Researchers say a new type of attack on traffic algorithms can cause the network car to lie about the location and speed of the vehicle, thus posing a threat to smart cities and traffic conditions, such as causing serious traffic jams. The days when cars can communicate with each other (and cars can communicate with traffic lights, parking signs, guardrails, and even signs on the sidewalk) are quickly approaching. Driven by the goal of reducing traffic congestion and avoiding collisions, these systems have been introduced on the roads across the United States.
For example, the Intelligent Traffic Signal System, developed with the support of the US Department of Transportation, has been tested on public roads in Arizona and California and conducted in New York City and Tampa, Florida. More extensive deployment. The system allows vehicles to share real-time location and speed with traffic lights, and this information can be used to effectively optimize traffic time based on real-time traffic demand, dramatically reducing vehicle waiting time at intersections.
The research from the University of Michigan's RobustNet research team and the Michigan Transportation Laboratory focused on ensuring the security of these next-generation transportation systems from attacks. So far, they have found that they are actually relatively easy to be deceived. As long as one car is transmitting fake data, it will cause serious traffic jams, and several attacks and concurrent traffic may cause traffic in the entire area. Particularly worrying is that those researchers have found that the problem is not the underlying communication technology, but the algorithm used to manage traffic.
Misleading algorithm
In general, the algorithm is to receive a variety of input information—such as how many cars are in different locations near the intersection—and calculate output information that meets a specific target—such as minimizing traffic lights. Collective delay. Like most algorithms, the traffic control algorithm in the intelligent traffic signal system - the nickname "I-SIG" - assumes that the input information it receives is true. This is not a reliable assumption.
Hyundai's hardware and software can be modified by the car's diagnostic port or wireless connection to direct the car to transmit the wrong information. Those who want to destroy the I-SIG system can use this method to invade their car, drive the car to the target intersection, and then stop nearby.
Researchers have found that once a vehicle is parked near an intersection, an attacker can use the two loopholes in the algorithm that controls the traffic light to extend the time that a particular lane gets a green light—again, it will also extend the time that other lanes get red.
The first vulnerability discovered by researchers was called "the last vehicle advantage" and could be exploited to extend the green signal length. The algorithm monitors vehicles approaching an intersection, estimates the length of the vehicle fleet, and determines how long it takes for all vehicles to pass through the intersection. This logic helps the system to serve as many vehicles as possible in each round of traffic changes, but it can be abused. The attacker can instruct the vehicle to send an error report to the system that it is too late to join the vehicle fleet. The algorithm then keeps the attacked green light long enough for the non-existent car to pass - correspondingly, the red light in the other lanes takes much longer than the actual car on the road.
Researchers refer to the second vulnerability as "the curse of the transition period" or "the ghost car attack." "The I-SIG algorithm is built to cope with the fact that not all vehicles can communicate with each other." It uses the drive mode and information of the newer networked car to infer the real-time position and speed of old cars that do not support communication. Therefore, if a networked car reports that it is stopping far away from the intersection, the algorithm assumes that the vehicle fleet in front of the vehicle is very long. The system then assigns a long green light to that lane because it thinks the vehicle fleet is long, but it is not really long.
These attacks occur by having a car lie about its position and speed. This is very different from known cyber attack methods, such as injecting messages into unencrypted communications or allowing unauthorized users to log in to privileged accounts. Therefore, known protections against these attacks are useless for vehicles that misrepresent information.
The consequences of the algorithm being misled
The use of either of these two attack methods, or in conjunction with each other, allows an attacker to assign a green light that is too long for a lane with no or few vehicles, and a red light that is too long for the busiest lane. This will eventually lead to massive traffic jams.
This kind of attack against traffic lights may be just for fun, or for the benefit of the attacker. For example, imagine that someone adjusts the traffic light time of their lane in order to get faster commuting speed, and other drivers are delayed. Criminals may also try to quickly escape the crime scene or get rid of the chasing police car by attacking traffic lights.
Such attacks are even politically or economically dangerous: the conspiracy of the organization may damage the traffic light system at several key intersections in the city in order to demand a ransom. This is much more destructive and easier to escape than other methods of blocking intersections, such as parking in traffic.
Since this type of attack exploits the intelligent traffic control algorithm itself, repairing it requires joint efforts from the transportation and cybersecurity fields. This includes a major lesson to consider in this type of research: sensors that support interactive systems, such as those in the I-SIG system, are not entirely trustworthy. Before doing the calculations, the algorithm should try to verify the data they use. For example, traffic control systems can use other sensors—such as road sensors already in use nationwide—to check how many cars are on the road.
This is just the beginning of a researcher's research on new security issues in the future of intelligent transportation systems. They hope that this research will find loopholes in the future and find ways to protect roads and drivers.
Guangzhou Yuehang Audio Technology Co., Ltd , https://www.yhspeakers.com