_{1} = f_{j} - {\hat{f}}_{j} \\ χ_{2} = f_{i} - {\hat{f}}_{i} \end{matrix}

(26)

Then, we have

{\overset{\cdot}{e}}_{j} (t) = G e_{j} (t) + E (b_{j} χ_{1} + b_{i} χ_{2})

(27)

Equation (27) indicates that the estimation error ${\overset{\cdot}{e}}_{j} (t)$ approaches zero only when $χ_{1} = χ_{2} = 0$ . For this reason, we can find the feature of attack residuals under FDIAs as follows. Namely, when there exists a FDIA injected the ith intelligent network vehicle, the estimation error ${\overset{\cdot}{e}}_{i} (t)$ approaches zero. However, the estimation error ${\overset{\cdot}{e}}_{j} (t)$ does not approach zero. The detailed detection and identification process against FDIAs are summarized in Algorithm 1.

Algorithm 1: AUIOs-based detection and identification of FDIAs in vehicle networking system
1. Input: Construct the physical dynamics model of vehicle networking in equation (10); 2. Design a bank of the corresponding AUIOs in equation (11); 3. Compute the attack residuals generated by FDIAs in equations (24) and (25); 4. for Residuals of all the intelligent vehicles if $‖ e_{i} (t) ‖ < ι$ and $‖ e_{i} (t) ‖ < ι$ then No FDIAs; Else $‖ e_{i} (t) ‖ < ι$ and $‖ e_{j} (t) ‖ \geq ι$ There exist the injected FDIAs on the ith intelligent network vehicle; end if 5. end for 6. Output: The attacked networking vehicle.

Algorithm 1: AUIOs-based detection and identification of FDIAs in vehicle networking system

1. Input: Construct the physical dynamics model of vehicle
networking in equation (10);
2. Design a bank of the corresponding AUIOs in equation (11);
3. Compute the attack residuals generated by FDIAs in equations (24) and (25);
4. for Residuals of all the intelligent vehicles
if

‖ e_{i} (t) ‖ < ι

and

‖ e_{i} (t) ‖ < ι

then
No FDIAs;
Else

‖ e_{i} (t) ‖ < ι

and

‖ e_{j} (t) ‖ \geq ι

There exist the injected FDIAs on the ith intelligent network
vehicle;
end if
5. end for
6. Output: The attacked networking vehicle.

Assuming that there exist n the intelligent vehicles, the attack detection and identification process is given as follows.

Step 1: Based on the constructed physical model in equation (12), a bank of parallel AUIOs are designed.

Step 2: Based on generated attack residuals, one can judge whether there exist the injected FDIAs.

Step 3: If $‖ e_{i} (t) ‖ < ι$ and $‖ e_{j} (t) ‖ \geq ι$ , we can detect and identify the injected FDIA on the ith intelligent network vehicle. As shown in Figure 3, the flowchart of detection and identification process against FDIAs are presented.

Figure 3.

Flowchart of detection and identification process against FDIAs.

Guidelines for manuscript preparation

This section presents simulation experiments on intelligent transport including of six networking vehicles to verify the effectiveness of the developed detection and identification framework against FDIAs. It is assumed that the above intelligent vehicles including of cruise control system can drive longitudinally on the road in Figure 1. Simulation part parameters are given: $ζ_{i} = 0.25$ , $d_{d} = 3 m$ , $d_{i + 1} - d_{i} = 40 m$ , $v_{1} = 20 km / h$ , where the adaptive gains of each controller on the intelligent vehicle networking system are taken from.³³ Under the given related parameters, the following two situations are considered. Based on the works,³⁹ we can set the precomputed threshold to $3 τ$ .

Situation 1 is to consider the detection and identification of single FDIA injected on the intelligent vehicle networking system. Compared with the work in Huang and Wang³³ and Yamamoto et al.,³⁴ the attack detection performance against FDIAs can be improved.

Situation 2 is to show the effectiveness of the proposed detection and identification method against multiple FDIAs on the intelligent vehicle networking system.

Situation 1 effectiveness of the developed detection and identification method

Detection and identification of single continuous attack

Assuming that hacker can inject the single FDIA into the third intelligent vehicle at $t \geq 60 s$ , where the attack vector is given as Huang and Wang.³³ By using the proposed Algorithm 1, a bank of parallel AUIOs are designed. As shown in Figure 4, the corresponding change of attack residuals can be obtained.

Figure 4.

The change of attack residuals. (a) First vehicle, (b) second vehicle, (c) third vehicle, (d) fourth vehicle, (e) fifth vehicle, and (f) sixth vehicle.

Based on the above simulation results in Figure 4, one can find that only the attack residual does not exceed the precomputed threshold, namely, $‖ e_{3} (t) ‖ < ι$ at $t \geq 60 s$ , as shown in Figure 4(c). Meanwhile, the attack residuals of other vehicles all exceed the precomputed threshold, such as $‖ e_{i} (t) ‖ \geq ι, i = 1, 2, 4, 5, 6 .$ , at $t \geq 60 s$ as shown in Figure 4(a), (b) and (d) to (f). By using Algorithm 1, the injected FDIA into the third intelligent vehicle can be detected and identified.

Detection and identification of single intermittent attack

Assuming that hacker can inject the single FDIA into the second intelligent vehicle at $70 s \leq t \leq 100 s$ . By using the proposed Algorithm 1, a bank of parallel AUIOs are designed. As shown in Figure 5, the corresponding change of attack residuals can be obtained.

Figure 5.

The change of attack residuals. (a) First vehicle, (b) second vehicle, (c) third vehicle, (d) fourth vehicle, (e) fifth vehicle, and (f) sixth vehicle.

Based on the above simulation results, one can find that only the attack residual does not exceed the precomputed threshold, namely, $‖ e_{2} (t) ‖ < ι$ at $t = 70 s$ , as shown in Figure 5(b). Meanwhile, the attack residuals of other vehicles all exceed the precomputed threshold, such as $‖ e_{i} (t) ‖ \geq ι, i = 1, 3, 4, 5, 6 .$ , at $70 s \leq t \leq 100 s$ as shown in Figures 2 and 5(a). Based on the proposed Algorithm 1, the proposed method can quickly detect and identify the second vehicle attacked by FDIA at $70 s \leq t \leq 100 s$ .

Performance analysis of the developed detection and identification method

To verify the detection performance of the developed detection algorithm, a bank of robust state observers and adaptive unknown input observers can be designed to observe the running state. Then, the corresponding errors of state estimation can be obtained, as shown in Figure 6(a). It is obvious that the error of state estimation under adaptive unknown input observers is smaller than that under robust state observers. Compared with the UIO-based detection work in Huang and Wang³³ and Yamamoto et al.,³⁴ the performance of state estimation error can be shortened. Furthermore, the false positive rate under the precomputed threshold is used to evaluate the detection performance against FDIA, as shown in Figure 6(b). Obviously, the maximum false alarm rate can be reduced 1%. Meanwhile, the maximum detection rate can be enhanced 0.8%, as shown in Figure 6(c).

Figure 6.

The analysis of detection performance against FDIAs under two detection methods. (a) comparison of state estimation errors and (b) comparison of false positive rate and (c) comparison of detection rate.

In addition, we have investigated the relationship of detection rate and attack strength under different precomputed threshold, as shown in Figure 7. With the increase of attack strength, the detection rate against FDIAs is the highest when the precomputed threshold $ι$ is $3 τ$ .

Figure 7.

The analysis of detection rate and attack strength under different precomputed threshold.

Situation 2 detection and identification of multiple FDIAs injected

It is assumed that multiple FDIAs can be injected into the second, fourth and sixth intelligent vehicles at $t = 70 s$ , $t = 90 s$ , and $t = 110 s$ , respectively. Based on the developed Algorithm 1, a bank of parallel AUIOs are constructed. Then, a bank of attack residuals of all the vehicles can be obtained, as shown in Figure 8.

Figure 8.

The detection and identification results of multiple FDIAs. (a) First vehicle, (b) second vehicle, (c) third vehicle, (d) fourth vehicle, (e) fifth vehicle, and (f) sixth vehicle.

Obviously, one can find that the attack residual $e_{2} (t)$ has not exceed the precomputed threshold $ι$ , as shown in Figure 8(b). The simulation results in Figure 8(d) and (f) indicate that the attack residual $e_{4} (t)$ and $e_{6} (t)$ exceed the precomputed threshold at $70 s < t \leq 90 s$ and $70 s < t \leq 110 s$ , respectively. Meanwhile, the attack residuals of other vehicles $‖ e_{i} (t) ‖ \geq ι, i = 1, 3, 5,$ exceed the precomputed threshold $ι$ at $t > 70 s$ . By using the proposed Algorithm 1, one can obtain that attack residual $e_{2} (t)$ , $e_{4} (t)$ , and $e_{6} (t)$ does not exceed the precomputed threshold $ι$ at $t \leq 60 s$ . Then, we can judge that there exists FDIA on the second intelligent vehicle. Same as above, one can obtain that attack residual $e_{4} (t)$ and $e_{6} (t)$ are smaller than the precomputed threshold $ι$ at $t > 90 s$ , and $t > 110 s$ , respectively. Then, the corresponding FDIAs injected into the fourth and sixth intelligent vehicle can be detected and identified by using the proposed Algorithm 1.

Through simulations in Figure 8, one can find that the attack residual is insensitive to the attacked ith residual, but sensitive to other residuals. In other words, attack residual is insensitive to the attacked second residual, but sensitive to the ith (i = 1,3,4,5,6) residuals at $70 s < t \leq 90 s$ . Then, attack residual is insensitive to the attacked second and fourth residuals, but sensitive to the ith (i = 1,3,5,6) residuals at $90 s < t \leq 110 s$ . Similarly, attack residual is insensitive to the attacked second and fourth residuals, but sensitive to the ith (i = 1,3,5) residuals at $t \geq 110 s$ . Based on the above feature of attack residuals, the developed method can detect and identify the injected FDIAs effectively.

Conclusions and discussion

An AUIOs-based detection and identification method against FDIAs in intelligent vehicle networking system is proposed. Through the constructed physical dynamics model, an AUIOs-based detection method is developed. And the error of state estimation can be improved to reduce the false positive rate. Furthermore, a feature of attack residuals-based identification method against multiple FDIAs is proposed. Finally, the simulation results verify the performance of the proposed detection and identification method on the intelligent vehicle networking system.

This paper proposes a mode-based detection and identification method against FDIAs, there still exist lots of problems needed to further study as follows. (1) The effect of the uncertainty under the proposed detection method. (2) How to deal with the influence caused by communication delay. (3) How to detect and identify the mixed attacks, such as FDIAs and Dos.

Footnotes

Appendix

Acknowledgements

Thanks to the financial support provided by the National Natural Science Foundation of China (Nos. 61803154).

Author Contributions

Conceptualization, P.C. and J.P.; methodology, J.P; data curation, J.P; writing—original draft preparation, P.C; writing—review and editing, P.C and J.P.; visualization, P.C.; All authors have read and agreed to the published version of the manuscript.

Declaration of conflicting interests

The author(s) declared no potential conflicts of interest with respect to the research, authorship, and/or publication of this article.

Funding

The author(s) disclosed receipt of the following financial support for the research, authorship, and/or publication of this article: This work was supported in part by the National Natural Science Foundation of China under Grant 61803154

ORCID iD

PengFei Cheng

References

Alexander

Haley

Grant

. Cooperative intelligent transport systems: 5.9-GHz field trials. Proc IEEE 2011; 99(7): 1213–1235.

Festag

. Cooperative intelligent transport systems standards in Europe. IEEE Commun Mag 2014; 52(12): 166–172.

Zhu

Chen

, et al. Parallel transportation systems: toward IoT-enabled smart urban traffic control and management. IEEE Trans Intell Transp Syst 2020; 21(10): 4063–4071.

Zhu

Chen

, et al. Parallel transportation management and control system and its applications in building smart cities. IEEE Trans Intell Transp Syst 2016; 17(6): 1576–1585.

Gholamhosseinian

Seitz

. Vehicle classification in intelligent transport systems: an overview, methods and software perspective. IEEE Open J Intell Transp Syst 2021; 2: 173–194.

Chen

Liu

Wan

, et al. An edge traffic flow detection scheme based on deep learning in an intelligent transportation system. IEEE Trans Intell Transp Syst 2021; 22(3): 1840–1852.

Perrine

Levin

Yahia

, et al. Implications of traffic signal cybersecurity on potential deliberate traffic disruptions. Transp Res Part A Policy Pract 2019; 120: 58–70.

Sinai

Partush

Yadid

, et al. Exploiting social navigation. arXiv preprint arXiv:1410.0151. 2014.

Mercader

Haddad

. Resilient multivariable perimeter control of urban road networks under cyberattacks. Control Eng Pract 2021; 109: 104718.

10.

Dibaei

Zheng

Jiang

, et al. Attacks and defences on intelligent connected vehicles: a survey. Digit Commun Netw 2020; 6(4): 399–421.

11.

Wang

Zhang

, et al. 2FLIP: a two-factor lightweight privacy-preserving authentication scheme for VANET. IEEE Trans Vehicular Technol 2016; 65(2): 896–911.

12.

Tan

Labiod

, et al. A secure and authenticated key management protocol (SA-KMP) for vehicular networks. IEEE Trans Vehicular Technol 2016; 65(12): 9570–9584.

13.

Zhang

Jiang

Huang

, et al. Attack-defense differential game model for network defense strategy selection. IEEE Access 2019; 7: 50618–50629.

14.

Zhang

Deng

Feng

. Resilient cooperative output regulation for nonlinear multi-agent systems under DoS attacks. IEEE Trans Automat Contr. Epub ahead of print 21 June 2022. DOI: 10.1109/TAC.2022.3184388

15.

Fei

Ning

Jiang

. A quantifiable attack-defense trees model for APT attack. In: 2018 IEEE 3rd advanced information technology, electronic and automation control conference (IAEAC), 2018, pp. 2303–2306. New York: IEEE.

16.

Deng

Zhang

Feng

. Resilient practical cooperative output regulation for MASs with unknown switching exosystem dynamics under DoS attacks. Automatica 2022; 139: 110172.

17.

Malik

Akhunzada

Bibi

, et al. Security-aware data-driven intelligent transportation systems. IEEE Sens J 2021; 21(14): 15859–15866.

18.

Haydari

Yilmaz

. Real-time detection and mitigation of DDoS attacks in intelligent transportation systems. In: IEEE international conference on intelligent transportation systems, 2018. New York: IEEE.

19.

Das

Ghosh

Koley

. Prevention and detection of FDIA on power-network protection scheme using multiple support set. J Inf Secur Appl 2021; 63: 103054.

20.

Wang

Liu

Mihankhah

, et al. Detection and isolation of sensor attacks for autonomous vehicles: framework, algorithms, and validation. IEEE Trans Intell Transp Syst 2022; 23(7): 8247–8259.

21.

Abdollahi Biron

Dey

Pisu

. Real-time detection and estimation of denial of service attack in connected vehicle systems. IEEE Trans Intell Transp Syst 2018; 19: 3893–3902.

22.

Liu

Ning

Reiter

. False data injection attacks against state estimation in electric power grids. ACM Trans Inf Syst Secur 2011; 14(1): 1–33.

23.

Guo

Hao

. Optimal allocation of false data injection attacks for networked control systems with two communication channels. IEEE Trans Control Netw Syst 2021; 8(1): 2–14.

24.

Kwon

Liu

Hwang

. Security analysis for cyber-physical systems against stealthy deception attacks. In: 2013 American control conference (ACC), 2013. New York: IEEE.

25.

Taylor

Ahmad

Nguyen

, et al. Safety, stability and environmental impact of FDI attacks on vehicular platoons. In: NOMS 2022-2022 IEEE/IFIP network operations and management symposium, 2022, pp.1–6. New York: IEEE.

26.

Jena

Ghosh

Koley

, et al. Design of AC state estimation based cyber-physical attack for disrupting electricity market operation under limited sensor information. Elect Power Syst Res 2022; 205: 107732.

27.

Raja

Kottursamy

Dev

, et al. Blockchain-integrated multiagent deep reinforcement learning for securing cooperative adaptive cruise control. IEEE Trans Intell Transp Syst 2022; 23(7): 9630–9639.

28.

Karthikeyan

Usha

. Real-time DDoS flooding attack detection in intelligent transportation systems. Comput Electr Eng 2022; 101: 107995.

29.

Wang

, et al. LSTM-Based SQL injection detection method for intelligent transportation system. IEEE Trans Vehicular Technol 2019; 68(5): 4182–4191.

30.

Said

Elloumi

Khoukhi

. Cyber-attack on P2P energy transaction between connected electric vehicles: a false data injection detection based machine learning model. IEEE Access 2022; 10: 63640–63647.

31.

Rana

. IoT-based electric vehicle state estimation and control algorithms under cyber attacks. IEEE Internet Things J 2020; 7(2): 874–881.

32.

Cabelin

Alpano

Pedrasa

. SVM-based detection of false data injection in intelligent transportation system. In: 2021 international conference on information networking (ICOIN). 2021. New York: IEEE.

33.

Huang

Wang

. Detection and isolation of false data injection attack in intelligent transportation system via robust state observer. Processes 2022; 10: 1299.

34.

Yamamoto

Kuze

Ushio

. Attack detection and defense system using an unknown input observer for cooperative adaptive cruise control systems. IEEE Access 2021; 9: 148810–148820.

35.

van der Heijden

Dietzel

Leinmuller

, et al. Survey on misbehavior detection in cooperative intelligent transportation systems. IEEE Commun Surv Tutor 2019; 21: 779–811.

36.

Manandhar

Cao

, et al. Detection of faults and attacks including false data injection attack in smart grid using Kalman filter. IEEE Trans Control Netw Syst 2014; 1: 370–379.

37.

Chen

JIE

Patton

Zhang

. Design of unknown input observers and robust fault detection filters. Int J Control 1996; 63(1): 85–105.

38.

Loria

. Explicit convergence rates for MRAC-type systems. Automatica 2004; 40: 1465–1468.

39.

Dixon

Massey

. Introduction to statistical analysis. New York, NY: McGraw-Hill, 1969. Vol. 344.

Adaptive unknown input observer-based detection and identification method for intelligent transportation under malicious attack

Abstract

Keywords

Introduction

Theory

Physical dynamic model of vehicle networking system

Covert characteristics of FDIAs

Addressing problem

Detection and identification framework against false data injection attacks

Design of parallel adaptive unknown input observer

Detection and identification method against FDIAs

Guidelines for manuscript preparation

Situation 1 effectiveness of the developed detection and identification method

Detection and identification of single continuous attack

Detection and identification of single intermittent attack

Performance analysis of the developed detection and identification method

Situation 2 detection and identification of multiple FDIAs injected

Conclusions and discussion

Footnotes

Appendix

Acknowledgements

Author Contributions

Declaration of conflicting interests

Funding

ORCID iD

References