簡易檢索 / 詳目顯示

研究生: 施芊羽
Chien-Yu Shih
論文名稱: 車載隨意行動網路之資安威脅與對策分析
Cybersecurity Threats and Countermeasures in VANETs
指導教授: 吳宗成
Tzong-Chen Wu
口試委員: 許建隆
Chien-Lung Hsu
黃正達
Cheng-Ta Huang
學位類別: 碩士
Master
系所名稱: 管理學院 - 資訊管理系
Department of Information Management
論文出版年: 2022
畢業學年度: 110
語文別: 中文
論文頁數: 70
中文關鍵詞: 車載隨意行動網路車聯網安全攻擊隱私數據信任零信任
外文關鍵詞: VANETs, Internet of Vehicle (IoV), Security, Attack, Privacy, Data trust, Zero Trust
相關次數: 點閱:368下載:11
分享至:
查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報
  • 近年來,在汽車產業轉型的發展下,從過去的物聯網將擴大至車聯網的環境,但未來在享受這些新興科技所帶來的便利性時,也將帶來一些威脅及挑戰。因此,本研究以車載隨意網路(Vehicular Ad-Hoc Network,簡稱VANETs)為主軸,深入探討在環境中所面臨的威脅,考量環境及車輛的高複雜度,包含車輛在區域控制網路(Controller Area Network,簡稱CAN)上面的網路威脅、軟體本身的安全性、數據信任問題及隱私問題等。在這個新興科技的發展下,使得威脅及攻擊層面擴大,都將影響駕駛及用路人的機密性、數據完整性、可用性及隱私等問題,其中在隱私的部分更備受人們關注。

    本論文基於VANETs環境中的數據安全及信任問題,提出基於角色及群管理之框架,及以數據為中心的合法且可信任框架,融入近年新興的零信任架構之概念,以確保數據的正確性與安全性,並提高訊息的信任程度。而所提出的框架亦符合零信任中最低安全要求、沒有隱式信任、持續身份驗證及監控、增強身份治理及始終驗證原則。


    Under the development of automobile transformation, the technology of the Internet of Things will expand to the internet of vehicles and form a network of vehicles environment in recent years. But in the future, while enjoying the convenient service, it will also bring some threats and challenges to our life. Therefore, this study takes VANETs(Vehicular Ad-Hoc Network)as the main axis, an in-depth discussion of the threats faced in this environment, considering the complexity of the network environment and the vehicles, including the network threat, CAN(Controller Area Network)system, software security, data trust, and the privacy issue. Under the development of this emerging technology, the threat and attack level is also expanded, which will affect drivers and road users, including confidentiality, data integrity, availability, and privacy, but the privacy issue is more of a concern.

    Based on the data security and trust issues in the VANETs environment, proposing a role and group management framework, and a data-centric legal and trustworthy frame-work, which integrates the concept of the emerging zero-trust architecture in recent years to ensure the data correctness and security, and increases the trust level of data. The pro-posed framework also complies with zero trust principles, includes minimum security requirements, no implicit trust, continuous authentication and monitoring, enhanced identity governance, and is always verified.

    摘要 I ABSTRACT II 誌謝 III 目錄 IV 圖目錄 V 表目錄 VI 第一章 緒論 1 1.1 研究背景與動機 1 1.2 研究目的 4 1.3 研究架構 6 第二章 文獻探討 8 2.1 VANETS的數據信任 8 2.2 VANETS的隱私保護 11 2.3 零信任架構 14 第三章 資安威脅分析 17 3.1 VANETS的基本資安需求分析 17 3.2 VANETS基礎網路架構之威脅與分析 21 3.3 車載系統軟硬體之威脅與分析 26 3.4 VANETS的攻擊種類 28 3.5 數據隱私之威脅與分析 31 第四章 資安威脅對策與建議 34 4.1 技術面的安全對策與建議 34 4.2 隱私面的對策與建議 39 4.3 車載隨意行動網路之信任框架 46 第五章 結論與未來研究方向 53 5.1 結論 53 5.2 未來研究方向 55 第六章 參考文獻 57

    [1] A. Bhargava, S. Verma, B. K. Chaurasia, and G. S. Tomar, “Computational trust model for internet of vehicles,” In 2017 Conference on Information and Communication Technology (CICT), IEEE, 2017, pp. 1-5.
    [2] A. Cavoukian, “Privacy by design: The 7 foundational principles. Information and privacy commissioner of Ontario,” 2009.
    [3] A. Dorri, M. Steger, S. S. Kanhere, and R. Jurdak, “Blockchain: A distributed solution to automotive security and privacy,” IEEE Communications Magazine, 2017, pp. 119-125.
    [4] A. Kerman, M. Souppaya, P. Grayeli, and S. Symington, “Implementing a Zero Trust Architecture, ” NIST SPECIAL PUBLICATION 1800-35A, https://www.nccoe.nist.gov/sites/default/files/2022-06/zta-nist-sp-1800-35a-preliminary-draft.pdf, 2022.
    [5] A. Perrig, and J. D. Tygar, “TESLA broadcast authentication,” In Secure Broadcast Communication, Springer, Boston, MA, 2003, pp. 29-53.
    [6] A. Pfitzmann, and M. Köhntopp, “Anonymity, unobservability, and pseudonymity—a proposal for terminology,” In Designing privacy enhancing technologies, Springer, Berlin, Heidelberg, 2001, pp. 1-9.
    [7] AUTO-ISAC. “Our Living, Function-based approaches help manage vehicle cyber risk,” https://automotiveisac.com/best-practices, 2016.
    [8] B. Niu, Q. Li, X. Zhu, G. Cao, and H. Li, “Achieving k-anonymity in privacy-aware location-based services,” In IEEE INFOCOM 2014-IEEE conference on computer communications, 2014, pp. 754-762.
    [9] B. P. Knijnenburg, X. Page, P. Wisniewski, H. R. Lipford, N. Proferes, and J. Romano, “Modern Socio-Technical Perspectives on Privacy,” Springer Nature, 2022.
    [10] C. BasuMallick. “OWASP Top 10 Vulnerabilities in 2022,” Spiceworks, https://www.spiceworks.com/it-security/vulnerability-management/articles/owasp-top-ten-vulnerabilities/, 2022.
    [11] C. Buck, C. Olenberger, A. Schweizer, F. Völter, and T. Eymann, “Never trust, always verify: A multivocal literature review on current knowledge and research gaps of zero-trust,” Computers and Security, 2021.
    [12] C. M. Chen, B. Xiang, Y. Liu, and K. H Wang, “A secure authentication protocol for internet of vehicles,” IEEE Access, 2019, pp. 12047-12057.
    [13] D. Yang, X. Fang, and G. Xue, “Truthful incentive mechanisms for k-anonymity location privacy,” In 2013 Proceedings IEEE INFOCOM, IEEE, 2013, pp. 2994-3002.
    [14] E. Juliussen, “Automotive Cybersecurity: More Than In–Vehicle and Cloud,” EETimes, https://www.eetimes.com/automotive-cybersecurity-more-than-in-vehicle-and-cloud/, 2022.
    [15] EETimes, “Vulnerability Disclosure Programs Need to Get Organized,” https://www.eetimes.com/vulnerability-disclosure-programs-need-to-get-organized/, 2021.
    [16] G. Calandriello, P. Papadimitratos, J. P. Hubaux, and A. Lioy, “Efficient and robust pseudonymous authentication in VANET,” In Proceedings of the fourth ACM international workshop on Vehicular ad hoc networks, 2007, pp. 19-28.
    [17] General Data Protection Regulation(GDPR), “Intersoft consulting,” https://gdpr-info.eu/, 2016.
    [18] H. Hasrouny, A. E. Samhat, C. Bassil, and A. Laouiti, “VANet security challenges and solutions: A survey,” Vehicular Communications, 2017, pp. 7-20.
    [19] H. M. Song, H. R. Kim, and H. K Kim, “Intrusion detection system based on the analysis of time intervals of CAN messages for in-vehicle network,” In 2016 international conference on information networking (ICOIN), IEEE, 2016, pp. 63-68.
    [20] H. Tokuda, M. Beigl, A. Friday, A. B. Brush, and Y. Tobe, “Pervasive 2009,” Pervasive Computing: 7th International Conference, Vol. 5538, Springer, 2009.
    [21] H. Zhou, W. Xu, J. Chen, and W. Wang, “Evolutionary V2X technologies toward the Internet of vehicles: Challenges and opportunities,” Proceedings of the IEEE, 2020, pp. 308-323.
    [22] I. Ali, A. Hassan, and F. Li, “Authentication and privacy schemes for vehicular ad hoc networks (VANETs): A survey,” Vehicular Communications, 2019, pp. 45-61.
    [23] I. García-Magariño, S. Sendra, R. Lacuesta, and J. Lloret, “Security in vehicles with IoT by prioritization rules, vehicle certificates, and trust management,” IEEE Internet of Things Journal, 2018, pp. 5927-5934.
    [24] Infopulse, “How to Ensure Automotive Cybersecurity in the Next-Gen Vehicles [Part 2],” https://www.infopulse.com/blog/how-to-ensure-automotive-cybersecurity-in-the-next-gen-vehicles-part-ii, 2022.
    [25] Infopulse, “How To Ensure Automotive Cybersecurity In The Next-Gen Vehicles [Part-1],” https://www.infopulse.com/blog/how-to-ensure-automotive-cybersecurity-in-the-next-gen-vehicles-part-1, 2022.
    [26] J. Chen, K. He, Q. Yuan, M. Chen, R. Du, and Y. Xiang, “Blind filtering at third parties: An efficient privacy-preserving framework for location-based services,” IEEE Transactions on Mobile Computing, 2018, pp. 2524-2535.
    [27] J. Contreras-Castillo, S. Zeadally, and J. A. Guerrero-Ibañez, “Internet of vehicles: architecture, protocols, and security,” IEEE internet of things Journal, 2017, pp. 3701-3709.
    [28] J. Guo, J. P. Baugh, and S. Wang, “A group signature based secure and privacy-preserving vehicular communication framework,” In 2007 Mobile Networking for Vehicular Environments, IEEE, 2007, pp. 103-108.
    [29] J. Rowley, “The wisdom hierarchy: representations of the DIKW hierarchy,” Journal of information science, 2007, pp. 163-180.
    [30] J. Zhang, “A survey on trust management for vanets,” In 2011 IEEE International Conference on Advanced Information Networking and Applications, 2011, pp. 105-112.
    [31] J. Zhou, Z. Cao, Z. Qin, X. Dong, and K. Ren, “LPPA: Lightweight privacy-preserving authentication from efficient multi-key secure outsourced computation for location-based services in VANETs,” IEEE Transactions on Information Forensics and Security, 2019, pp. 420-434.
    [32] K. Peretti, K. Hanniford, and L. Taubin. “Maryland Amends Data Breach and Reasonable Security Requirements,” Alstonprivacy, https://www.alstonprivacy.com/maryland-amends-data-breach-and-reasonable-security-requirements/, 2022.
    [33] K. Sanzaro, and Y. Zhao. “CPPA Formal Rulemaking Began on July 8, 2022,” Alstonprivacy, https://www.alstonprivacy.com/cppa-formal-rulemaking-began-on-july-8-2022/, 2022.
    [34] L. Buttyán, T. Holczer, and I. Vajda, “On the effectiveness of changing pseudonyms to provide location privacy in VANETs,” In European Workshop on Security in Ad-hoc and Sensor Networks. Springer, Berlin, Heidelberg, 2007, pp. 129-141.
    [35] M. Arif, G.Wang, M. Z. A. Bhuiyan, T. Wang, and J. Chen, “A survey on security attacks in VANETs: Communication, applications and challenges,” Vehicular Communications, Vol. 19, 2019, pp. 1-36.
    [36] M. Bozdal, M. Samie, S. Aslam, and I. Jennions, “Evaluation of can bus security challenges,” Sensors, 2020.
    [37] M. C. Chuang, and J. F. Lee, “TEAM: Trust-extended authentication mechanism for vehicular ad hoc networks,” IEEE systems journal, 2013, pp. 749-758.
    [38] M. N. Mejri, J. Ben-Othman, and M. Hamdi, “Survey on VANET security challenges and possible cryptographic solutions,” Vehicular Communications, 2014, pp. 53-66.
    [39] M. Raya, P. Papadimitratos, V. D. Gligor, and J. P. Hubaux, “On data-centric trust establishment in ephemeral ad hoc networks,” In IEEE INFOCOM 2008-The 27th Conference on Computer Communications, 2008, pp. 1238-1246.
    [40] M. S. Al-Kahtani, “Survey on security attacks in vehicular ad hoc networks (VANETs), ” In 2012 6th international conference on signal processing and communication systems, IEEE, 2012, pp. 1-9.
    [41] M. Samaniego, and R. Deters, “Zero-trust hierarchical management in IoT,” In 2018 IEEE international congress on Internet of Things (ICIOT), 2018, pp. 88-95.
    [42] O. Burkacky, J. Deichmann, G. Doll, and C. Knochenhauer, “Rethinking car software and electronics architecture,” McKinsey and Company, 2018.
    [43] P. Golle, D. Greene, and J. Staddon, “Detecting and correcting malicious data in VANETs,” In Proceedings of the 1st ACM international workshop on Vehicular ad hoc networks, 2004, pp. 29-37.
    [44] R. G. Engoulou, M. Bellaïche, S. Pierre, and A. Quintero, “VANET security surveys,” Computer Communications, 2014, pp. 1-13.
    [45] R. Lu, X. Lin, T. H. Luan, X. Liang, and X. Shen, “Pseudonym changing at social spots: An effective strategy for location privacy in VANETs,” IEEE transactions on vehicular technology, 2011, pp. 86-96.
    [46] R. Yu, J. Kang, X. Huang, S. Xie, Y. Zhang, and S. Gjessing, “MixGroup: Accumulative pseudonym exchanging for location privacy enhancement in vehicular social networks,” IEEE Transactions on Dependable and Secure Computing, 2015, pp. 93-105.
    [47] S. F. Lokman, A. T. Othman, and M. H. Abu-Bakar, “Intrusion detection system for automotive Controller Area Network (CAN) bus system: a review,” EURASIP Journal on Wireless Communications and Networking, 2019, pp. 1-17.
    [48] S. Halder, A. Ghosal, and M.Conti, “Secure over-the-air software updates in connected vehicles: A survey,” Computer Networks, 2020.
    [49] S. Rose, O. Borchert, S. Mitchell, S. Connelly. “Zero Trust Architecture. NIST Special Publication 800-207,” NIST, https://doi.org/10.6028/NIST.SP.800-207, 2020.
    [50] S. S. Manvi, and S. Tangade, “A survey on authentication schemes in VANETs for secured communication,” Vehicular Communications, 2017, pp. 19-30.
    [51] S. Teerakanok, T. Uehara, and A. Inomata, “Migrating to zero trust architecture: reviews and challenges,” Security and Communication Networks, 2021.
    [52] S. Zhang, G. Wang, M. Z. A. Bhuiyan, and Q. Liu, “A dual privacy preserving scheme in continuous location-based services,” IEEE Internet of Things Journal, 2018, pp. 4191-4200.
    [53] Spiceworks, “Why Cyber Insurance Should Be a Part of Your Cybersecurity Strategy, ” https://www.spiceworks.com/it-security/cyber-risk-management/guest-article/why-cyber-insurance-should-be-a-part-of-your-cybersecurity-strategy/, 2021.
    [54] Trinity. “Why SOTIF (ISO/PAS 21448) is the key to autonomous driving safety,” https://www.trinitytec.net/cn/blog-43, 2022.
    [55] U. F. Minhas, J. Zhang, T. Tran, and R. Cohen, “Towards expanded trust management for agents in vehicular ad-hoc networks,” International Journal of Computational Intelligence Theory and Practice, Vol. 5, 2010, pp. 3-15.
    [56] U. Rajput, F. Abbas, and H. Oh, “A hierarchical privacy preserving pseudonymous authentication protocol for VANET,” IEEE Access, 2016, pp. 7770-7784.
    [57] U. Schneider, “ISO/SAE 21434 - The Standard for Security in Connected Cars,” https://doi.org/10.1007/s38311-021-0786-3, 2022.
    [58] W. Chen, Y. Chen, X. Chen, and Z. Zheng, “Toward secure data sharing for the IoV: A quality-driven incentive mechanism with on-chain and off-chain guarantees,” IEEE Internet of Things Journal, 2019, pp. 1625-1640.
    [59] W. Yong-hao, “A trust management model for internet of vehicles,” In Proceedings of the 2020 4th International Conference on Cryptography, Security and Privacy, 2020, pp. 136-140.
    [60] Y. Zhang, M. Chen, N. Guizani, D. Wu, and V. C. Leung, “SOVCAN: Safety-oriented vehicular controller area network,” IEEE Communications Magazine, 2017, pp. 94-99.

    QR CODE