국립중앙도서관 "우편 복사 서비스"로 연결 됩니다.
Our daily lives are getting more and more dependent on connected and autonomous vehicles (CAVs) than ever. With the evolution of connectivity and computerized automotive technology, in-vehicle infotainment (IVI) systems have become a central component...
다국어 입력
あ
ぁ
か
が
さ
ざ
た
だ
な
は
ば
ぱ
ま
や
ゃ
ら
わ
ゎ
ん
い
ぃ
き
ぎ
し
じ
ち
ぢ
に
ひ
び
ぴ
み
り
う
ぅ
く
ぐ
す
ず
つ
づ
っ
ぬ
ふ
ぶ
ぷ
む
ゆ
ゅ
る
え
ぇ
け
げ
せ
ぜ
て
で
ね
へ
べ
ぺ
め
れ
お
ぉ
こ
ご
そ
ぞ
と
ど
の
ほ
ぼ
ぽ
も
よ
ょ
ろ
を
ア
ァ
カ
サ
ザ
タ
ダ
ナ
ハ
バ
パ
マ
ヤ
ャ
ラ
ワ
ヮ
ン
イ
ィ
キ
ギ
シ
ジ
チ
ヂ
ニ
ヒ
ビ
ピ
ミ
リ
ウ
ゥ
ク
グ
ス
ズ
ツ
ヅ
ッ
ヌ
フ
ブ
プ
ム
ユ
ュ
ル
エ
ェ
ケ
ゲ
セ
ゼ
テ
デ
ヘ
ベ
ペ
メ
レ
オ
ォ
コ
ゴ
ソ
ゾ
ト
ド
ノ
ホ
ボ
ポ
モ
ヨ
ョ
ロ
ヲ
―
http://chineseinput.net/에서 pinyin(병음)방식으로 중국어를 변환할 수 있습니다.
변환된 중국어를 복사하여 사용하시면 됩니다.
예시)
- 中文 을 입력하시려면 zhongwen을 입력하시고 space를누르시면됩니다.
- 北京 을 입력하시려면 beijing을 입력하시고 space를 누르시면 됩니다.
А
Б
В
Г
Д
Е
Ё
Ж
З
И
Й
К
Л
М
Н
О
П
Р
С
Т
У
Ф
Х
Ц
Ч
Ш
Щ
Ъ
Ы
Ь
Э
Ю
Я
а
б
в
г
д
е
ё
ж
з
и
й
к
л
м
н
о
п
р
с
т
у
ф
х
ц
ч
ш
щ
ъ
ы
ь
э
ю
я
′
″
℃
Å
¢
£
¥
¤
℉
‰
$
%
F
₩
㎕
㎖
㎗
ℓ
㎘
㏄
㎣
㎤
㎥
㎦
㎙
㎚
㎛
㎜
㎝
㎞
㎟
㎠
㎡
㎢
㏊
㎍
㎎
㎏
㏏
㎈
㎉
㏈
㎧
㎨
㎰
㎱
㎲
㎳
㎴
㎵
㎶
㎷
㎸
㎹
㎀
㎁
㎂
㎃
㎄
㎺
㎻
㎽
㎾
㎿
㎐
㎑
㎒
㎓
㎔
Ω
㏀
㏁
㎊
㎋
㎌
㏖
㏅
㎭
㎮
㎯
㏛
㎩
㎪
㎫
㎬
㏝
㏐
㏓
㏃
㏉
㏜
㏆
RISS 인기검색어
https://www.riss.kr/link?id=T16653393
- 저자
-
발행사항
서울 : 고려대학교 정보보호대학원, 2023
-
학위논문사항
학위논문(박사) -- 고려대학교 정보보호대학원 , 정보보호학과 , 2023. 2
-
발행연도
2023
-
작성언어
영어
- 주제어
-
발행국(도시)
서울
-
형태사항
117 p ; 26 cm
-
일반주기명
지도교수: 김휘강
-
UCI식별코드
I804:11009-000000270504
- DOI식별코드
-
소장기관
- 고려대학교 도서관
- 고려대학교 도서관
-
0
상세조회 -
0
다운로드
부가정보
다국어 초록 (Multilingual Abstract)
Our daily lives are getting more and more dependent on connected and autonomous vehicles (CAVs) than ever. With the evolution of connectivity and computerized automotive technology, in-vehicle infotainment (IVI) systems have become a central component of CAVs. The IVI system plays an important role in the way drivers interact with state-of-the-art vehicles to navigate, utilize convenient features, adjust autonomous driving features, and so on. A CAV is equipped with high-definition sensors to establish a perception of adjacent objects. Automotive Ethernet was proposed to replace legacy in-vehicle network technology and deal with high bandwidth in-vehicle communications.
This dissertation focuses on two essential components to protect CAVs from network attacks. First, IEEE 1722 Audio/Video Transport Protocol (AVTP) is considered. IEEE 1722 is one of the crucial protocols to establish time-sensitive networking required by vehicular applications. I unveil that the protocol is exposed to packet injection attacks. To detect the attacks, I consider a convolutional neural network-based intrusion detection model. The proposed model is designed to calculate packet-by-packet anomaly scores. The experimental result shows outstanding performance—F1-score and recall are .9704 and .9949, respectively. Considering the limited computational resource of CAV, the model is designed as lightweight as possible while keeping the detection performance higher.
Second, I consider an infotainment system powered by Automotive Grade Linux (AGL). Some commercialized vehicles have already suffered from zero-day attacks. Nevertheless, I have identified three new critical vulnerabilities and reported the corresponding CVEs. In addition, I confirmed two vulnerabilities inherited from the other domain. I provided mitigation strategies to enhance the security of the IVI system on Automotive Grade Linux. The impact and the consequences of infotainment system hacking follow in this dissertation, including command injection attacks and privacy/privacy-identifiable information leakage.
To mitigate cyberattacks against CAVs, I propose guidelines for an intrusion prevention system (IPS) for connected vehicles. The guidelines are motivated by software-defined networking technologies. It allows a remote intrusion detection system to examine statistics of Ethernet-based in-vehicle networks. The IPS can block suspicious flows so CAVs can keep moving safely.
This dissertation focuses on two essential components to protect CAVs from network attacks. First, IEEE 1722 Audio/Video Transport Protocol (AVTP) is considered. IEEE 1722 is one of the crucial protocols to establish time-sensitive networking required by vehicular applications. I unveil that the protocol is exposed to packet injection attacks. To detect the attacks, I consider a convolutional neural network-based intrusion detection model. The proposed model is designed to calculate packet-by-packet anomaly scores. The experimental result shows outstanding performance—F1-score and recall are .9704 and .9949, respectively. Considering the limited computational resource of CAV, the model is designed as lightweight as possible while keeping the detection performance higher.
Second, I consider an infotainment system powered by Automotive Grade Linux (AGL). Some commercialized vehicles have already suffered from zero-day attacks. Nevertheless, I have identified three new critical vulnerabilities and reported the corresponding CVEs. In addition, I confirmed two vulnerabilities inherited from the other domain. I provided mitigation strategies to enhance the security of the IVI system on Automotive Grade Linux. The impact and the consequences of infotainment system hacking follow in this dissertation, including command injection attacks and privacy/privacy-identifiable information leakage.
To mitigate cyberattacks against CAVs, I propose guidelines for an intrusion prevention system (IPS) for connected vehicles. The guidelines are motivated by software-defined networking technologies. It allows a remote intrusion detection system to examine statistics of Ethernet-based in-vehicle networks. The IPS can block suspicious flows so CAVs can keep moving safely.
Our daily lives are getting more and more dependent on connected and autonomous vehicles (CAVs) than ever. With the evolution of connectivity and computerized automotive technology, in-vehicle infotainment (IVI) systems have become a central component of CAVs. The IVI system plays an important role in the way drivers interact with state-of-the-art vehicles to navigate, utilize convenient features, adjust autonomous driving features, and so on. A CAV is equipped with high-definition sensors to establish a perception of adjacent objects. Automotive Ethernet was proposed to replace legacy in-vehicle network technology and deal with high bandwidth in-vehicle communications.
This dissertation focuses on two essential components to protect CAVs from network attacks. First, IEEE 1722 Audio/Video Transport Protocol (AVTP) is considered. IEEE 1722 is one of the crucial protocols to establish time-sensitive networking required by vehicular applications. I unveil that the protocol is exposed to packet injection attacks. To detect the attacks, I consider a convolutional neural network-based intrusion detection model. The proposed model is designed to calculate packet-by-packet anomaly scores. The experimental result shows outstanding performance—F1-score and recall are .9704 and .9949, respectively. Considering the limited computational resource of CAV, the model is designed as lightweight as possible while keeping the detection performance higher.
Second, I consider an infotainment system powered by Automotive Grade Linux (AGL). Some commercialized vehicles have already suffered from zero-day attacks. Nevertheless, I have identified three new critical vulnerabilities and reported the corresponding CVEs. In addition, I confirmed two vulnerabilities inherited from the other domain. I provided mitigation strategies to enhance the security of the IVI system on Automotive Grade Linux. The impact and the consequences of infotainment system hacking follow in this dissertation, including command injection attacks and privacy/privacy-identifiable information leakage.
To mitigate cyberattacks against CAVs, I propose guidelines for an intrusion prevention system (IPS) for connected vehicles. The guidelines are motivated by software-defined networking technologies. It allows a remote intrusion detection system to examine statistics of Ethernet-based in-vehicle networks. The IPS can block suspicious flows so CAVs can keep moving safely.
목차 (Table of Contents)
- 1. Introduction 1
- 2. Intrusion detection system for automotive Ethernet 4
- 2.1 Preliminaries 6
- 2.1.1 Background of emerging automotive Ethernet 6
- 2.1.2 Automotive Ethernet and IEEE 1722 6
- 1. Introduction 1
- 2. Intrusion detection system for automotive Ethernet 4
- 2.1 Preliminaries 6
- 2.1.1 Background of emerging automotive Ethernet 6
- 2.1.2 Automotive Ethernet and IEEE 1722 6
- 2.2 Threats in automotive Ethernet 8
- 2.3 System design 11
- 2.3.1 AVB packets 12
- 2.3.2 Adversary 13
- 2.3.3 Payload observations 14
- 2.3.4 Feature generator 17
- 2.3.5 CNN-based intrusion detection model 19
- 2.4 Experiment 20
- 2.4.1 Environment 20
- 2.4.2 AVTP intrusion dataset 21
- 2.4.3 Evaluation metrics 21
- 2.4.4 Choosing an optimal window size 22
- 2.4.5 Experiment results 23
- 2.4.6 Toward real-time detection 27
- 2.4.7 Intrusion detection without labels 29
- 2.5 Discussion 33
- 2.5.1 Dataset 33
- 2.5.2 Limitations 34
- 2.5.3 Remediation strategies 35
- 2.6 Related work 36
- 3 Understanding the Impact and Implications of In-Vehicle Infotainment System Hacking with Automotive Grade Linux 38
- 3.1 Background 41
- 3.1.1 In-Vehicle Infotainment System 41
- 3.1.2 Related Work: Offensive Security Research against IVI Systems 43
- 3.1.3 Necessary and Scope 45
- 3.2 IVI System Hacking Competition 46
- 3.2.1 Experiment Testbed 47
- 3.2.2 Automotive Grade Linux 48
- 3.2.3 Competition Design 51
- 3.3 Evaluation 53
- 3.3.1 Vulnerability 54
- 3.3.2 Impact 58
- 3.3.3 Target Component 63
- 3.4 Implications of IVI System Hacking 64
- 3.4.1 Car Accident 65
- 3.4.2 Privacy and PII Leakage 65
- 3.4.3 Financial Damage 66
- 3.5 Discussion 67
- 3.5.1 Lessons Learned 67
- 3.5.2 Limitation 69
- 4 Intrusion prevention system for connected vehicles 70
- 4.1 Architecture of intrusion prevention system 71
- 4.1.1 Overview 71
- 4.1.2 Topological structure of an in-vehicle network 72
- 4.1.3 In-vehicle programmable switch 73
- 4.1.4 External intrusion detection system in the detection plane 76
- 4.2 External intrusion detection system 77
- 4.2.1 Remote detection 77
- 4.2.2 Collaborative detection 78
- 4.3 Implementation guidelines for intrusion prevention systems 79
- 4.3.1 Overall procedure for the intrusion prevention system 79
- 4.3.2 Methodology of intrusion detection in an intrusion prevention system 80
- 4.3.3 Methodologies of intrusion prevention 84
- 4.3.4 Secure implementation of an intrusion prevention system 85
- 4.4 Use-case scenario 87
- 4.4.1 Secure in-vehicle firmware upgrade procedure 87
- 4.4.2 Incident response for connected vehicles 89
- 5 Conclusion 91
- References 93
- Appendix A. Automotive Ethernet Intrusion Dataset 100
- Appendix B. Vulnerabilities 102
- B.1 CVE-2022-24595 102
- B.2 CVE-2022-24596 103
- B.3 CVE-2022-24597 103
분석정보
연관 공개강의(KOCW)
이 자료와 함께 이용한 RISS 자료
나만을 위한 추천자료
